What’s New?

• Introducing Dark Mode in Plesk for when you want to rest your eyes in a low-light environment. Dark Mode can be enabled by clicking the ‘crescent’ icon in the upper corner of the screen.

  Note: Dark Mode in Plesk uses cookies and works on per session basis.

• We are glad to introduce the Sophos Anti-Virus for Servers extension. The extension supports Plesk for Linux, including ARM-based servers. Here’s how it helps to protect you from malicious emails:

  • Scans incoming and outgoing mail.
  • Scans all archive and compressed archive file formats.
  • Scans file formats that contain an executable stub that automatically decompresses the body of the file.
  • Rejects malicious and potentially dangerous e-mail messages.
  • Features CX-Mail, a context-aware setting that enables more aggressive detection rules specifically designed for email traffic.
  • Automatically updates virus signatures.

  We would love to hear your feedback about this extension at feedback@plesk.com.

• We are glad to introduce the production version of the SOGo Webmail extension. Added the following improvements to the extension:

  • It is now possible to customize the service configuration templates.
  • The SOGo database is now backed up daily.
  • The extension has been translated into 32 languages.

• We are glad to introduce the beta version of the DNS integration for Cloudflare extension. The extension automates the provisioning of DNS records from Plesk to Cloudflare, simplifying this routine to a couple of clicks.

  • Connect your existing Cloudflare account to Plesk.
  • Import DNS records from Cloudflare to Plesk.
  • Export DNS records from Plesk to Cloudflare both manually and automatically.

  We would love to hear your feedback about this extension at beta-extensions@plesk.com.

• The Website Log Check is no longer in beta. Learn more about Website Log Check. To enable the feature, add the following lines to the panel.ini file:

  [websitesDiagnostic]
  enabled = true
  

• We are glad to introduce the result of our research into the possibility to deploy a high-availability Plesk cluster using two new features:

  • Centralized database, which is no longer in beta as of this Plesk release.
  • Centralized storage based on NFS. Learn how to configure centralized DB and storage

  We built a proof-of-concept high-availability Plesk cluster with active and passive nodes. Read the step by step guide and testing result for such a cluster.

  We would love to hear your feedback about these features and the high-availability cluster on the Plesk forum.

• Added the ability to recalculate disk space and traffic usage data for individual domains to the Plesk interface.

Feature Improvements

• Classic list view has been updated to appear and function more closely to Dynamic list view, and also renamed to “Dynamic list view - show websites on a separate page”. If you used Classic list view in the past, “Dynamic list view - show websites on a separate page” should provide a similar, but improved experience.
• Made a number of improvements to Dynamic list view:
  • Updated the layout of the list of hosted domains in Dynamic list view to make it easier to tell domains from subdomains and to make managing large numbers of domains easier in Dynamic list view.
  • Added the ability to search for domains to Dynamic list view.
  • Updated the Dynamic list view tour to highlight the changes and improvements made to Dynamic list view in Plesk Obsidian 18.0.51.
  • Changed the icon of the “View on a separate page” button for better legibility, and also added a “Copy domain name” button in Dynamic list view.
  • Added the Install application button in the Dynamic list view, under “Dev Tools”. Clicking it opens a drawer from which you can install web applications, such as Laravel, Node.js, and Ruby, on your domain. The list of available applications depends on what extensions are installed in Plesk.
• Reworked the mail service options for individual domains. The available options are now “the domain can both send and receive email”, “the domain can send, but not receive email”, and “the domain can neither send nor receive email”. Selecting the latter option also removes all existing mailboxes for the domain together with all incoming and outgoing mail.
• Updated the links on Plesk error pages to avoid confusion.
• To bring Plesk in line with the evolving industry-standard vocabulary, the following changes were made to the terms used in Plesk:
  • “Master DNS server/zone” > “Primary DNS server/zone”
  • “Slave DNS server/zone” > “Secondary DNS server/zone”
• Illustrations in Plesk have been redone in a unified style for consistency, visual integrity, and emotional response based on our target audience opinions and identified by tests.
• Requests from the Plesk Screenshot Service to websites hosted in Plesk are now marked by the custom “Plesk screenshot bot” User-Agent header.
• Plesk Premium Antivirus has been converted from a Plesk component to an extension.

Fixed Product Issues

• Updated the default DMARC DNS TXT record to make it RFC compliant. (PPPM-13892)
• Restoring from a backup stored in remote FTP storage now fails with an error instead of hanging indefinitely if the backup is invalid. (PPPM-13925)
• Information about the availability of WP Toolkit Deluxe for the installed Plesk license can now be found in Tools & Settings > License Information. (PPP-60387)
• It is now again possible to retrieve the list of all hosted databases via the REST API “databases” endpoint. (PPPM-13917)
• Removed email forwarding addresses no longer reappear after restoring from a backup. (PPPM-13862)
• It is now possible to create certificate signing requests with key sizes other than 1024 and 2048 bits via the RPC API. (PPPM-13918)

Linux

• Removing PHP 8 via Plesk Installer no longer results in an error when browsing Tools & Settings > PHP Settings. (PPPM-13850)
• Websites using PHP 8.1 and 8.2 with the PHP-FPM handler no longer randomly throw “HTTP 503 Service Unavailable” errors due to the handler process experiencing a segmentation fault. (PPPM-13872)
• Enabling debug logging in Plesk no longer makes the Plesk GUI inaccessible with the “HTTP 502 Bad Gateway” error. (PPPM-13885)
• Entering a custom TTL value for a PTR record in Plesk DNS settings now results in the custom value correctly taking effect. (PPPM-13776)
• Running the plesk repair all -y or plesk sbin fsmng --fix-plesk-packages commands on a Plesk server with the Imunify360 extension installed and the default OS locale changed no longer fails with the “ERROR:’ascii’ codec can’t decode byte 0xc5 in position 1934: ordinal not in range(128)” error. (PPPM-13860)
• Running the plesk repair mail command on a Plesk server using Postfix as the mail server no longer enables the mail service if it was intentionally disabled. (PPPM-13859)
• Websites using PHP 8.1 and 8.2 with OPcache enabled no longer randomly throw “HTTP 503 Service Unavailable” errors due to child processes terminating themselves unexpectedly. (PPPM-13876)
• On Plesk servers using Postfix as the mail server, securing mail with a TLS/SSL certificate may fail if multiple different end of line sequences (for example, both “\r\n” and “\n”) are used in the certificate body. (PPPM-13887)
• Running the plesk repair installation command on a Plesk server with phpMyAdmin installed no longer breaks phpMyAdmin configuration. (PPPM-13902)
• Watchdog will now monitor the correct ploop device after host node reboot if Plesk is installed in an OpenVZ 7/Virtuozzo 7 container. (PPP-57361)

Windows

• Removing all registered database servers from Tools & Settings > Database servers no longer makes it impossible to add new ones. (PPPM-13893)
• It is now again possible to change a website’s document root directory via the RPC API. (PPPM-13915)
• Exporting a database to PDF in phpMyAdmin no longer fails with the “HTTP 500 Server Error” error. (PPPM-13823)

Future Plans

• In the nearest future, we plan to switch PHP used by Plesk to PHP 8.2. This is because security support for PHP 8.0 will end in November 2023. If you are running any custom extensions, you will need to update them to support PHP 8.2 to avoid potential issues.

  This change is currently scheduled to take place with the release of Plesk Obsidian 18.0.53 (early June 2023).

• In the nearest future, we plan to stop shipping MyLittleAdmin with Plesk. This is because MyLittleAdmin is not in active development, and has known security issues. Instead, Plesk will provide links to downloadable clients and instructions on how to connect the client to the Plesk server.

  This change is currently scheduled to take place with the release of Plesk Obsidian 18.0.53 (early June 2023).

Changes in Third-Party Components

• Updated PHP 8.0 used by Plesk to version 8.0.28.

Linux

• Webalizer can now be installed on servers running Red Hat Enterprise Linux 8 and its derivatives.
• Updated phpMyAdmin to version 5.2.1.

Windows

• Updated Git to version 2.39.2.
• Updated BIND to version 9.16.38.
• Updated OpenSSL used by Plesk and Plesk Installer to version 1.1.1t.
• Updated ASP.NET Core 7.0 to version 7.0.3.
• Updated ASP.NET Core 6.0 to version 6.0.14.
• Updated Node.js 18 to version 18.14.1.
• Updated Node.js 16 to version 16.19.1.

Fixed Product Issues

• Backing up to FTP storage no longer fails with the “Curl error: (28) Timeout was reached” error when FTPS mode is enabled. (PPPM-13895)

Fixed Product Issues

• Creating a custom button with the “#” character in place of the URL no longer results in the Plesk interface becoming unavailable. (PPPM-13878)
• Fixed the issue with checkboxes’ alignment on multiple Plesk screens. (PPPM-13884)
• Accessing the Plesk interface on an unstable network connection no longer results in intermittent HTTP 500 errors. (PPP-59897, PPP-59956)

Linux

• Trying to manage greylisting settings via the plesk bin grey_listing CLI utility no longer fails with the “array_keys(): Argument #1 ($array) must be of type array, null given” error. (PPP-60083)
• Enabling the Plesk debug mode no longer results in the Plesk interface becoming unavailable with the HTTP 502 error. (PPPM-13885)
• Enabling the “Enable nginx caching” option no longer breaks the Plesk UI layout. (PPPM-13884)

What’s New?

We are glad to release the anniversary version Plesk Obsidian 18.0.50. To all our customers, we thank you for your loyalty!

We have prepared a small gift for you. Are you intrigued? Follow the cat paw prints in Tools & Settings > About Plesk (under “Plesk”).

• Added support for queue workers to the Laravel Toolkit extension. Laravel website owners can now manage queue jobs out of the box: schedule, monitor, remove, rerun, and so on.

  To enable queues in your Laravel project, follow the instructions.

• Customers can now create database users on the default server and servers where they already have databases (even if customers do not have the “Database server selection” permission).
• Introduced the new SSL It! main screen, which offers a bird’s view of all domains, installed certificates (if any), the certificates’ expiration dates, and certificate authorities. It is now also possible to filter domains by status (valid, expired, self-signed, and so on) and certificate authority.

• In the Git extension, added the ability to select users who can access a local repository via HTTP/HTTPS.

  Previously, only the system user had access to all repositories in a subscription. You can now select additional users when creating a local repository or changing the settings of an existing one. These users can pull and push to a local repository via HTTP/HTTPS using their credentials.

• The Git extension now correctly handles moving domains between subscriptions and places the Git directory to the appropriate subscription afterward.

  Note Moving domains between subscriptions changes the plesk-git directory password because it must be synced with the subscription’s system user password.

• Due to increased phishing attacks, creating websites with publicly resolvable temporary domain names is available only for paid licenses from now on.

Windows

• Microsoft SQL Server 2022 is now fully supported. Plesk can now detect Microsoft SQL Server 2022 installed locally and allows to create and manage user databases. It is now also possible to do the following:
  • Use Microsoft SQL Server 2022 as a remote database server.
  • Install Microsoft SQL Server 2022 locally using Plesk Installer.
  • Import and export Microsoft SQL Server 2022 databases via the Plesk interface.

Feature Improvements

• New domains now sign outgoing mail with DKIM. This improvement protects against email spoofing.

  DKIM helps to verify that an email was indeed sent from the domain and no one tampered with the email content in transit. Previously, DKIM was not enabled by default for domains. Spoofed email messages with ‘From address’ forged to display a Plesk domain could pass DKIM and DMARC validation and were not filtered. New domains now have the “Use DKIM spam protection system to sign outgoing email messages” option selected by default.

  Note: This improvement works only for new domains that have their DNS and mail hosting in Plesk.

• New domains now use the DMARC quarantine policy by default. This improvement protects outgoing mail against email spoofing.

  The DMARC policy defines how the receiver should treat email messages depending on the results of DKIM and SPF checks. The new default DMARC policy (v=DMARC1; adkim=s; aspf=s; p=quarantine) strictly enables DKIM and SPF checks. Emails that do not pass these checks are now put in quarantine (moved to the spam folder or flagged as suspicious).

  Note: This improvement works only for new domains that have their DNS and mail hosting in Plesk.

• When migrating to a server with a Plesk Web Admin license installed or installing the license, the previous subscription limits are now ignored and treated as unlimited.
• Decluttered Dynamic List view and made it easier to navigate through multiple domains:
  • Introduced icons for no-hosting domain types (alias, forwarding, no hosting).
  • Removed the “Type” column.
• Plesk now better handles domains with modern applications installed (for example, Laravel, .NET, and Node.js) while moving the domains between subscriptions.
• SSL It! now shows recommended extensions and TLS versions in the “Settings” drawer.
• Significantly improved backup performance for backups stored in the FTP storage: backup upload speed is now ~1.6 times faster, while CPU load decreased by a factor of two.

Linux

• It is now possible to use Atomic Standard and Atomic Advanced ModSecurity rule sets in Plesk on RHEL 8, CloudLinux 8, AlmaLinux 8, and Rocky Linux 8. To enable these rule sets, add the following lines to the panel.ini file:

  [modSecurity]
  ruleSet.tortix = true ; enables the Atomic Standard rule set
  ruleSet.atomic = true ; enables the Atomic Advanced rule set
  

Deprecated and Removed Items

• VPS Optimized has been deprecated and will be removed in Plesk Obsidian 18.0.51. Learn more.

Fixed Product Issues

• Customers can now access the administrative interface of applications installed via APS Catalog. (PPPM-13842)
• Improved the error message shown when Plesk cannot define the server hostname while creating a server backup. (PPPM-13814)
• The “Scheduled Tasks” model dialog box now correctly shows special characters. (PPPM-13817)
• The “Scheduled Tasks” model dialog box now again has the scroll bar and the “Close” button. (PPPM-13820)
• Dynamic List view now shows favicons set up with the “Favicon by RealFaviconGenerator” WordPress plugin. (PPP-59576)

Linux

• It is now possible to add the listen.backlog PHP-FPM setting in the Plesk interface. (PPPM-11945)
• It is now possible to reset password using the Plesk username. (PPPM-13839)
• It is now possible to use custom PHP-FPM handlers with a systemd unit in /etc/systemd/system/. (PPPM-11570)
• The text in Tools & Settings > Database Servers (under “Applications & Databases”) > Settings no longer misleads users about remote access support of PostgreSQL. (PPPM-13718)
• Changing the interface language of Plesk no longer resets that of the Horde webmail to the default English language. (PPPM-13828)
• Fixed the help of the Plesk Firewall command line utility. (PPPM-13833)
• Backup Manager can now be opened without any issues in Plesk with a large number of customers (more than 995). (PPPM-13845)

Changes in Third-Party Components

• Updated PHP 8.0 used by Plesk to version 8.0.27.

Windows

• Node.js 18.12.1 is now supported and shipped with Plesk.
• Updated MailEnable Standard to version 10.43.
• Updated ASP.NET Core 7.0 to version 7.0.2.
• Updated ASP.NET Core 6.0 to version 6.0.13.
• Dropped support for ASP.NET Core 3.1, which reached end of life.
• Updated Git to version 2.39.1.

Linux

• Trying to open Tools & Settings > Interface Management on a Plesk Obsidian server with no mail server installed no longer results in the “500 GraphQL Permission denied” error. (PPPM-13849)
• After updating to the latest Plesk Obsidian version, the Plesk daily task no longer erases ModSecurity configuration when it runs. (PPPM-13843)

• Updating to Plesk Obsidian 18.0.49 no longer causes social login buttons to disappear from the login page. (PPP-59460)

• We are glad to introduce the beta version of the SOGo Webmail extension. SOGo is a groupware server that provides a rich AJAX-based Web interface and offers your users a uniform and complete interface to access their information.

• Website favicons are now shown next to website names in Plesk to make it easier to tell them apart. To disable this feature, add the following lines to the panel.ini file:

      [domainManagement]
      settings.favicons = false
  

  If no favicon can be found for a website, Plesk automatically generates an icon from the first letter(s) of the domain’s name.

• It is now possible to add and remove DNS records in a DNS zone via REST API.
• In Dynamic list, for every user session and individual domain, Plesk now keeps open the tab (“Dashboard”, “Hosting & DNS”, “Mail”) that was last selected manually during the session instead of always reverting to the “Dashboard” tab.

• When adding a new domain, the “IPv6 address” field can now be prefilled with an IPv6 address. The feature is disabled by default. To enable it, add the following lines to the panel.ini file:

      [domainManagement]
      settings.autoSelectIpv6 = on
  

• Removed the distracting illustrations that accompanied the “Add Domain” wizard to help you focus on the task at hand.
• Removing all records from the DNS zone records template no longer results in the “Add Record” button disappearing from the UI. (PPPM-13783)
• The daily maintenance task no longer runs indefinitely without terminating under specific circumstances. (PPPM-13808)
• Trying to reset a Plesk administrator’s password via the “Forgot Your Password?” link now results in an email being sent with instructions on resetting the password. (PPPM-12977)
• It is no longer possible to change a website’s document root to a directory whose name contains one or more white space characters via XML-RPC. (PPPM-13777)
• Moving a domain between subscriptions no longer results in the domain’s databases becoming unassigned. (PPPM-13780)
• After uploading one or more files and/or directories using the “upload via URL” option in File Manager, the screen is now refreshed so that the uploaded files and/or directories can be shown. (PPPM-13787)
• Updating Plesk if the admin/conf/templates/custom directory exists on the server but is empty no longer results in a misleading error message being shown. (PPPM-13806)

Linux

• Added the ability to run Plesk with a centralized database. The feature is currently in Beta.

• Added the ability to install extensions for PHP 7.3 and later handlers using PECL. You can manage PHP extensions in Tools & Settings > PHP Settings > choose the desired handler > Manage PECL Packages.

  To disable this feature, add the following lines to the panel.ini file:

      [php]
      pecl.enabled = off
  

• You can now install ionCube PHP Loader for PHP 8.1 and later using PHP extensions installer.

• Using NFS shares to store hosted websites’ vhost directories is now supported. To enable this feature, add the following lines to the panel.ini file:

      [webserver]
      syncModeOnRemoveConfiguration = true
  

• The list of domains in Plesk no longer takes an excessive amount of time to load. (PPPM-13804)
• Creating a backup of the Plesk server no longer fails under specific conditions. (PPPM-13765)
• On Debian-based OS, removing the “PHP by OS vendor” component via Plesk Installer no longer results in the /var/lib/php/sessions directory being removed. (PPPM-13781)
• On Red Hat Enterprise Linux 9, certain CLI utilities no longer fail due to incorrect OS detection. (PPPM-13794)
• Removing a subscription should no longer result in errors and inconsistencies in the Plesk database if one or more processes owned by the subscription’s system user are running at the moment of removal. (PPPM-13811)
• Installing the “Comodo (free)” ModSecurity rule set via the CLI no longer fails with the “modsecurity_ctl failed: Failed to download comodo rule set” error. (PPPM-13792)
• Updating Plesk if the default Plesk directory is a symlink to a different directory should no longer cause issues under specific circumstances. (PPP-59354)

Windows

• SpamAssassin no longer creates its temporary files in the C:\Windows\Temp directory instead of the proper one. (PPPM-13782)
• When editing a TXT record in the DNS zone records template, it is no longer necessary to manually select “TXT” from the “Record type” drop-down list. (PPPM-13784)
• Adding a TXT record to the DNS zone records template no longer fails with the “Field value.type of required type DnsRecordTypeEnum! was not provided” error. (PPPM-13785)
• Changing the maximum message size in SpamAssassin using the plesk bin spamassassin CLI utility no longer fails. (PPPM-13793)
• Clicking Refresh on the Tools & Settings > Server Components screen now results in the list of installed components being updated as intended. (PPPM-13797)
• The “System Health Monitor” service no longer fails if Google Drive for desktop is installed on the server. (PPPM-13800)
• Specifying port 465 in Tools & Settings > External SMTP Server no longer makes resetting a user’s password via the “Forgot Your Password?” link fail. (PPPM-12755)

Third-Party Component Updates

• Marked PHP 7.4 as outdated because it has reached end of life and removed it from the “Recommended” preset.

Linux

• Roundcube 1.5.x and later now runs on PHP 8.0.

Windows

• .NET 7.0 is now supported.
• Updated ASP.NET Core 7.0 to version 7.0.1.
• Updated ASP.NET Core 6.0 to version 6.0.12.
• Updated ASP.NET Core 3.1 to version 3.1.32.
• Updated PHP 7.4 to version 7.4.33.
• Updated PHP used by Plesk to version 7.4.33.
• Updated Node.js to version 16.18.1.
• Updated OpenSSL used by Plesk and Plesk Installer to version 1.1.1s.

• Enhanced the Help menu to make it easier to find Help articles. It is now possible to browse them by categories and search for them directly from the Plesk interface.
• Added the “Access to Laravel Toolkit” and “Access to .Net Toolkit” permissions to service plans. The respective permissions allow customers to use Laravel Toolkit and .Net Toolkit for their websites.
• The Plesk Repair feature in the UI (“Repair All” in Tools & Settings > Diagnose & Repair) and the CLI (plesk repair web) now repairs all websites without making all of them unavailable. Only the website with issues goes offline until it is repaired.
• A custom sender address no longer blocks Plesk notifications from being delivered to certain mail servers (for example, Amazon Simple Email Service). (PPPM-13719)
• It is now possible to change custom email addresses of recipients for Plesk automatic email notifications. (PPPM-13769)
• Backup restoration no longer fails because of a big configuration file of an extension (more than 10 MB) contained in a backup. (PPPM-13707)
• It is no longer possible to create an additional administrator password that will not work because it contains unsupported characters. (PPPM-13756)
• Plesk again prevents the administrator from removing the only NS record from the DNS zone when DNS is disabled. (PPPM-13774)
• Domain Log Browser no longer crashes if the passenger.log file of a domain is too big (200 MB or more). (PPPM-13698)
• If a reseller does not have the “Hosting settings management” permission, creating an add-on domain for the customer’s subscription no longer unsyncs it. (PPPM-12083)
• Help us to make Dynamic List view better by sharing your thoughts in this survey.

Linux

• Added support for AlmaLinux 9 and Red Hat Enterprise Linux 9.

• The Plesk administrator can now install PECL extensions for Plesk and system PHP handlers via the CLI. To see the exact commands, run plesk bin php_handler –-help.

  Note: It is possible to install only those extensions that do not require additional dependencies and are not already provided by Plesk or system packages of the OS vendor.

• Dropped support for Ubuntu 20.04 LTS on the ARM architecture. You can use Ubuntu 22.04 LTS instead.
• Updating Plesk on Cloud images from Ubuntu 20.04 to Ubuntu 22.04 LTS. The update will take place gradually after release 18.0.48.
• It is now possible to update Plesk even if some repositories are unavailable. Plesk Update Manager detects and can ignore broken repositories if they are not essential for Plesk to work.
• Removing a PHP handler used by a website no longer blocks users from managing PHP settings. Plesk now also informs about the broken PHP handler on the “PHP settings” screen of the affected domain, in Tools & Settings > PHP settings, and via Plesk UI notifications.
• In Fail2ban, it is now possible to add descriptions to trusted IP addresses.
• Security improvements. Special thanks to Patrick William (rack911labs.ca) for reporting the issues.
• The -drop-if-exists option of the plesk bin ipmanage --auto-remap command can now reuse IP addresses that already exist in the Plesk database. (PPPM-13467)
• Manual remapping to IP addresses that already exist with a different netmask in the Plesk database no longer fails with an integrity constraint error. (PPPM-13506)
• Improved how Plesk syncs the spam filter sensitivity value between the Plesk database and the UI:
  • The UI does not show the default value if it is missing from the database.
  • The plesk repair mail utility sets the default value in both the database and the UI. (PPPM-7118)
• Plesk no longer fails to secure mail with an SSL/TLS certificate if the default locale is changed and the Postfix configuration file contains UTF-8 characters. (PPPM-13743)
• Plesk Installer no longer shows a warning about the missing amazon-id plugin if it is not installed. (PPPM-13760)
• Plesk no longer fails to create a PostgreSQL database if the database name and database user name differ only by a prefix (for example, test and prefix_test respectively). (PPPM-13768)
• Improved the “terminate called without an active exception” error message shown when, under certain circumstances, installation of an application package fails. (PPPM-13730)
• Plesk logs no longer contain multiple Sanitizer errors that could appear after a Plesk license key was updated. (PPPM-13762)
• Plesk Firewall now shows a warning that enabling the firewall or applying its changes will overwrite firewall rules added manually via iptables. (PPPM-12190)
• Backing up can no longer fail with the ‘Document is empty, line 1, column 1 (, line 1)’ and ‘None (line 0)’ errors. (PPPM-13765)

Windows

• Installing the Kaspersky Anti-Virus SDK component (former Kaspersky Anti-Virus) now also automatically installs the Kaspersky Anti-Virus for Servers extension. This change helps to avoid confusing UX when the antivirus tab is not shown in the mailbox menu because the component is installed while the extension is not. (PPPM-13753)

Third-Party Component Updates

• Updated PHP used by Plesk to version 7.4.32.
• Updated OWASP ModSecurity CRS to version 3.3.4.

Linux

• Updated ModSecurity 3.0 to version 3.0.8.
• Updated ModSecurity 2.9 to version 2.9.6.

Windows

• Updated Node.js 16 to version 16.17.1.
• Updated MailEnable Standard to version 10.42.
• Updated ASP.NET Core 6.0 to version 6.0.10.
• Updated ASP.NET Core 3.1 to version 3.1.30.
• Updated BIND to version 9.16.33.
• Updated zlib to version 1.2.13.

• DNS events are now logged correctly again. (PPPM-13766)

• Now Plesk Backup Manager can again open a server backup that has customers or resellers with names that contain non-ASCII characters. (PPPM-13757)

Windows

• Running the plesk repair fs -plesk-files-consistency command no longer results in the “There are corrupted files in plesk-python3-package.list” error. (PPPM-13758)
• It is now again possible to open Plesk Backup Manager under an administrator account and get the list of server backups via PMMCli. (PPPM-13754)

Linux

• Custom favicons are no longer reset to the default ones after upgrading Plesk to version 18.0.47. (PPPM-13749)

• Creation of a remote backup with the enabled “Create a multivolume backup, volume size (MB)” option no longer results in the “Error: The backup process failed: expected str, bytes or os.PathLike object, not int” error. (PPPM-13739)

• WordPress Toolkit now works correctly with all locales. (PPPM-13735)

Linux

• Creation of a domain backup no longer fails when the “Exclude log files” or “Exclude specific files from the backup” options are enabled. (PPPM-13733)

• When using the Laravel Toolkit extension, the “Install Composer.json dependencies” step during application deployment is now optional and can be skipped.
• Added the ability to integrate Plesk with different webmail clients to the Plesk SDK.
• Security improvements. Special thanks to Theologos Kokkinellis for reporting the issue.
• Added the ability to see entries from .NET applications’ logs in Plesk Log Viewer to the .NET Toolkit extension.
• After renaming a subscription, the subscription’s old name no longer keeps showing up in Laravel Toolkit. (PPP-57840)
• Plesk database inconsistencies no longer result in a blank page when clicking on a subscription. (PPP-58132)
• When opening the “Limit Outgoing Messages” window for one or more mailboxes, human-readable text is now shown instead of placeholders. (PPPM-13669)
• Trying to open the Tools & Settings > Database Servers page when there are inconsistencies in the Plesk database no longer results in being redirected to the Home page without an error message. (PPPM-13685)
• In Service Provider View, it is once again possible to close the “Add Domain” drawer by clicking the cross icon in the upper right corner. (PPPM-13706)
• It is now possible to see the log check results for more than ten websites at once when using the “Website Log Check” feature. (PPPM-13684)
• Custom page titles containing the hyphen (-) character are no longer cropped. (PPPM-12271)
• Plesk has changed its trial license limits on September 27. All trial licenses created after that date will be limited to managing three (or less) of the following: domains, domain aliases, mailboxes, mail accounts, user accounts, and web users. You can purchase non-trial Plesk licenses without these limitations.

Linux

• Plesk Obsidian is now available as a cloud image on the Oracle Cloud Marketplace. The image is based on Ubuntu 22 and uses the ARM CPU architecture to lower hosting costs.
• Published a new Plesk Obsidian cloud image on Amazon Marketplace. The image is based on Ubuntu 22 and uses the ARM CPU architecture to lower hosting costs.
• On CentOS 8 servers, creating an additional FTP account for a domain no longer results in incorrect ownership being set on the domain’s files and directories. (PPPM-12524)
• The “Default domain, DNS zone of domain alias updated” Event Manager event no longer fires when the DNS zone of the primary domain is modified, but the option “Synchronize DNS zone with the primary domain” for that domain’s alias is switched off. (PPPM-13646)
• Running the plesk repair mail -y command no longer adds unnecessary entries to the data.db file. (PPPM-13693)
• Updating from Plesk Onyx to Plesk Obsidian no longer fails with the “Exception: Failed to solve dependencies” error because one or more necessary repositories are not configured. (PPPM-10923)
• Installing Plesk Obsidian on a Red Hat Enterprise Linux 8 server using Amazon RHUI repositories no longer fails with the “Failed to check system configuration” error. (PPPM-12538)
• Opening Log Browser no longer results in an endless “loading” screen under specific circumstances. (PPPM-13697)
• Specifying a custom sender address for Plesk email notifications in the panel.ini file is now correctly used in notification emails. (PPPM-13686)
• A comprehensible error message is now shown when updating Plesk fails because there are one or more unsupported repositories configured on the server. (PPPM-13716)
• On Debian-based servers, the fsmng command line utility no longer fails when run. (PPPM-13691)
• On Ubuntu 22 servers, enabling the pagespeed module via the plesk sbin nginx_modules_ctl -e pagespeed command no longer results in an error. (PPPM-13699)
• Applying changes made to the SOA template no longer also applies the default DNS template to domains with custom DNS records. (PPPM-12685)
• When adding one or more custom headers to a website, the trailing double quote (“) character is no longer removed. (PPPM-13695)
• On Ubuntu 22 servers, connecting to websites over SSL/TLS via PHP code no longer fails with the “OpenSSL Error messages: error:0A000126:SSL routines::unexpected eof while reading” error. (PPPM-13710)
• When creating a domain with mail service or adding mail service to a domain, mail service creation no longer fails with the “ERROR:main:UNIQUE constraint failed” error. (PPPM-12229)

• Installing Plesk with MariaDB 10.6 inside a Virtuozzo container no longer fails. (PPPM-13640)

  **Note:** Plesk Obsidian is installed inside a Virtuozzo container with MariaDB 10.3. To use a different MySQL implementation, pre-install it before installing Plesk.
  

• When updating to Plesk Obsidian 18.0.46, the awstats-icon alias is now correctly updated for websites set as default sites for one or more IP addresses. (PPPM-13703)
• Running the apt update command after an unsuccessful attempt to install a Plesk extension no longer fails. (PPP-58250)
• The “Remove alias” button is now shown for all mail aliases belonging to a mailbox, including the first one in the list. (PPPM-13721)

Windows

• The .NET Toolkit extension is now available in Plesk for Windows.
• Running the plesk bin repair --web -sslcerts command now correctly repairs webmail SSL certificates. (PPP-57692)
• Renaming a subscription now fails with a human-readable error message if the home directory for one or more of that subscription’s additional FTP accounts is missing. (PPPM-13657)
• When updating a Plesk Obsidian server with the Git extension installed to the latest version, the misleading “ERROR: The process “git-cmd.exe” not found.” error message is no longer shown. (PPPM-13688)
• On Plesk servers with a custom favicon configured, updating to the latest Plesk version no longer results in it being replaced with the default one. (PPPM-13705)

Third-Party Component Updates

Linux

• Updated Courier-IMAP to version 5.1.8.
• Updated Roundcube to version 1.6.0.
• Updated ProFTPD to version 1.3.7e.
• Updated libcurl to version 7.85.0.
• Updated Turba to version 4.2.29.

Windows

• Updated MariaDB 10.6 to version 10.6.9.
• Updated MariaDB 10.5 to version 10.5.17.
• Updated MariaDB 10.3 to version 10.3.36.
• Updated boost to version 1.80.0.

• When clicking checkboxes, they are now selected or cleared correctly again. (PPP-58373)

• It is now again possible to add a CNAME record with underscore symbols on the “DNS Settings” screen. (PPP-58251)

• A number of improvements were made to the Laravel Toolkit extension:

  • Added the ability to turn maintenance mode off (php artisan down) and on (php artisan up) on the “Dashboard” tab in the extension interface.
  • Added the ability to automatically turn maintenance mode on and off for the duration of the application deployment.
  • Added the ability to manage deployment steps of the application on the “Deployment” tab in the extension interface.

  • Added the ability to switch between the automatic and manual deployment modes of the application on the “Dashboard” tab in the extension interface.

    If you select the automatic deployment mode, the application will be automatically deployed after a push to the repository (if the repository is local) or a webhook call (if the repository is remote). If you select the manual deployment mode, the application will be deployed when you click the Deploy button in the Laravel Toolkit or the Git extension interface.

  • A single webhook is now used for the Git and Laravel Toolkit extensions.

• A number of improvements were made to the Git extension:

  • The extension now deploys files to production websites asynchronously if the deployment was triggered by a webhook.
  • Added the run-actions option to the createand update API methods, which enable/disable execution of additional deployment actions.
  • Added the async-deploy method to the CLI and XML API. The method invokes the asynchronous deployment of files to the production website.
  • Fixed removal of additional deployment actions after disabling them in the Plesk interface.

• A number of improvements were made to the Transfer of DNS Records extension:

  • It is now possible to perform DNS record lookup.
  • The extension now supports DNS templates for the Google Workspace and Office 365 services.
  • Improved DNS records import algorithm.
  • Running the import CLI command no longer fails in Plesk on CentOS.

• A number of improvements were made to the Plesk Mobile Center extension:

  • Added support for Android 13.
  • Improved work with the mobile version of Plesk.
  • Improved app stability.
  • Fixed bugs related to the accessibility of the Plesk extension logs.
  • (Plesk for Linux) Fixed the issue where logs for the latest Plesk versions were not displayed.
• Added the “Reset admin’s password on the next login” checkbox (cleared by default) to the Plesk initialization screen.
• Added the ability to hide the entire “Assistance & Troubleshooting” section of the Tools & Settings menu in Restricted Mode.
• When a subdomain for a website with a resolvable domain name is created, SSL It! now waits for the subdomain name to become resolvable as well before trying to secure it with a Let’s Encrypt SSL certificate. This prevents situations where a newly created subdomain could not be secured with the “The domain is not resolvable” error. (PPPM-12892)
• The “Interface Controls Visibility” tab has been removed from the Tools & Settings > “Interface Management” menu because most of the controls found on the tab were obsolete. The “Hide controls for rejection messages for non-existent mail addresses” checkbox has been renamed to “Hide bounce controls” and moved to the “Interface Views” tab.
• Updated the appearance of pie charts used to show domains’ disk and traffic usage information.
• Updated the interface of the Tools & Settings > Services Management menu to make it easier to read the current status of services at a glance. (PPPM-13598)
• Incremental server backups created in remote storage no longer take an unreasonably long time to finish. (PPPM-13635)
• Creating a subscription using a private IPv6 address mapped to a public IP address in Tools & Settings > IP Addresses no longer results in the private IP address being used in the domain’s DNS records instead of the public IP address. (PPPM-13650)
• Removing a user with the “WebMaster” role no longer fails with the “Error 500: Unable to find instance with id in database” message. (PPPM-13655)
• Sorting scheduled tasks in Tools & Settings > Scheduled Tasks (Cron jobs) by “Schedule” now works properly. (PPPM-13661)
• The plesk db command line utility no longer uses the --no-defaults option when calling the mysql or mysqldump commands. (PPPM-10414)
• It is no longer possible to create a CNAME DNS record using an IP address as the canonical name. (PPP-57900)

Linux

• We are glad to introduce the production version of the .NET Toolkit extension. Added the following improvements to the extension:

  • It is now possible to manage installed versions of the ASP.NET Core Runtime.
  • It is now possible to create a website running on ASP.NET Core with just a few clicks (Websites & Domains > Add Domain > .NET site).
  • Added the ability to restart the application.
  • .NET Toolkit configuration is now included in Plesk backups.

• A number of improvements were made to the Log Browser extension:

  • It is now possible to view the systemd/journalctl logs in the Plesk interface.
  • The extension can now filter logs by priority.
  • Redesigned the log filter form.
  • The extension now uses journalctl as the default source of mail logs.

• We are glad to announce official support of ARM-based servers:

  • Plesk can now be installed on ARM-based servers running on Ubuntu 22.
  • The SSH Terminal extension can now run on ARM-based servers.
  • SFTP Backup can now run on ARM-based servers.
• nginx shipped with Plesk is now compiled with ngx_http_geoip2_module out of the box. This makes it possible to use MaxMind Geo IP databases to detect visitor’s geographical location by their IP address. This, in turn, makes it possible to limit access to websites to visitors from certain countries, or to automatically redirect them to country-specific URLs.
• The plesk repair sysusers CLI utility can now be used to repair system users on Plesk for Linux servers.
• Reports sent by Watchdog by mail no longer arrive incomplete if the report length exceeds 131072 chatacters. (PPPM-13474)
• Running the plesk repair web command no longer produces an error for every disabled Apache PHP module if the mpm_event module is enabled. (PPPM-13512)
• AWStats now correctly calculates the stats for the last day of the month if nginx is disabled on the server. (PPPM-13568)
• On Plesk servers running on Red Hat Enterprise Linux 8 and its derivatives with the Extra Packages for Enterprise Linux (EPEL) repository configured, running the dnf update command now properly updates the “plesk-phpXX-imagick” packages. (PPPM-13570)
• Plesk Premium Antivirus no longer fails to start on Plesk servers with TLSv1.x protocols disabled for the Plesk web server. (PPPM-13576)

• On Plesk servers running on Red Hat Enterprise Linux 8 and its derivatives with the Extra Packages for Enterprise Linux (EPEL) repository configured, installing AWStats packages from the EPEL repository no longer results in AWStats being non-functional.(PPPM-13617)

  Note: If you have disabled the installation of AWStats packages from the EPEL repository, you need to undo the changes, or else future Plesk updates will fail.

• Restoring one or more subscriptions from backup that had their hosting type changed from forwarding to physical hosting after the backup was created no longer results in unnecessary email notifications. (PPPM-13630)
• Misleading “Warning: Extension “Laravel Toolkit” Unable to back up extension.” message is no longer shown when creating a backup on a Plesk server with the Laravel Toolkit extension installed. (PPPM-13632)
• Disabling the DNS service for a domain no longer removes the Add Record button in Hosting & DNS > DNS Settings. (PPPM-13643)
• The Event Manager “Default domain, DNS zone of domain alias updated” event no longer triggers when the DNS zone of a domain with one or more domain aliases with the “Synchronize DNS zone with the primary domain” option disabled is modified. (PPPM-13646)
• Postfix shipped with Plesk is once again compiled with MySQL support. (PPPM-13665)
• Removing a mail address from SpamAssassin’s black or white list in Plesk no longer results in the address being removed from the list in Plesk but not in the SpamAssassin’s configuration files. (PPPM-13670)
• It is once again possible to send mail without authentication using the sendmail -bs command. (PPPM-13584)
• Emoji characters stored in MySQL databases are now backed up and restored properly. (PPPM-10414)

• Starting from Plesk 18.0.48 (November 8th, 2022), Ubuntu 20.04 LTS on the ARM architecture will no longer be supported.

  We do recommend that you either migrate to a supported OS using Plesk Migrator or run dist-upgrade to upgrade your Ubuntu 20.04 instance.

Windows

• Node.js 16 is now supported.
• To help Plesk users in India comply with the new data law, Plesk now provides a script that can be used to copy Plesk log files to a different server for long-term storage. Learn more and download the latest version of the script here.
• Internal server errors caused by running PHP CLI utilities are now caught and reported properly. (PPP-57663)
• Renaming a subscription whose main domain is disabled no longer makes the domain’s directory inaccessible for additional FTP users. (PPPM-13654)
• Scheduled backups no longer result in an email notification warning about the “Extra content at the end of the document” error being sent under specific circumstances. (PPPM-9405)

Third-Party Component Updates

Linux

• Updated sw-engine PHP to version 7.4.30.
• Updated Roundcube to version 1.5.3 (for OSes other than Red Hat Enterprise Linux 7, CentOS 7, CloudLinux 7.1, and Ubuntu 18.04).
• Updated Dovecot and Pigeonhole to versions 2.3.19.1 and 0.5.19, respectively.
• Updated RRDtool to version 1.8.0.

Windows

• Updated Node.js 16 to version 16.16.0.
• Node.js 4, 6, 8, 10, and 12 are no longer shipped with Plesk.
• Updated ASP.NET Core 6.0 to version 6.0.8.
• Updated ASP.NET Core 3.1 to version 3.1.28.
• Updated libcurl to version 7.84.0.

Linux

• Sending mail via sendmail -bs no longer requires any additional actions from customers. (PPPM-13584)

Linux

• In the Beta version of the “Wesite Log Check” tool, the requests bar is now displayed correctly. (PPP-57762)
• Opening a domain card from the Websites & Domains page no longer results in a blank screen. Previously the error occurred when the “Website Log Check” feature was manually enabled in the panel.ini file. (PPPM-13639)
• It is now possible to send mail via sendmail -bs again. (PPPM-13584)
• Added missing /usr/lib/plesk-9.0/remove_temp_backups to the “plesk-backup-utilities” package. (PPP-57734)

• Added a new feature “Website Log Check” (Beta). You can use it to scan web server logs for evidence of common issues, see how often a specific issue occurs, and get suggestions about ways to resolve them. Learn more about Website Log Check. To enable the feature, add the following lines to the panel.ini file:

  [websitesDiagnostic]
  enabled = true
  

• Plesk administrator can now specify a custom email address to be used as a mail relay (the address will be used as the sender address for all Plesk email notifications found in “Tools & Settings” > “Notifications”). Using an email address with a properly configured domain (DKIM, SPF records, etc.) would ensure that the notifications would not be treated as spam. To do so, add the following lines to the panel.ini file:

  [notification]
  senderAddress=<custom email address>
  

• The new password strength validator is now enabled by default. Learn more about the new password strength validator.
• Added the ability to schedule tasks to the Laravel Toolkit extension.
• Added the ability to run Node.js commands choosing the Node.js version and the package manager (npm/yarn) to the Laravel Toolkit extension (the Node.js extension must be also installed).
• It is now possible to upload a custom favicon in Plesk via the GUI. To do so, go to “Tools & Settings” > “Branding” (under “Plesk Appearance”). In addition, the custom favicon is no longer reset to default when updating Plesk.
• Re-added the ability to sort the list of domains by creation date.
• Additional users restricted to accessing only one specific subscription can no longer see the list of all subscriptions of the customer. (PPPM-13599)
• Emails (sent by Package Update Manager) containing the list of packages with updates available no longer mention packages that have already been updated to the latest version. (PPPM-12733)
• It is now possible to log in to Plesk as an additional user whose password has been reset via a password reset link. (PPPM-13558)
• The website preview thumbnail now gets rendered correctly. (PAUX-5171)

Linux

• We are glad to introduce the beta version of the .NET Toolkit extension. This extension enables you to:

  • Run ASP.NET Core applications on your Plesk for Linux server.
  • Use .NET 6 Core out of the box.
  • View the extension logs in Log Browser.
  • Configure environment variables.
• Added the ability to manually clear nginx cache for websites with nginx caching enabled, both via the GUI and using the plesk bin subscription_settings --clear-nginx-cache <domainName> command.
• Dropped support for Debian 9.
• The nginx ModSecurity ruleset from Comodo in now available in Plesk.
• To help Plesk users in India comply with the new data law, Plesk now provides a script that can be used to copy Plesk log files to a different server for long-term storage. Learn more and download the latest version of the script here.
• Updating to Plesk Obsidian 18.0.44 in unattended mode on a server with a customized Extra Packages for Enterprise Linux (EPEL) repository no longer fails with the “Plesk installation requires ‘epel’ OS repository to be enabled” error. (PPPM-13588)
• Running the plesk bin ipmanage --auto-remap -drop-if-exists command on a server where one or more IP addresses are listed in the Plesk database but are absent from network interfaces now correctly re-maps IP addresses in addition to removing the missing IP addresses from the database. (PPPM-13467)
• Running the plesk bin ipmanage --remap command now correctly updates DNS records for domain aliases. (PPPM-13521)
• Running the plesk sbin fsmng --fix-plesk-packages command on a server with Plesk running on a dpkg-based OS now fixes permissions on directories. (PPPM-13524)
• Disabling SpamAssassin for a mail account with a large number of mail aliases no longer fails with the “ERR [panel.ui] spammng failed:” error. (PPPM-13539)
• Custom error pages are now shown even if the nginx proxy mode is disabled for the domain with configured custom error pages. (PPPM-13542)
• Temporary files created when restoring backups on Plesk servers with Fail2Ban and/or ModSecurity enabled are now cleaned up periodically. (PPP-57024)
• The SSH Terminal extension no longer shows the “Connection broken” error every time the plesk repair web command is run on the server. (EXTPLESK-3509)
• It is now possible to rename a mail account using the name of a previously deleted mail account if that account was deleted after removing SpamAssassin. (PPPM-13567)
• Plesk Health Monitor no longer generates garbage files on Plesk servers with Cgroups enabled when users logged in via SSH perform operations on files stored on loop devices. (PPPM-13573)
• Statistics collection no longer gets stuck under very specific conditions. (PPPM-13581)
• Running the plesk bin service_plan -u 'Default Domain' -nginx-proxy-mode true command no longer results in an error. (PPPM-13586)
• Scheduled tasks fetching an URL containing one or more “%” characters no longer fail when run. (PPPM-13593)
• php-fpm_error.log files can now be opened and viewed in Log Browser. (PPPM-13596)
• Dedicated PHP-FPM processes are now stopped if the corresponding domain is suspended. (PPPM-13597)
• Switching to a different domain owned by the same subscription when on the “Mail Settings” screen no longer results in the “Warning: Possible phishing attempt detected: The link you used attempted to redirect you to another site.” error. (PPPM-13603)

Windows

• Domains are now created approximately 10% faster.
• Removed the Plesk Premium Antivirus component from the “Recommended” preset.
• The current status (enabled/disabled) of the “Deny IP Address based on the number of concurrent requests” and “Deny IP Address based on the number of requests over a period of time” IIS features is now correctly shown in Plesk. (PPPM-13613)
• Selecting either “Preventing DoS attacks by IIS dynamic IP restriction” or “Deny IP addresses based on the number of requests over a period of time” checkbox in the Plesk GUI no longer results in both “Deny IP Address based on the number of concurrent requests” and “Deny IP Address based on the number of requests over a period of time” IIS features being enabled at once. (PPPM-13614)
• Accessing the backups menu when the pmm-ras.exe binary is missing from the server now results in a comprehensible error message. (PPPM-13391)
• Plesk distributive files stored in the “C:\ProgramData\Plesk\Installer\cache” folder during Plesk update are now cleaned up once an update is installed. (PPPM-13572)
• Plesk now correctly shows whether a website’s dedicated IIS application pool is set to 32-bit or not when the Turkish locale is selected. (PPPM-13616)

Third-Party Component Updates

Linux

• Updated Logrotate to version 3.20.1.

Windows

• Updated ASP.NET Core 6.0 to version 6.0.6.
• Updated ASP.NET Core 3.1 to version 3.1.26.
• ASP.NET Core 5.0 is no longer shipped with Plesk.
• Updated PHP used by plesk-engine to version 7.4.30.
• Updated MariaDB 10.6 to version 10.6.8.
• Updated MariaDB 10.5 to version 10.5.16.
• Updated MariaDB 10.3 to version 10.3.35.
• Updated boost to version 1.79.0.
• Updated libcurl to version 7.83.1.
• Updated Turba to version 4.2.27.
• Updated BIND to version 9.16.30.

• Updated Horde Turba to version 4.2.27 to fix the CVE-2022-30287 vulnerability.

  We strongly recommend that you update Plesk.

• It is now again possible to view the list of existing WordPress websites and create new ones in WordPress Toolkit. (PPPM-13587)

Linux

• Plesk migration now restores all the required data and no longer completes with the “PHP Fatal error: Uncaught TypeError: Return value of Plesk\Service\Driver\Dns\Plesk\Core::callDnsmng() must be an instance of Service_Agent_Response_Abstract” error. (PPPM-13580)

Windows

• Adding a MS SQL server no longer fails with the “Class ‘MssqlLocalHost’ not found” error. (PPPM-13578)

Linux

• Sending mail via sendmail -bs is no longer restricted. (PPPM-13584)
• The cloning utility with the -reset-license option now works in Plesk on Ubuntu 22. (PPP-57259)
• Plesk Update Manager now works on Ubuntu 22. (PPPM-13575)

• We are glad to introduce the production version of the Laravel Toolkit extension. Added the following improvements to the extension:

  • Use the extension in Plesk for Windows.
  • Deploy a Laravel skeleton application on a domain.
  • Create a website with the latest Laravel version with just a few clicks (Websites & Domains > Add Domain > Laravel site).
  • Introduced the new “Deployment” section that makes it possible to use custom scripts to deploy applications.
  • View the extension logs in Log Browser.
  • (Plesk for Linux) Run artisan and composer commands without having to specify the whole path.
  • Enjoy smoother transitions between screens with introduced content placeholders. When Plesk loads application cards as well as Composer and Artisan sections, you can now see their rough skeletons.
  • Multiple UX improvements.
• The new “Add Domain” screen is now enabled by default. Learn more about this improvement.
• The /root/.my.cnf file that contains the password for the MySQL console client no longer blocks Plesk automatic updates.
• The interface in Power User View is now always set to “All webspaces” unless users select the desired webspace themselves. As soon as the Plesk administrator creates the second webspace, they now see a hint on how to switch between webspaces.
• Made the transitions between domain cards smoother by introducing content placeholders: when Plesk loads a domain card, users now see its rough skeleton.
• It is now possible to change IP addresses of subscriptions with “Forwarding” and “No hosting” types.
• Made it more clear for users how to add SRV DNS records: the “Service name” and “Protocol” fields now have correct examples. (PPP-56626)
• If Plesk has a subscription with the limit on domain aliases or subdomains set to zero, this no longer prevents the Plesk administrator from creating domain aliases and subdomains in the Plesk interface. (PPPM-13534)
• Specifying empty values of panel.ini settings no longer stops the domains’ “PHP Settings” page from being loaded. (PPPM-13516)
• Subscriptions’ names in Customer Panel are now again sorted in alphabetical order. (PPPM-13517)
• File Manager now correctly uploads directories with empty files or directories inside. (PPPM-13535)
• Clearing the “Mail messages” checkbox in Backup Manager > Back Up no longer resets the backup type to “Incremental”. (PPPM-13503)
• Changing PHP settings of a locked subscription no longer overrides them with the default PHP settings of the service plan the subscription was based on. (PPPM-11555)
• Operations with multiple items selected from the list now again work in Plesk extensions. (PPPM-13548)
• Increased the length of the “TXT record” text field for the following types of DNS records: TXT, MX, DS, and CAA. (PPP-56760)
• Plesk again shows the content of the Application Catalog categories (“All Available Applications” > “Web”, “Collaboration”, and so on). (PPPM-13546)
• Restoring a domain from a backup now preserves custom TTL values of the domain’s DNS records. (PPPM-13426)

Linux

• The console now works using a domain’s PHP version instead of the system PHP. Customers can now run artisan, composer, and other commands without having to specify the whole path.

  To propagate and turn on the feature for all subscriptions, run the plesk bin php_settings --update-all command.

  To use the feature in Scheduled Tasks, prepend the cron command with the following:

  export PATH="/opt/plesk/phpenv/bin:$PATH"; eval "$(phpenv init -)";
  

  To disable the feature and bring back how the console worked before, add the following lines to the panel.ini file:

  [php]
  phpenv = off
  

  Note: The feature works for Plesk PHP handlers only. It does not work for custom PHP handlers and CloudLinux with CageFS.

• Ubuntu 22.04 is now supported, with certain limitations. You can use the dist-upgrade procedure to upgrade your OS from Ubuntu 20.04 to Ubuntu 22.04.
• It is now possible to customize the client_max_body_size nginx directive in the Plesk interface, via the CLI, and via the XML API.
• It is now possible to change a database user password on the remote database server Percona MySQL 8.0.23. (PPPM-13538)
• The “PHP-FPM settings” section in a domain’s PHP settings is now present for custom PHP handlers. (PPPM-13507)
• If Apache-only hosting is turned on, third-party services that use the “Host” header validation (for example, Grafana) now work. (PPP-56778)
• Log rotation now works correctly after updating to Plesk Obsidian 18.0.43 even if /usr/local/psa/etc/logrotate.conf was customized. (PPPM-13519)
• Fixed the error message shown when a password is not complex enough for the the “Very Strong” password strength policy. (PPPM-13550)
• In Plesk on Debian 10 and AlmaLinux 8, a start, stop, or restart of the dedicated PHP-FPM handler no longer fails with the “Unable to stop service: Variable “$actionType” got invalid value “stop”” error. (PPPM-13547)
• It is no longer possible bypass email sending restrictions for Postfix and qmail by using the -bs option with the sendmail wrapper. (PPPM-13497)
• When editing a domain’s PHP settings in the “Common settings” section, the cursor no longer jumps to the end of the text box. (PPPM-13554)
• On certain servers, Plesk no longer runs its Daily Maintenance tasks significantly longer than 24 hours. (PPPM-13532)
• Collecting statistics for a domain with a large number of files (about one million) now consumes significantly less RAM. (PPPM-13415)
• BIND no longer fails to start if Plesk has websites with enabled DNS zones but absent NS records. (PPPM-13468)

Windows

• It is now possible to use the Laravel Toolkit extension.
• Backup restoration no longer fails if the DNS server was deleted from Plesk and a custom DNS service is used (for example, DigitalOcean DNS). (PPPM-13511)
• When users select the “Tradeoff” or “Thorough” configurations in ModSecurity, they now see the confirmation dialog, which informs that these configurations may disrupt operation of WordPress websites. (PPPM-13504)

Third-Party Component Updates

• Updated PHP used by Plesk to version 7.4.29.
• Updated libcurl to version 7.83.0.

Windows

• Updated POCO to version 1.11.2.
• Updated ASP.NET Core 6.0 to version 6.0.5.
• Updated ASP.NET Core 5.0 to version 5.0.17.
• Updated ASP.NET Core 3.1 to version 3.1.25.

• ionCube Loader is no longer shipped with Plesk because of the reorginization of the third-party component shipment with Plesk. ionCube will be automatically installed in one of the upcoming releases in the scope of installation of the PHP components.

  To use ionCube Loader, install it manually.

  Note: The already installed ionCube Loader component continues to work but PHP updates no longer update the component.

• Excluded the myLittleAdmin component from the “Full Installation” preset and marked the component as outdated.

  Note: The vendor does not support myLittleAdmin since 2013. Using outdated components is not secure. You can still install the component at your own risk by doing the following:

  • (During Plesk installation) Select the “Custom” installation type and then select myLittleAdmin.
  • (After Plesk installation) Run the plesk installer add --component mylittleadmin command.

Linux

• Updating Plesk to version 18.0.43 no longer fails when MySQL Community Server is used. (PPPM-13514)

• The new ‘Add Domain’ screen is now enabled by default for new Plesk Obsidian installations. This screen provides additional domain creation options:

  • Create a blank site.
  • Create a WordPress site.
  • Upload content using File Manager after website’s creation.
  • Connect a Git repository.
  • Import website from another hosting.

  To disable it, add the following lines to the panel.ini file:

    [domainManagement]
    applicationWizard.enabled = false
  

• Node.js applications now write their logs to separate log files that can be viewed in the Log Browser. To disable this feature, add the following lines to the panel.ini file:

    [ext-nodejs]
    showApplicationLogs = false
  

• The Node.js extension now automatically cleans up the downloaded archives of minor Node.js versions that are no longer necessary from the extension’s cache.

• Fine-tuned the password strength validator in Plesk to make it better at accurately evaluating strength of passwords generated by third-party applications and services.

  The feature is disasbled by default because it may affect the automatic password generation scripts that must meet the new requirements. To enable the updated password strength validator, add the following lines to the panel.ini file:

    [passwordManagement]
    estimator = zxcvbn
  

  The feature will be enabled by default in Plesk Obsidian 18.0.45. Read more about this feature.

• For customers, who use automatic scripts for subscriptions/customers creation the new “API 1038 error code” was added. This error code will be returned to a 3rd-party system if a used password was not accepted by Plesk so it will be possible to reinitiate the password generation process. It means that customers with a such scenario can update their scripts to reinitiate a password generation and validation process if the previous password was not accepted.
• On Plesk servers using BIND as the DNS server, the “notify-to-soa” option is now in effect. This ensures that the NS server specified as the primary master name server for a DNS zone in the zone’s SOA record is sent NOTIFY messages. This is useful in “hidden master” scenarios where the master NS server is not listed at the registrar and does not have an NS record in the DNS zone, and a slave NS server is listed in the SOA record instead.
• Increased the speed of website preview generation for certain websites.
• Increased the speed of switching between domains by up to 25% while using the File Manager or the domain card.
• When configuring a custom TTL value for a DNS record for a domain, the custom value is also propagated to the DNS zones of all of that domain’s domain aliases. (PPPM-13425)
• Receiving one or more emails with very long subject lines no longer causes some information to not be shown in “Tools & Settings” > “Mail Queue”. (PPPM-13462)
• Clarified the notification shown when one or more backup files in remote FTP storage do not conform to the expected naming conventions. (PPPM-13453)
• When scrolling through the contents of a directory in File Manager, the list of the files can no longer partially be seen through the page’s footer. (PPPM-13374)
• Configuring or attempting to back up to a remote FTP repository hosted on the Azure Blob service no longer fails with the “(SSH_FX_OP_UNSUPPORTED)” error. (EXTPLESK-3418)
• Perl and Python support is no longer listed as available but turned off in “Account” > “Hosting Options” if the corresponding Plesk components are not installed. (PPPM-13456)

Linux

• Indroduced a beta version of the Laravel Toolkit extension that allows you to manage Laravel applications running on your Plesk server:

  • Scan and automatically connect Laravel websites to Laravel Toolkit. That way you can manage them using the Plesk interface.
  • Get your Laravel applications from a remote Git repository and deploy them.
  • Automatically update Laravel applications using Git webhooks.
  • Manage the .env file using the graphical user interface (GUI).
  • Run artisan and composer commands without having to access the shell.

  We would love to hear your feedback about this improvement. Please send us your feedback to feedback@plesk.com.

• Plesk users granted shell access (even chrooted) can now execute certain Node.js commands (like nvm use or npm install) straight from the shell.
• The Node.js extension now supports the Yarn package manager (along with already supported npm).
• When changing the PHP handler to “FastCGI application served by Apache” for a domain owned by a subscription based on a service plan that provides PHP-FPM by default, the PHP handler is now correctly changed to FastCGI. (PPPM-13450)
• Performing dist-upgrade from Debian 10 to Debian 11 no longer results in an outdated version of the “plesk-py27-paramiko” package being installed. (PPPM-13478)
• On Ubuntu 20.04 servers, restarting the nginx service no longer results in the “Unable to restart the service: Failed to fetch” error. (PPPM-13483)
• The BIND service no longer fails to start after updating to Plesk Obsidian 18.0.42.1. (PPPM-13487)
• Clarified the error message shown and logged when subscription creation fails when greylisting is enabled in global spam filter settings, but the /var/lib/plesk/mail/greylist directory is missing. (PPPM-13457)
• Log rotation now works correctly after updating to Plesk Obsidian 18.0.42. (PPPM-13473)
• After updating to Plesk Obsidian 18.0.42, backup creation no longer fails with the “Unable to run the backup agent” error. (PPPM-13492)
• Installing Plesk Obsidian on a server running AlmaLinux 8.4 no longer results in misleading warning messages in the installer log. (PPPM-13485)
• On servers running an RPM-based Linux with Yum, it is no longer possible to run the yum clean all command during the update, which led to the update failing. (PPPM-11218)
• Setting the settings.fpm.pm.process_idle_timeout.values[] and settings.fpm.pm.process_idle_timeout.default PHP parameters to exactly “1” in the panel.ini file no longer prevents users from changing PHP handlers for hosted domains. (PPPM-13484)
• Running the plesk repair web command now also repairs missing PHP modules. (PPPM-13387)
• “Forgot password” emails are now sent in the language matching the user’s language configured in Plesk. (PPPM-13496)

Windows

• Mail sent from IP addresses added to the white list now bypasses DNSBL checks. You can now add and remove IP addresses to/from the white list via the --add-to-white-list and --remove-from-white-list options for the mailserver.exe command.
• When moving a domain from one subscription to another, the list of available target subscription now includes subscriptions whose “Mailbox Size” limit is exceeded by the sum total of disk space taken up by all mailboxes owned by the domain that is being moved. (PPPM-13398)
• Trying to change the value of the ASP.NET “Session Timeout” parameter no longer fails with the “ERR [panel] Site without PhysicalHosting cannot be Webspace” error. (PPPM-13469)

Third-Party Component Updates

• Updated OpenSSL to version 1.1.1n.

Windows

• Updated ASP.NET Core 6.0 to version 6.0.3.
• Updated ASP.NET Core 5.0 to version 5.0.15.
• Updated ASP.NET Core 3.1 to version 3.1.23.
• PHP 5.2, 5.3, 5.4, and 5.5 are no longer shipped with Plesk.
• Updated Node.js to version 12.22.11.
• Updated libxslt to version 1.1.35.
• Updated zlib to version 1.2.12.

• Performing the initial configuration no longer results in a blank screen if the “Enter Plesk” button is clicked before all necessary fields are filled out. (PPPM-13463)

Linux

• Plesk updates no longer fail on Plesk servers that do not have BIND installed and are using a different DNS server. (PPPM-13466)

• Transitions from the “PHP settings” screen now happen up to 40% faster.
• Most of the tabs on the subscription overview page (Websites & Domains, Mail, Files, Databases, Statistics, and Users) now open up to half a second faster.

• Added the option to restrict the ability to create backup to the Plesk administrator. To prevent users other than the administrator from creating, uploading, or scheduling backups in Plesk, add the following lines to the panel.ini file:

  [pmm]
  manageBackupsByAdminOnly = true
  

  Note that scheduled backups already configured by users other than the administrator will continue to run.

• The “Tools & Settings” > “DNS Template” screen has been renamed to “DNS Settings”.
• The “DNS zone serial number format” section of the “DNS Settings” > “Zone Settings [template]” has been renamed to “Advanced DNS features”.
• On Plesk servers using BIND as the DNS server, it is now possible to specify additional DNS server parameters using named.conf syntax. To do so, enter them in the newly added “Additional DNS settings” field (found on the “Tools & Settings” > “DNS Settings” > “Server-wide Settings” screen). These parameters override all other server-wide parameters configured elsewhere.
• A link to a video describing the process of managing DNS records in Plesk has been added to the “DNS Helper” wizard.
• Kaspersky Antivirus has been converted from a Plesk component to an extension and excluded from the “Recommended” preset. As a result, the size of the Plesk distributable decreased by 35%, which will lead to faster downloads and shorter installation times. This change will not impact servers with Kaspersky Antivirus installed in any way.
• On Plesk servers with the “Joomla! Toolkit” extension installed, the option to create a website with the latest Joomla! version installed has been added to the “Add Domain” wizard.
• Plesk now treats cloud servers runnng on ARM processors as KVM virtualization allowing for the use of VPS license keys.
• Reworked the way information is presented during operations performed in the drawer on the left-hand side of the screen (for example, creating a domain). Progress bars have been moved from the footer to the main body of the drawer to make the interface less visually overloaded.
• The Video Tutorials section of the Plesk Documentation Portal has been populated with a host of new video tutorials giving step-by-step explanations for the most common Plesk use cases.
• Trying to set up mail autodiscover in the iOS Mail app on iPhone or iPad via the Plesk-generated link or QR code no longer fails with the “Invalid Profile” error. (PPPM-13390)
• Scheduled backup processes no longer get stuck indefinitely when backing up to FTP storage if the configured FTP server is unavailable or if the provided credentials do not match. (PPPM-13411)
• The default SOA Expire Value for domains created in Plesk was increased from 7 days to two weeks to avoid misleading warnings (for example, “SOA Expire Value out of recommended range”). (PPP-56007)
• When creating a domain as a Plesk administrator and selecting the “Assign this domain to a customer” option, the list of IP addresses (shared and dedicated) available to the selected customer is now shown instead of the list of IP addresses available to the administrator. (PPPM-12040)
• Running the plesk login command, logging in to Plesk via the generated URL, and then running the plesk login command again no longer results in an invalid URL being generated. (PPPM-13134)
• When uploading a database dump via the “Import Dump” feature, the existing database (if it exists) is removed and then recreated if the “Recreate the database” option is enabled. (PPP-55727)
• The pmm-ras command line utility now properly logs all required information if verbose logging is enabled in the panel.ini and pmmcli-rc files. (PPPM-13396)

Linux

• Debian 11 is now supported, with certain limitations. You can use the dist-upgrade procedure to upgrade your OS from Debian 10 to Debian 11.
• Apache no longer fails to start if ModSecurity is enabled but unable to start for some reason. (PPPM-13354)
• It is no longer possible to create an additional FTP user with the account name ‘psacln’ in Plesk. (PPPM-13382)
• If an alert for “Site creation” is configured for the Plesk administrator on the “Tools & Settings” > “Notifications” page, and one or more event handlers for the “Default domain (the first domain added to a subscription) created” event have been configured on the “Tools & Settings” > “Event Manager” page, an email notification is sent to the administrator whenever a new subscription is created even if one or more event handlers return a non-zero exit code. (PPPM-13401)
• A more comprehensible error message is now shown when trying to create a domain with an internationalized domain name containing not allowed characters in punycode (for example, emojis). (PPPM-13172)
• Plesk Installer no longer fails when started on a server with certain versions of MariaDB installed from RPMs. (PPPM-13431)
• Running the one-click-installer on CloudLinux 7 no longer results in an error. (PPP-56121)
• The “www." >> "" CNAME DNS record was added to the Plesk default DNS zone template.(PPP-52146)
• When exporting database dumps, the progress bar no longer gets stuck under specific circumstances. (PPPM-13306)
• The Fail2Ban component now requires syslog/rsyslog (depending on the OS) as a prerequisite. (PPPM-13307)
• Plesk Monitoring now properly cleans up unneeded temporary files it stores in the /opt/psa/var/health/data/localhost directory. (PPPM-13313)
• It is now possible to log in to webmail for a mailbox with one or more “+” characters in the mailbox name (for example, “my+mailbox@example.com”) when the “Enable email subaddressing” option is disabled in “Tools & Settings” > “Mail Server settings”. (PPP-55620)
• A confirmation dialog box is now shown when removing a jail in Fail2Ban. (PPPM-13414)
• The “Do not deliver copies of forwarded emails to the Plesk mailbox” option can now be enabled or disabled via the CLI using the plesk bin mail -u <mailbox@domain.name> -forwarding true -delivery false command. (PPPM-13422)
• The sizes of incremental backups stored in FTP storage are no longer shown incorrectly under specific circumstances. (PPPM-13424)
• Certain access log entries that were missing before are now shown in Log Browser for domains with the “Permanent SEO-safe 301 redirect from HTTP to HTTPS” option enabled. (PPPM-13433)
• A more comprehensible error message is now shown when trying to create a subdomain for a subscription with no hosting. (PPPM-13435)

Windows

• The option to change the SSL/TLS certificate securing the mail server is no longer available if a remote SmarterMail server is configured and selected as the Plesk mail server. (PPPM-13381)
• Plesk Task Manager now properly logs agent exit code when in debug mode. If the exit code is non-zero, the information is logged with the ERROR status. (PPPM-13373)

Third-Party Component Updates

Linux

• Updated phpMyAdmin to version 5.1.3.
• Updated Courier-IMAP to versions 5.1.7.
• Updated OpenSSL to version 1.1.1m.
• Updated Dovecot and Pigeonhole to versions 2.3.18 and 0.5.18, respectively.
• Updated Postfix to version 3.5.14.
• Updated RRDtool to version 1.7.2.
• Updated Logrotate to version 3.19.0.

Windows

• Updated ASP.NET Core 6.0 to version 6.0.2.
• Updated ASP.NET Core 5.0 to version 5.0.14.
• Updated Node.js to version 12.22.9.
• Updated MariaDB 10.5 to version 10.5.15.
• Updated MariaDB 10.3 to version 10.3.34.
• Microsoft Drivers for PHP for SQL Server are now shipped with PHP 8.1.

Linux

• Emails with daily reports from the “Watchdog” extension now contain correct data instead of error messages again. (PPPM-13385)

• Cgroups Manager is now a free-to-use feature, and a welcome addition to the Plesk Web Pro and Web Host editions. Read more about this feature.

• Added the plesk bin action-log CLI utility. The utility can be used to extract action log entries in raw or JSON format, and also to manage action log rotation settings.

  See how to use the utility in Plesk for Linux and Windows.

• Added the ability to switch outgoing mail control from counting individual messages to counting the total number of recipients from the Plesk interface (“Tools&Settings” > “Mail Server Settings” > turn on limitations on outgoing email messages > “Count a number of recipients instead of messages”).
• Reduced page load time for the Domain Overview screen.
• Improved the Plesk UI related to tasks in progress to make it more appealing and easier to use.
• The “Webspace Settings” section is no longer collapsed by default when adding domains, and will instead remember its last state, whether collapsed or expanded. This will make adding multiple domains easier for people who routinely changed the default usernames, passwords, or IP addresses during domain creation.

• Decreased the page load time for a number of most popular screens in Plesk. Transitions to the following screens are now up to 400% faster:

  • DNS Settings (-400%)
  • Websites & Domains (-15%)
  • Domains (-15%)
  • File Manager (-10%)
  • PHP Settings (-28%)
  • Web Hosting Access (-25%)
  • Hosting Settings (-7%)
• Added the ‘Allow necessary cookies’ option to the cookie banner in Plesk to comply with the updated GDPR requirements.
• The SSH Terminal extension now shows a helpful pop-up with instructions if it is unable to connect (for example, because the ssh service is not running or because root login is prohibited).

• Added the ability to prevent customers from changing the Recycle Bin rotation settings in File Manager. To restrict the ability to change rotation settings to admins and resellers only, add the following lines to the panel.ini file:

  [fileManager]
  trash.rotation.customerAccess = false
  

• Based on the collected feedback, the bar on the right side of individual domains’ screens stays! The invitation to fill in the survey has been removed. Thanks for letting us know your opinion, everyone!

• Added the ability to control the logging level of XML-RPC requests and responses. To change the logging level, add the following lines to the panel.ini file:

  [log]
  filter.priority = 6 
  

  The valid values range from 0 to 7. The higher the number, the more detailed the log, with 7 being “debug”, 6 being “info”, and so on. See Zend Debug Levels for more information.

• Context promos for a number of Plesk extensions have been removed from the “DNS Settings”, “Updates & Upgrades Settings”, “Email Addresses”, “Mail Server Settings”, and “Backup Manager” screens.
• Custom promos added by the customer via the KAPC delivery mechanism are now shown before Plesk promos on the Home screen in Service Provider view.
• Improved the stability of the Extensions Catalog.
• Creating a website via the new domain creation wizard now correctly redirects to the relevant screen after the domain is created (for example, the Git extension is opened if the “Git” option was selected during domain creation). (PPP-55706)
• Notifications about the backup file being invalid are now correctly sent after backup creation. (PPPM-11642)
• The “Preview” link is now shown correctly in the Domain list in Service Provider view when either the “Quick Preview on a domain name in Plesk” or “Quick Preview on an external domain name” option is selected in “Tools & Settings” > “Website Preview”.(PPP-55571)
• It is no longer necessary to empty the list of files to be excluded from backup in “Tools & Settings” > “Backup Manager” > “Schedule” before you can clear the “Exclude specific files from the backup” checkbox. (PPPM-12262)
• Changing the IP address of a domain with log rotation enabled no longer turns log rotation off. (PPP-55573)
• It is no longer possible to update Plesk administrator profile details if the “Email address” field is empty. (PPPM-13319)
• Added a link to the documentation to the warning message shown when setting outgoing mail limit for a domain, and the configured limit for the domain exceeds the limit for the subscription. (PPPM-13203)
• The “Preview” link for the domain selected for previewing other websites (“Tools & Settings” > “Website Preview” > “Quick Preview on a domain name in Plesk”) is no longer shown in the Domain list in Service Provider view. (PPPM-13361)
• Uploading files via File Manager no longer sometimes fails with the “No files selected. To upload the files, you have to select them.” error. (PPP-54792)
• After configuring the Amazon S3 Backup extension via the CLI, it is no longer shown as not configured in the Plesk interface. (PPPM-13332)
• The confirmation message shown when removing a domain now correctly calculates the number of domains that will be removed. (PPPM-13283)
• Fixed the issue where opening a domain resulted in a white screen under specific circumstances. (PPPM-13358)

Linux

• RockyLinux is now supported, both for new Plesk Obsidian installations and for in-place conversion from CentOS 8.

• Plesk can now be installed on Ubuntu 20 servers running on ARM-based platforms (as a Beta version with certain limitations). You can also try a VPS with Plesk on Graviton2 processors by using this Plesk AWS AMI image in just a click.

  Read more about the ARM architecture in the article. Have questions or suggestions regarding this feature? We welcome your feedback!

• Added the ability to add custom headers to emails sent via the Plesk auto-reply mechanism from the Plesk interface (“Tools&Settings” > “Mail Server Settings” > “Extra auto-reply headers”). In addition, the “Auto-Submitted: auto-replied (vacation)” header in now added by default.
• It is no longer possible to create mail accounts for domains for which the mail service was disabled. (PPPM-13205)
• It is no longer possible to create a MySQL user with the name “root@localhost” under specific circumstances. (PPPM-12656)
• Importing and exporting MySQL databases with one or more definers and/or triggers via the Plesk interface now works correctly. (PPPM-13311)
• Trying to access Scheduled Tasks under Dev Tools when logged in as a reseller no longer results in the “Permission denied” error. (PPPM-13333)
• The vhostmng-find process no longer follows symlinks by default, which could prevent daily tasks from running and lead to 100% CPU load. (PPP-47419)
• On Red Hat Enterprise Linux 8.x and its derivatives, Plesk Watchdog is now able to correctly detect the status of the SpamAssassin process. (PPPM-13315)
• A more informative error message is now shown when the PUM utility tries and fails to update a duplicated package. (PPP-55204)
• Single quotes in Plesk error messages are no longer replaced with double quotes when clicking the “Search for related Knowledge Base articles” button, which led to empty search results. (PPPM-13327)
• The plesk bin custom_plan_items --update CLI utility no longer unexpectedly produces a non-zero exit code upon completion. (PPPM-13365)
• Running the plesk repair mail CLI utility no longer prevents users from creating mailboxes for domains with the mail service enabled that are owned by a subscription with the mail service disabled. (PPPM-13369)
• Incorrect breadcrumbs are no longer shown on certain screein in the Plesk interface. (PPPM-13335)
• Plesk no longer shows an incorrect “The following Apache modules are not installed on the destination server:” error after migrating from Ubuntu 16 to Ubuntu 20. (PMT-4972, PPP-55411)
• Clarified the error message shown when trying to create an FTP user with a name starting with a number. (PPPM-13344)
• XML API requests specifying the filter no longer fail. (PPPM-13353)
• Opening the PHP settings of a domain with the disabled “PHP version and handler management” permission no longer results in an error. (PPPM-13370)

Windows

• Security improvements. (PPPM-13317)
• SpamAssassin no longer penalizes messages that fail the RDNS_NONE check, which could lead to legitimate messages being treated as spam.
• The “PSAMailbackup.exe” process no longer keeps running when a backup of one or more subscriptions with mail accounts is started and then stopped. (PPPM-11671)
• Websites are now published correctly in Web Presence Builder, and website snapshots can be downloaded. (PPPM-13339)

Third-Party Component Updates

• MariaDB 10.6 is now supported.
• PHP 8.0 is now recommended to use in Plesk, and is now the default PHP versions for websites in Plesk.
• PHP 8.1 is now available in the Plesk installer.
• Marked PHP 7.3 as outdated because it has reached end of life.

Linux

• Updated PHP used by sw-engine to version 7.4.27.
• Updated nginx and the sw-cp-server service to version 1.20.2.
• Updated Phusion Passenger to version 6.0.12.
• Updated Dovecot to version 2.3.17.1.
• Updated Pigeonhole to version 0.5.17.1.
• Updated Roundcube to version 1.4.13.
• Updated ModSecurity 3 to version 3.0.6.
• Updated ModSecurity 2 to version 2.9.5.

Windows

• .NET 6.0 is now supported.
• Updated ASP.NET Core 6.0 to version 6.0.1.
• Updated ASP.NET Core 5.0 to version 5.0.13.
• Updated ASP.NET Core 3.1 to version 3.1.22.
• Updated PHP used by plesk-engine to version 7.4.27.
• Updated Node.js 12 to version 12.22.7.
• Updated Git to version 2.34.1.
• Updated BIND to version 9.16.23.
• Updated ModSecurity to version 2.9.5.

• Creating a website via the new domain creation wizard now correctly redirects to the relevant screen after the domain is created (for example, the Git extension is opened if the “Git” option was selected during domain creation). (PPP-55706)

Third-Party Component Updates

Linux

• Updated libspf2 to version 1.2.11, which fixes a number of security vulnerabilities, namely: CVE-2021-20314, CVE-2021-33912, and CVE-2021-33913.

• When restoring a customer or a Plesk server from a backup, the “Cannot update customer account: unknown country code “XX” warning no longer appears. (PPPM-13324)

Linux

• Updated Apache mod_proxy on CentOS 7, Red Hat Enterprise Linux 7, and CloudLinux 7 to fix the mod_proxy SSRF vulnerability (CVE-2021-40438). (PPP-55606)

  We strongly recommend that you update Plesk.

Third-Party Component Updates

• Marked PHP 7.3 as outdated because it reached end of life.
• PHP 8.0 is now recommended to use in Plesk.

• PHP 8.1 is now available in the Plesk installer.

  Note: At the moment, PHP 8.1 is not present in the set of recommended components.

Linux

• Certain actions in Plesk on Ubuntu run in an OpenVZ container (for example, migration, Plesk updates, backing up, and so on) no longer fail with the “boost::filesystem::copy_file: Function not implemented” error. (PPPM-13321, PPPM-13323)

Third-Party Component Updates

• Updated Roundcube to version 1.4.12 to fix the following security issues: CVE-2021-44025 and CVE-2021-44026.

  We strongly recommend that you update Plesk.

• Replaced Gzip with ZSTD as the default compression method for backup and restore operations in Plesk. On multi-CPU servers, depending on the type of data being backed up, this provides the following benefits:

  • Reduces the backup size by up to 20%.
  • Reduces the CPU load by up to 25%.
  • Reduces the backup creation time by up to 2x (fast), and by up to 4x (fastest), based on the compression level.

  The desired compression level can be set in “Tools&Settings” > “Backup Manager” > “Settings”. The ‘Fast’ level is set by default.

• Added the ability to disable automatic HTTP > HTTPS redirection for webmail. To enable it, add the following lines to the panel.ini file:

  [mail]
  webmail.forceHttp = true
  

  On Plesk for Windows, to disable automatic HTTP > HTTPS webmail redirection for existing domains, run the plesk repair web -webmail command.

• Removed a number of Plesk extensions from the Plesk Installer due to low usage. These extensions are still available from the Extensions Catalog:

  • Skins and Color Schemes
  • Domain Connect
  • Social Login

  In addition, the Plesk Cgroups Manager extension was removed from the “Recommended” preset, and the Site Import extension was added to the “Recommended” preset.

• Due to security improvements made by Google, if you are using Google Drive Backup Plesk extension to create backups on a shared drive belonging to a corporate account, you need to do the following to be able to make backups (users with personal drives are unaffected):

  • Re-register the drive and explicitly set its type to “Shared”.
  • Make sure your administrator has marked the Plesk Backup Corporate application as trusted.
• Plesk Administrator should explicitly specify their country of residence in their profile.
• A number of buttons initiating the primary action on the page have been visually highlighted to make them more noticeable.
• When creating a subscription, physical hosting is now correctly configured if the subscription’s system user’s password includes one or more ampersand (“&”) characters. (EXTREST-118)
• Domain Preview now correctly accesses the website being previewed via IPv4, even if an IPv6 address is also configured for the domain. (PPPM-13075)
• For certain older Plesk extensions, clicking the name of a domain on the extension’s page no longer results in the domain overview page opening with layout and domain name, but no content. (PPPM-13252)
• Running the plesk repair mail command for a domain in Plesk with “Outgoing messages from a subscription (per hour)” set to “Unlimited” no longer results in an error. (PPPM-13272)
• Searching for a mailbox in Plesk when on the Home Page no longer results in the “An invalid URL was requested” error. (PPPM-13273)
• Opening the Plesk Installer interface in a web browser no longer results in SSL certificate errors. (PPPM-13295)
• It is now possible to add and modify database users even if the subscription’s default MySQL server is not available. (PPPM-13265)
• Changing the IP address for a subscription now correctly updates the IP address of all domains owned by the subscription with the “Forwarding” hosting type. (PPPM-13256)
• Operations in File Manager no longer incorrectly affect previously viewed webspaces. (PPPM-13268)
• The controls in “DNS Settings” no longer sometimes disappear when logged in to Plesk as a customer. (PPPM-13292)

Linux

• Added the ability for Outgoing Mail Control to count the number of individual recipients (TO, CC, and BCC) instead of messages. This closes an abusable loophole which allows users to send bulk email by specifying a large number of recipients (the current Outgoing Mail Control logic counts each individual email as just one message sent, no matter how many recipients the email is sent to). To switch Outgoing Mail Control from counting messages to counting recipients (and vice versa), run the plesk bin mailserver --set-outgoing-messages-count-recipients <true|false> command (the change is server wide). (PPM-7181)
• Specifying custom values for both the proxy_read_timeout nginx directive and max_execution_time PHP setting for the same domain results in the max_execution_time value being substituted for the proxy_read_timeout value (e.g., adding proxy_read_timeout 1800; to “Apache&Nginx Settings” > “Additional Nginx directives” and setting max_execution_time to 90 in “PHP Settings” will result in proxy_read_timeout being set to 90 in the nginx configuration file for the domain in question). (PPPM-12599)
• On Ubuntu 18.04 and Ubuntu 20.04 servers, re-reading and repairing IP addresses in Plesk no longer results in unnecessary duplicate lines sometimes being added to the /etc/netplan/10-plesk.yaml file. (PPP-53340)
• Users can now manage the PHP-FPM version for domains after an incomplete systemd upgrade on the server. (PPPM-13248)
• Trying to remove a database registered in Plesk but hosted on an external database server no longer results in an error if the database user name includes one or more underscore (“_”) characters. (PPPM-13239)
• Removed the ampersand (“&”) character from the list of characters that cannot be used in passwords in Plesk included with the error message shown when the provided password does not meet the password strength requirements. (PPPM-13229)
• Cached memory is no longer included in the memory usage calculation in “Tools&Settings” > “Server Information”.(PPPM-13264)
• Added a human readable error message for cases when Task Manager fails to show the list of current tasks due to the number of simultaneously running tasks being very high. (PPPM-13123)
• Running the plesk bin pleskbackup command with the “-z” or “no-gzip” options now correctly results in the backup file not being compressed. (PPPM-13254)
• Trying to create a backup of a subscription no longer results in an error if the subscription’s name includes both uppercase and lowercase letters. (PPP-54691)
• It is now possible to move domains to subscriptions that were created on Plesk versions 11 or earlier and then migrated to a Plesk Obsidian server. (PPPM-12916)
• Mail messages forwarded from a Plesk server, or from one mail account to another on the same Plesk server no longer includes an unnecessary duplicate “From:” header. (PPPM-13296)
• Trying to enable SSLv3 (which is outdated and insecure) on a Plesk server by running the plesk bin server_pref -u -ssl-protocols 'SSLv3' command now correctly fails with the “Protocol ‘SSLv3’ is not supported” error. (PPPM-13242)
• Plesk Installer no longer reports errors if the locale used in Plesk is not configured correctly in Linux. (PI-331)
• Restoring a backup in Plesk no longer results in a warning if the nginxCacheBypassLocations nginx directive is configured in the panel.ini file. (PPPM-13300)
• Mailbox size limits specified in a hosting plan settings are now correctly propagated to mailboxes of all domains that belong to subscriptions based on that plan. The mailbox size is now corectly shown as “Default” instead of “Another size” in Plesk, and is changed accordingly for all mailboxes if the size limit is changed in the hosting plan. (PPPM-13274)
• The size of files smaller than 4 KB is now shown correctly in File Manager. (PPPM-13303)
• The “Upload file” command is no longer shown in File Manager when browsing a read-only directory. (PPPM-13285)
• Copying a database or exporting a database dump no longer fails if the name of the database starts with the dash (“-“) character. (PPPM-13267)

Windows

• Added the option to automatically remove emails forwarded from a mailbox in Plesk. The feature is disabled by default. To enable it, go to “Mail”, click the desired mailbox, open the “Forwarding” tab and select the “Do not deliver copies of forwarded emails to the Plesk mailbox” checkbox.
• When selecting or clearing the “Show system files and directories” checkbox in File Manager options, it is no longer necessary to refresh the browser window for the changes to take effect. (PPPM-13255)
• Outgoing Mail Control now works correctly on Plesk Obsidian servers with MailEnable Enterprise edition installed. (PPPM-13269)
• Running the plesk repair web command now correctly resolves issues with corrupted SSL certificate files that could result in users being unable to create domains. (PPP-54689)
• The “CAS trust level” setting value for newly created subscriptions in Plesk in now correctly inherited from the one set on the global level in the IIS Manager. (PPPM-13276)
• Trying to unpack a .zip file in File Manager no longer fails with the “Unable to unpack archive” error under specific circumstances. (PPPM-13309)

Third-Party Component Updates

• Updated sw-engine PHP to version 7.4.26.

Linux

• Updated Dovecot and Pigeonhole to versions 2.3.17 and 0.5.17, respectively.

Windows

• Updated ASP.NET Core 5.0 to version 5.0.11.
• Updated ASP.NET Core 3.1 to version 3.1.20.
• ASP.NET Core 2.1 is no longer shipped with Plesk.
• Updated MariaDB 10.5 to version 10.5.13.
• Updated MariaDB 10.3 to version 10.3.32.
• The “WebDAV Publishing” IIS role service is no longer added during Plesk installation.
• Updated Horde PHP to version 7.4.

Linux

• Plesk Update Manager no longer fails with the “‘NoneType’ object has no attribute ‘run_sack’” error. We have spotted this issue in Plesk Obsidian 18.0.39 Update 1 on CentOS 8.5, AlmaLinux OS 8.5, RHEL 8.5, CloudLinux OS 8.5. (PPPM-13304)

• It is now possible to hide the “What username and password to use?” link on the Plesk page or change the URL the link leads to.

  To hide or change the link, add the lines of the following pattern to the panel.ini file:

  [login]
  howToLoginArticle = '' ; Hides the link.
  howToLoginArticle = 'https://example.com' ; Changes the default URL of the link to example.com.
  

• Improved the process of adding a domain by introducing a new screen that shows the following options:

  • Create a blank site.
  • Create a WordPress site.
  • Upload content using File Manager after website’s creation.
  • Connect a Git repository.
  • Import website from another hosting.

  The new screen is disabled by default. To enable it, add the following lines to the panel.ini file:

  [domainManagement]
  applicationWizard.enabled = true
  

  We would love to hear your feedback about this improvement. Please send us your feedback to feedback@plesk.com.

• Livened up the “Add Domain” sidebar by adding images to it.

• The Plesk administrator, customers, and resellers now have a more concise interface delivered by the right sidebar collapsed by default on the following screens:

  • (Power User view) Websites & Domains
  • (Service Provider view) Domains > domain
  • (Service Provider view) Subscriptions > subscription

• Plesk users can now configure the automatic deletion of files in the Recycle Bin by date and/or by time. By default, the automatic deletion is enabled.

  The Plesk administrator can manage this feature and change its default settings by using the following panel.ini options:

  [fileManager]
  ; Shows and hides the automatic deletion feature in the interface. The default value is `true`.	
  trash.rotation.enabled 
  ; The file size limit in megabytes. When the limit is exceeded, Plesk will skip the Recycle Bin and automatically delete new files. The default value is 5 GB.
  trash.rotation.bySize.limit 
  ; The number of days the Recycle Bin stores files. Plesk automatically deletes files older than the specified number. The default value is `30`.
  trash.rotation.byDate.limit 
  

• The Plesk login and default pages now contain the link to the “How to log in to Plesk?” KB article.
• Plesk on Cloud now automatically updates its public IP address if it was changed after the server reboot. This improvement works for Plesk on Alibaba Cloud, Amazon EC2, Amazon Lightsail, DigitalOcean, Google Cloud, and Microsoft Azure.
• Improved the loading speed of the “Databases”, “DNS Settings”, “Subscription”, and “Domain” overview pages.
• Enhanced the Help menu for Plesk administrators by including links to KB articles, release notes, Plesk Facebook community, and so on.
• The Google Drive Backup extension now has different modes for configuring personal and shared drives. We made this improvement to comply with the updated Google policy of external applications that access Google users’ data.
• Renamed the Advanced Monitoring extension and its notifications “Monitoring”.
• The plesk repair db command can no longer suggest deleting resolvable domains by mistake. (PPPM-12162)
• Sped up the website, subscription, and customer creation processes. (PPP-54306)
• Improved an error message shown when scheduled backups fail because a Plesk license has expired. (PPPM-11774)
• Sped up retrieving mailbox usage statistics via API RPC. (PPP-53647)
• A pop-up message that appears when a password of a password-protected directory user is too short no longer misses password length variables. (PPPM-12740)
• The main Plesk search field can now again handle search words with whitespace characters from one or both sides. (PPPM-13195)
• The Plesk administrator and resellers can now again customize the logo. (PPPM-13202)
• Plesk now completely cleans up leftover files after deleting a customer, reseller, or subscription that was backed up to remote storage. (PPPM-13173)
• If a customer linked a Plesk mailbox to their Plesk account and then changed the account password, Plesk now shows a message that this will change the password to the linked mailbox as well. (PPPM-13088)
• It is now possible to get information about an SSL/TLS certificate that secures mail via the CLI or REST API. (PPPM-13236)
• File Manager in Power User view now displays the content of the selected domain instead of the last created one. (PPPM-13194)
• It is no longer possible to save time for a scheduled task in an incorrect format, which broke the Scheduled Tasks page causing an HTTP error 500. (PPPM-13215)
• Plesk now stops sending automatic replies late in the evening the day before the end date. (PPPM-8995)

Linux

• Webmail clients now use PHP 7.4 shipped with Plesk by default.
• Improved stability and isolation of websites that use PHP-FPM handlers. It is now possible to choose the dedicated PHP-FPM handler for each website.
• Plesk now signs outgoing emails sent via WordPress with DKIM even WordPress uses an unauthenticated SMTP server.
• Plesk now performs a deferred Apache restart using the systemd timers.
• The plesk-modsecurity jail in Fail2Ban now works if a domain uses nginx-only hosting.
• As a part of the GDPR compliance changes, made the statistics Webalizer and AWstats collect more accurate. (PPPM-10655)
• For security reasons, the default Roundcube spell checker is now disabled in Plesk by default. (PPPM-13183)
• The plesk repair db utility now deletes orphaned DNS records from DNS zones. This prevents occasional BIND crashes after the DNS records were synchronized with the server-wide DNS template. (PPM-2347)
• It is now again possible to change the mailbox quota via API RPC. (PPPM-13197)
• The Users > Create User Account form no longer shows domains with turned off mail services in the @ drop-down list next to the “Email address” field. (PPPM-13205)
• Uninstalling a webmail client no longer breaks Apache configuration files. (PPPM-12924)
• Plesk no longer duplicates forwarded emails if their initial emails failed to be delivered. (PPPM-12341)
• In Plesk on Ubuntu 20, File Manager no longer fails to open JSON files showing the “Unable to display the file : Unsupported file format" error. (PPPM-13206)
• Users can now open the wp-config.php file and other WordPress subscription files in Code Editor. Previously it was occasionally impossible under certain circumstances. (PPPM-12921)
• An event handler triggered by the “Mail account updated” event now executes the assigned script only once. (PPPM-13218)
• MySQL dump importing no longer fails with the “ERROR 1227 (42000) at line : Access denied" error. (PPPM-13086)
• An extension that uses the guzzlehttp/promises 1.4.1 package no longer causes the “Class ‘GuzzleHttp\Promise<ClassName>’ not found” error when users try configuring the following remote storage points: Google Drive, Amazon S3, DigitalOcean Spaces, or Microsoft OneDrive. (PAUX-3748)
• Plesk now automatically deletes pre-upgrade MySQL dumps older than one year. (PPPM-10488)
• It is now possible to install Plesk on a server running on CentOS 7 x64 with preinstalled MySQL. (PPP-47540)
• Plesk now updates PHP settings of a subscription’s main domain faster. (PPPM-12136)
• Changing an IP address of a subscription with multiple domains (30 or more) no longer breaks the Postfix service. (PPPM-9733)
• It is now possible to change a subscription password via REST API by sending a request without hosting_type. (EXTREST-136)
• Custom buttons with enabled “Open URL in Plesk” now work in Power User view. (PPPM-13213)
• Plesk now correctly counts the number of a reseller’s subscriptions. (PPPM-13227)
• Plesk now correctly removes websites’ historical data after their TTL period has expired. (PPPM-10655)
• Removing all custom service plan items via the CLI no longer causes the Use of undefined constant nul - assumed 'nul' PHP warning. (PPPM-13222)
• The plesk repair mail <domain|mail-address> command now repairs the Outgoing Mail Control subsystem more reliably. (PPP-52477)
• It is now possible to open websites and webmail in Safari when HTTP/2 is enabled in both nginx and Apache. (PPPM-12381)
• Improved logging to /var/log/maillog to make it easier to detect issues (if any) with outgoing mail headers. (PPP-54314)
• Updated regular expressions used by Fail2ban to prevent it from occasionally blocking secure domains. (PPPM-12058)
• Disabling and then enabling a domain’s mail service no longer breaks mailboxes with the reserved mail names: postfix, anonymous, drweb, root, and so on. (PPPM-7702)

Windows

• Plesk now supports Windows Server 2022.
• Dropped the possibility of downloading database backup files.
• Plesk reinstallation no longer breaks Task Manager. (PPPM-13208)
• It is now possible to rename a domain that uses a custom webmail client. (PPPM-13204)
• Plesk Installer no longer incorrectly detects MySQL Connector/ODBC 5.1 as installed instead of the actually installed MySQL Connector/ODBC 5.3. (PPPM-13237)
• It is now again possible to configure advanced permissions of files using File Manager. (PPPM-13228)
• It is now possible to install the “Plesk One Edition for China” license key on a clean Plesk server. (PPPM-13241)

Third-Party Component Updates

• Updated PHP used by Plesk to version 7.4.24.

Linux

• Updated ProFTPD to version 1.3.7c.
• Updated OpenSSL used by nginx to version 1.1.1l.

Windows

• Updated Node.js 12 to version 12.22.6.
• Updated Node.js 10 to version 10.24.1.
• Updated Git to version 2.33.0.2.
• Updated OpenSSL to version 1.1.1l.

Linux

• Updating Apache to the latest version in Plesk on Ubuntu that uses PHP-FPM served by Apache no longer breaks websites causing an HTTP error 500. (PPPM-13232)
• Plesk updates on Ubuntu and Debian no longer fail if system packages are marked as “hold” in apt. (PI-726)

Linux

• Apache restart works again if the restart interval is set. (PPPM-13186)
• Specifying custom proxy_buffering values in the nginx configuration file no longer breaks websites. (PPPM-13200)

• Running plesk repair db no longer removes all aliases of a domain. (PPPM-13188)

• Improved the Plesk Dynamic List view to make it easier to navigate to and focus on individual domains.
• The WordPress tab in Dynamic List view offers shortcuts to the most useful/popular features for WordPress sites.
• When opening a domain in Service Provider view, Dynamic List view is now used instead of Active List view.
• When selecting a domain in search results in Power User view, the page automatically focuses on the required domain and the domain card is expanded.
• Plesk now redirects the customer to the created domain’s card after website creation.
• The Recycle Bin functionality in the File Manager is turned on by default for all Plesk installations.
• Updated the instructions in the DNS Helper with information about glue records’ configuration.
• Added the instructions for a number of popular registrars (CloudFlare, Freenom, Papaki, ps.kz, Exabytes, registro.br, and Porkbun) to the DNS Helper.
• After creating or uploading a WordPress website during onboarding, users can now click the “Log in to WordPress” button for easy access to the WordPress admin panel.
• Improved the loading speed of File Manager.
• Transitions between pages when navigating the Plesk interface are now more fluid.
• When creating a domain in Plesk, the progress bar is now shown in the same drawer.
• Increased the transfer speed for the SFTP Backup extension.
• Improved the behavior of the top right toaster in Plesk to prevent notifications from overlapping.
• Updated the look and feel of drawers and dialogs in Plesk.
• Plesk on cloud (AWS, Google Cloud, Azure, Alibaba, Lightsail, and Digital Ocean) now automatically re-maps private IP addresses if they change after server restart.
• Domains can now be sorted by Traffic usage in Service Provider view.
• Changing a domain’s document root to an invalid path no longer results in the invalid path being written to the Plesk database. (PPPM-12648)
• Synchronizing a subscription with its service plan no longer fails if the plan’s mailbox size value has been changed. (PPPM-12862)
• When Plesk fails to make a backup to an FTP storage, the correct error is now reported instead of “Error: Unable to export backup: Transport error: Unable to create the directory”. (PPPM-12798)
• Plesk no longer shows the “Domain is not resolvable” notification for domains with no hosting, domain aliases without web service, and domain aliases pointing to a domain with no hosting. (PPPM-12928)
• Restoring a subscription from backup no longer results in PHP handlers for all domains belonging to the subscription being set to ‘FPM application served by nginx’. (PPPM-12496)
• When typing in the database user’s password when logging in to phpMyAdmin, the password is now correctly masked by the asterisk ‘*’ characters instead of being shown in plaintext. (PPPM-12414)
• When searching for content in File Manager and finding multiple files, it is now possible to open each individual file without restarting the search. (PPPM-12389)
• Searching for domains when using the Classic list in Power User view via global search now opens the card for the correct domain. (PPPM-12948)
• Creating a backup to AWS S3 via the CLI no longer results in a misleading “Unable to save statistics. Error: DB query failed” error. (PPPM-12703)
• Upgrading to the latest Plesk Obsidian version no longer sometimes fails with the “PHP Fatal error: Uncaught JMS\Serializer\Exception\RuntimeException: Could not decode JSON, syntax error - malformed JSON.” error. (PPPM-13114)
• Clicking “see details” for a failed scheduled task now correctly shows the error details. (PPPM-13073)
• Password reset email is now correctly sent when resetting the password for a user using the username. (PPPM-13047)
• Information necessary for troubleshooting issues with backups is now being written to the backup logs. (PPPM-13021)
• Clicking the “Check for updates” link no longer results in a blank page. (PPPM-13044)
• Failed login attempts via REST API are now logged in the panel.log file. (PPPM-13144)
• When migrating, warnings about non-secure FTP are no longer shown when both the source and the target servers are configured to use secure FTPS connections only. (PPP-51587)
• It is now possible to enable mail forwarding when logged in to Plesk under a mail user account. (PPPM-13166)
• Pasting a domain name in the global search bar now immediately produces results with no need for additional button presses. (PPPM-13157)
• Removing an IP address not used for hosting no longer fails with the “The IP address is already used for hosting” error. (PPPM-13160)
• The “SSL redirect” checkbox is now cleared automatically if the “SSL support” checkbox is cleared. (PPPM-13169)
• The terminology for subscriptions’ expiration/renewal dates has been cleaned up. Now, “Expiration date” is used wherever appropriate. (PPPM-13121)
• The Plesk database now stores the mailbox quota value correctly, which fixes multiple issues (for example, occasional failures to reduce the mailbox quota). (PPP-53672)

Linux

• The latest Node.js LTS versions installation and update are now available through the renewed Node.js extension. Versions 10, 12 and 14 are supported at the moment. To enable Node.JS application hosting, install the Node.JS extension.
• Mail sent via the mail command is now signed with DKIM/Domainkeys if the sender’s domain name is the same as the server’s hostname and DKIM/Domainkeys are enabled for it. (PPPM-6690)
• Improved mail logging to make troubleshooting mail-related issues easier.
• Starting from September 15th, 2021, the SSH Terminal will be enabled by default. With this feature, all admins gain root access to the server. Learn how to disable root access.
• Starting from September 15th, 2021, the Mail Log Browser will be enabled by default.
• Unchecking the “PHP Support” checkbox in a domain’s settings now correctly disables PHP for that domain instead of switching the PHP handler to the system PHP-FPM. (PPPM-12894)
• Plesk no longer tries to deliver mail sent to an alias of a mailbox if the mail service for the domain the mailbox belongs to is disabled. (PPPM-8110)
• Restoring a pre-upgrade database dump no longer fails with the “Duplicate entry for key ‘Primary’” error. (PPPM-12003)
• Browsing a domain without hosting or the Plesk server’s hostname via HTTPS now correctly shows the default page instead of the Plesk login page. (PPPM-12289)
• Fail2Ban no longer writes a lot of irrelevant warnings to fail2ban.log.(PPPM-12887)
• The issue with AWStats calculating HTTP 206 response traffic twice for files with the ‘download’ MIME type was found to be a bug in AWStats, and will have to be fixed on the ASWtats side. (PPPM-12830)
• Scheduled tasks of the “Fetch a URL” type now have the “Plesk (fetch_url utility)” User-Agent HTTP request header. (PPPM-12363)
• Websites running on nginx + Apache can now work correctly over TLS 1.3. (PPPM-13038)
• The SSH Terminal extension now works correctly if a custom SSH port is used on the server. (PPP-53727)
• Plesk installation no longer fails with the “UnicodeEncodeError: ‘ascii’ codec can’t encode character u’\xdc’ in position 0: ordinal not in range(128)” on servers with “de_DE.UTF-8” set as the server’s locale. (PPPM-10782)
• Upgrading from Plesk Onyx to Plesk Obsidian no longer results in misleading messages being written to the upgrade log. (PI-599)
• Fail2Ban is now started automatically after Plesk initialization. (PPPM-13151)
• Restoring a subscription with one or more wildcard subdomains no longer results in the “Wrong syntax for command’s “–del-all” parameter” warning. (PPP-54025)
• On AlmaLinux 8 servers, using the Plesk firewall utility /usr/local/psa/bin/modules/firewall/settings no longer results in the “safeact: /usr/local/psa/var/modules/firewall/safeact.confirm: Address already in use” error. (PPPM-13120)
• ‘systemctl status’ now correctly reports the actual status of Plesk firewall. (PPPM-13053)
• Plesk firewall no longer blocks IPv6 neighbor discovery without multicast listener query in some environments. (PPPM-13145)
• It is now possible to get an IPv6 address via DHCP on Plesk servers with Plesk Firewall enabled. (PPPM-13164)
• Web statistics for websites using nginx as proxy are now calculated correctly on Plesk servers with Apache piped logs enabled. (PPPM-8252)
• Opening the “Settings” tab of a domain’s DNS page no longer results in the “ERROR: Error: Call to undefined method DomainAlias” error if changes were made to the server-wide DNS template, but not applied to the domain in question. (PPPM-13176)
• Plesk servers deployed on AWS no longer lose IPv6 connectivity once Plesk Firewall if enabled. (PPPM-13164)
• Fail2Ban now works correctly after reloading. (PPPM-13096)
• Scheduled tasks with notify set to “Errors only” now correctly stream stdout when running. (PPPM-13034)

Windows

• Running the plesk repair web command for a single domain no longer results in all domains with hosting being repaired. (PPP-53690)

Third-Party Component Updates

Linux

• Updated ModSecurity to version 3.0.5.
• Updated OWASP ModSecurity CRS to version 3.2.0.
• Updated sw-engine PHP to version 7.4.22.

Windows

• Updated MariaDB to version 10.3.31.
• Updated ASP.NET Core 5.0 to version 5.0.9.
• Updated ASP.NET Core 3.1 to version 3.1.18.
• Updated ASP.NET Core 2.1 to version 2.1.30.

Linux

• Updating to Plesk 18.0.37 and later no longer enables email delivery for mail accounts with disabled mailboxes. (PPPM-13129)
• In Plesk 18.0.37 and later, Watchdog daily reports sent to the Plesk administrator by email no longer contain the “ERR [panel] No entry is registered for key ‘translate’” errors. (PPPM-13128)

• Updating Plesk to version 18.0.37 no longer fails if Plesk has domains that belong to the service plan whose name contains spaces at the beginning and end. (PPPM-13114)
• Updating Plesk to version 18.0.37 can no longer rename server plans that have matching names but belong to different resellers. (PPPM-13118)

Linux

• The output of the executed plesk repair all -y command no longer shows the false positive “File Not found” errors. (PPPM-13124)
• panel.log no longer contains the “Cannot start event handler: Could not decode JSON” errors if Plesk has added event handlers whose actions produce a long output to be trimmed. (PPPM-13048)

• Added the “Connection Info” to the Dashboard in the Dynamic List. Clicking it opens a drawer where users can easily view and change access information for FTP accounts and databases.
• Clicking “Add Customer” now opens a drawer on the same page instead of going to a separate page. This should make the customer creation workflow faster and easier.
• The PHP version currently in use for a domain is now shown below the “PHP Settings” button to make it easier to read at a glance.
• Links to “Backup Manager” and “Scheduled Tasks” can now be found on the domain card as well as in the right sidebar. This should make these features easier to locate and access.
• Mail Autodiscover is no longer supported for Microsoft Outlook 2019 and O365 versions. These mail clients use Microsoft proxy servers for autodiscover requests, and this configuration is not supported in Plesk.
• Added password validation to the plesk bin database-server CLI utility. It is no longer possible to set database server password containing non-printable characters which caused issues with web statistics generation. (PPPM-12972)
• It is now possible to create a subdomain for an additional domain with hosting type set to “no hosting”. (PPPM-12952)
• Changing the language on the Plesk login page and then clicking the “Forgot password?” link no longer results in the password recovery page using the Plesk default language instead of the language chosen on the login page. (PPPM-12943)
• Setting the number of automatic replies Plesk can send to a unique email address per day to more than 100 no longer results in an error. (PPPM-12434)
• Trying to create a domain when the maximum number of domains allowed by the Plesk license or the reseller plan has already been reached no longer results in a blank screen. (PPPM-13030, PPPM-13043)
• The “Use DKIM spam protection system to sign outgoing email messages” checkbox can now be selected or cleared even if the mail service for the domain is not activated. (PPPM-13041)

Linux

• Added the ability to access the server from Plesk via a secure web-based SSH client. To use the SSH client, install the SSH Terminal extension.
• Added the ability to check the statuses of all emails sent to and from a Plesk server by reviewing the maillog and filtering by date, source, or any string pattern. It is also possible to check the maillog in real-time (‘tail -fn0’ analog). To use this feature, install the Mail Log Browser extension.
• Added the option to automatically remove emails forwarded from a mailbox in Plesk. The feature is disabled by default. To enable it, go to “Mail”, click the desired mailbox, open the “Forwarding” tab and select the “Do not deliver copies of forwarded emails to the Plesk mailbox” checkbox.
• systemd-cron is now supported on Debian 9/10 and Ubuntu 18.04/20.04. The cron package can now be replaced with systemd-cron on servers with Plesk using the OS package manager. systemd-cron is a wrapper that converts cron tasks to systemd “timers”, which solves the well-known issue with a lot of emails being sent after a failed cron job.
• Dovecot now reloads the configuration files instead of restarting whenever a mail certificate is renewed. This should resolve the issue with IMAP/SMTP connections often being closed without warning on Plesk servers hosting many domains.
• The default chroot settings are no longer changed after updating Plesk to the latest version. (PPPM-12885)
• The plesk repair utility no longer fails on file system check if the virtual host directory has been changed. (PPPM-12602)
• Running the plesk repair utility no longer results in a misleading suggestion to repair incorrect permissions if the virtual host directory has been changed. (PPPM-12325)
• On Debian/Ubuntu servers with Plesk PHP session files are now cleaned up properly if PHP from the OS repository is not installed on the server. (PPPM-13022)
• Fai2ban no longer fails while processing the “plesk-panel” jail if debug mode is enabled in Plesk. (PPPM-13051)
• Updating PHP packages from Remi’s RPM repository no longer resets permissions on /var/lib/php/session potentially causing PHP websites to malfunction. (PPPM-13068)
• Converting a CentOS server with Plesk to AlmaLinux no longer fails if the EPEL repository is enabled on the server. (PPP-53540)

Windows

• MariaDB error logs no longer contain misleading “Aborted connection” warnings related to the plesksrv service. (PPPM-12737
• Errors encountered during Plesk update are now correctly recorded in the installer log. (PPP-52706)
• Restoring a password-protected subscription backup created on another Plesk server no longer fails if the correct password is provided. (PPPM-13061)

Third-Party Component Updates

• Dropped support for MySQL versions earlier than 5.7.

Linux

• Updated sw-engine PHP to version 7.4.21.
• Updated ProFTPD to version 1.3.7b.
• Updated Courier-IMAP to version 5.1.3.
• Updated Updated Dovecot and Pigeonhole to versions 2.3.15 and 0.5.15 respectively.
• Updated phpMyAdmin to version 5.1.1.

Windows

• Updated plesk-engine PHP to version 7.4.21.
• Updated Node.js 12 to version 12.22.3.
• Updated Git for Windows to version 2.32.0.
• Updated MailEnable Standard to version 10.34.
• Updated ASP.NET Core 5.0 to version 5.0.7.
• Updated ASP.NET Core 3.1 to version 3.1.16.

• In File Manager, it is now possible to upload files from remote servers by specifying the file URL.
• It is now possible to install WordPress on CloudLinux used with the ALT-PHP handlers.
• It is now possible to add and manage DNS records (including TTL) in a DNS zone via REST API.

• Revamped the “Add Subscription” and “Add Domain” pages to make them consistent with other Plesk UX elements:

  • The “Webspace settings” section is now pre-filled and collapsed.

  • By default, Plesk now hides the Let’s Encrypt and Git sections when users create subscriptions, domains, and subdomains. To make the sections visible, add the following lines to the panel.ini file:

      [ext-sslit]
      enableSecuringNewDomain = true ; shows the "Secure with an SSL/TLS Certificate" section
      secure-new-domain = true ; makes the "Secure the domain with Let's Encrypt" checkbox selected by default
    
      [ext-git]
      enableOnSiteCreate = true ; shows the "Your Files to Copy to Hosting" section
    

• Added a progress screen shown when users create domains.
• Cleaned up the Plesk onboarding: removed distractions (for example, Plesk update notifications) that used to be shown once Plesk is installed.
• Improved protection against open redirect. The trustedRedirectHosts setting now has the default “empty” value on all existing and new Plesk installations. trustedRedirectHosts specified with the “empty” value forbids Plesk from redirecting to any hosts using the success_redirect_url and failure_redirect_url parameters because such redirecting poses a security risk.
• Plesk no longer shows DNS Helper if either IPv4 or IPv6 address resolves to the Plesk server. (PPP-52686)
• Improved the message shown when a domain name is resolved to the IP address different from the Plesk server IP. The message no longer misleadingly states that the website is offline. (PPPM-12937)
• When file upload fails in File Manager, Plesk now shows a detailed error message instead of the [[fileNotUploaded]] locale key. (PPPM-12929)
• Backing up to the Microsoft OneDrive Backup storage can no longer fail because of a failed request for a new OneDrive access token. (EXTPLESK-2654)
• The --create-map command of the pleskbackup utility is now deprecated. (PPPM-12940)
• File Manager now shows a confirmation dialog before replacing an already existing file with the uploaded one that has the same name. (PPPM-12966)
• Plesk now verifies that the number of simultaneously running backup processes to be set is more than zero. (PPPM-12927)
• It is now possible to remove the Plesk email address of a subscription’s additional users if an external email address is specified. (PPPM-12849)
• Restarting the Plesk server in Tools & Settings no longer causes the “Failed to fetch” warning to be shown in the Plesk interface. (PPPM-12962)
• It is now possible to create a subdomain of an add-on domain that has the forwarding hosting type via API-RPC. (PPPM-10784)
• The pleskbackup utility used with the --domains-name command no longer backs up the whole server instead of a subscription if the specified subscription does not exist. (PPPM-12797)
• The plesk repair utility can now detect and fix the Plesk database inconsistency that leads to the “Unable to find row with id X in IP_Addresses table” error during migration or backup restoration. (PPPM-12843)

Linux

• It is now possible to create a subdomain of a disabled domain if the “Force daily log rotation for all domains” server setting is turned on. (PPPM-11930)
• Webmail is now turned on by default for domains created via API-RPC. (PPPM-12355)
• The plesk repair utility now fixes incorrect permissions in /usr/local/psa/PMM/rsessions, which in turn fixes backup and restoration logs. (PPPM-12786)
• If a domain’s IPv6 address is set to “none”, running the plesk repair db utility no longer shows the false positive “The following domains are assigned to already removed IP addresses.” error message. (PPPM-12988)
• A system user that uses the “bash (chrooted)” shell can no longer lose the ability to connect via SFTP. (PPPM-12969)
• Plesk now daily rotates PHP-FPM error logs to prevent them from consuming all the server disk space and eventually causing issues on the server. (PPPM-11362)
• Fail2ban logs and database backups can no longer consume all the server disk space. (PPPM-12981)
• Suspending a subscription that has an add-on domain with the forwarding hosting type and a subdomain of the add-on domain no longer breaks the Apache configuration. (PPPM-12939)
• nginx now returns a 404 Not Found error when requesting a non-existent static file larger than 1023 bytes whose URL contains a trailing slash. (PPP-53248)
• Disabling a domain whose webmail service was uninstalled no longer generates an incorrect webmail configuration. (PPPM-12984)
• Removing the /usr/local/psa/PMM/rsessions directory and then going to Backup Manager no longer prevents further backup restoration and download of restoration logs. (PPPM-12785)
• In Plesk on Ubuntu with libc6 version 2.31-0ubuntu9.3 or later, a subscription’s system user that uses the “bash (chrooted)” shell can now connect to the Plesk server. (PPPM-12954)
• Subscriptions’ system users that use the /bin/false shell now log in to the Plesk server via FTP faster. (PPPM-12909)
• In Plesk on a Debian-based system, rereading IP address to repair misconfigured ones no longer duplicates IP addresses in /etc/network/interfaces. (PPPM-12941)
• If Plesk with Postfix that uses milter_protocol=2 receives an email, this no longer kills the pc-remote service. (PPP-53325)
• Plesk Log Browser now displays logs compressed in the GZIP format. (PPPM-12976)
• Plesk now correctly applies locale keys of non-English Horde interface languages. (PPPM-12886)
• Generating a server report no longer fails in Plesk that has a large number of objects (for example, domains or mailboxes). (PPPM-12816)
• Apache now runs if it is configured with TLS 1.3 ciphers only. (PPPM-12964)
• Plesk now vacuums the Fail2ban database weekly to prevent it from growing large. (PPPM-12981)

Windows

• Plesk no longer fails to create mail for a subscription that belongs to the service plan that has a disabled webmail client selected. (PPPM-12968)
• Changes in the %plesk_dir%MySQL\my.ini file no longer prevent updating Plesk Onyx to Plesk Obsidian. (PPPM-12994)
• Improved the error message shown when Plesk cannot restore a remote SFTP backup because one or more database server types (for example, Microsoft SQL Server) present on the remote storage server are not present on the Plesk server the backup is being restored on. (PPPM-12974)
• It is now possible to turn on the Atomic Standard rule set in ModSecurity. (PPPM-13001)
• The plesk repair mail utility no longer fails if the “DNS zones for DNSBL service” server-wide mail setting field contains a long string. (PPPM-13002)
• Plesk now changes a domain’s PHP version in the IIS configuration files even if the PHP handler was previously uninstalled. (PPPM-12911)
• The %plesk_dir%MySQL\Data*.err file can no longer contain errors and warnings related to the PleskWebSocket service. (PPPM-12737)

Third-Party Component Updates

• Updated PHP used by Plesk to version 7.4.18.

Linux

• Updated nginx and sw-cp-server to version 1.20.1.
• Updated the sw-cp-server components: nginx-dev-kit to version 0.3.1 and lua-nginx-module to version 0.10.19.
• Updated Phusion Passenger to version 6.0.8.
• Updated Dovecot and Pigeonhole to versions 2.3.14 and 0.5.14 respectively.
• Updated Xdebug to version 3.0.4.

Windows

• Updated BIND to version 9.16.15.
• Updated ASP.NET Core 5.0 to version 5.0.6.
• Updated ASP.NET Core 3.1 to version 3.1.15.
• Updated ASP.NET Core 2.1 to version 2.1.28.
• Updated Node.js 12 to version 12.22.1.
• Updated MariaDB 10.5 to version 10.5.10.
• Updated MariaDB 10.3 to version 10.3.29.
• Updated SQLite to version 3.35.4.
• Updated Microsoft ODBC Driver 17 for SQL Server to version 17.7.2.1.