• Creation of a remote backup with the enabled “Create a multivolume backup, volume size (MB)” option no longer results in the “Error: The backup process failed: expected str, bytes or os.PathLike object, not int” error. (PPPM-13739)

• WordPress Toolkit now works correctly with all locales. (PPPM-13735)

Linux

• Creation of a domain backup no longer fails when the “Exclude log files” or “Exclude specific files from the backup” options are enabled. (PPPM-13733)

• When using the Laravel Toolkit extension, the “Install Composer.json dependencies” step during application deployment is now optional and can be skipped.
• Added the ability to integrate Plesk with different webmail clients to the Plesk SDK.
• Security improvements. Special thanks to Theologos Kokkinellis for reporting the issue.
• Added the ability to see entries from .NET applications’ logs in Plesk Log Viewer to the .NET Toolkit extension.
• After renaming a subscription, the subscription’s old name no longer keeps showing up in Laravel Toolkit. (PPP-57840)
• Plesk database inconsistencies no longer result in a blank page when clicking on a subscription. (PPP-58132)
• When opening the “Limit Outgoing Messages” window for one or more mailboxes, human-readable text is now shown instead of placeholders. (PPPM-13669)
• Trying to open the Tools & Settings > Database Servers page when there are inconsistencies in the Plesk database no longer results in being redirected to the Home page without an error message. (PPPM-13685)
• In Service Provider View, it is once again possible to close the “Add Domain” drawer by clicking the cross icon in the upper right corner. (PPPM-13706)
• It is now possible to see the log check results for more than ten websites at once when using the “Website Log Check” feature. (PPPM-13684)
• Custom page titles containing the hyphen (-) character are no longer cropped. (PPPM-12271)
• Plesk has changed its trial license limits on September 27. All trial licenses created after that date will be limited to managing three (or less) of the following: domains, domain aliases, mailboxes, mail accounts, user accounts, and web users. You can purchase non-trial Plesk licenses without these limitations.

Linux

• Plesk Obsidian is now available as a cloud image on the Oracle Cloud Marketplace. The image is based on Ubuntu 22 and uses the ARM CPU architecture to lower hosting costs.
• Published a new Plesk Obsidian cloud image on Amazon Marketplace. The image is based on Ubuntu 22 and uses the ARM CPU architecture to lower hosting costs.
• On CentOS 8 servers, creating an additional FTP account for a domain no longer results in incorrect ownership being set on the domain’s files and directories. (PPPM-12524)
• The “Default domain, DNS zone of domain alias updated” Event Manager event no longer fires when the DNS zone of the primary domain is modified, but the option “Synchronize DNS zone with the primary domain” for that domain’s alias is switched off. (PPPM-13646)
• Running the plesk repair mail -y command no longer adds unnecessary entries to the data.db file. (PPPM-13693)
• Updating from Plesk Onyx to Plesk Obsidian no longer fails with the “Exception: Failed to solve dependencies” error because one or more necessary repositories are not configured. (PPPM-10923)
• Installing Plesk Obsidian on a Red Hat Enterprise Linux 8 server using Amazon RHUI repositories no longer fails with the “Failed to check system configuration” error. (PPPM-12538)
• Opening Log Browser no longer results in an endless “loading” screen under specific circumstances. (PPPM-13697)
• Specifying a custom sender address for Plesk email notifications in the panel.ini file is now correctly used in notification emails. (PPPM-13686)
• A comprehensible error message is now shown when updating Plesk fails because there are one or more unsupported repositories configured on the server. (PPPM-13716)
• On Debian-based servers, the fsmng command line utility no longer fails when run. (PPPM-13691)
• On Ubuntu 22 servers, enabling the pagespeed module via the plesk sbin nginx_modules_ctl -e pagespeed command no longer results in an error. (PPPM-13699)
• Applying changes made to the SOA template no longer also applies the default DNS template to domains with custom DNS records. (PPPM-12685)
• When adding one or more custom headers to a website, the trailing double quote (“) character is no longer removed. (PPPM-13695)
• On Ubuntu 22 servers, connecting to websites over SSL/TLS via PHP code no longer fails with the “OpenSSL Error messages: error:0A000126:SSL routines::unexpected eof while reading” error. (PPPM-13710)
• When creating a domain with mail service or adding mail service to a domain, mail service creation no longer fails with the “ERROR:main:UNIQUE constraint failed” error. (PPPM-12229)

• Installing Plesk with MariaDB 10.6 inside a Virtuozzo container no longer fails. (PPPM-13640)

  **Note:** Plesk Obsidian is installed inside a Virtuozzo container with MariaDB 10.3. To use a different MySQL implementation, pre-install it before installing Plesk.
  

• When updating to Plesk Obsidian 18.0.46, the awstats-icon alias is now correctly updated for websites set as default sites for one or more IP addresses. (PPPM-13703)
• Running the apt update command after an unsuccessful attempt to install a Plesk extension no longer fails. (PPP-58250)
• The “Remove alias” button is now shown for all mail aliases belonging to a mailbox, including the first one in the list. (PPPM-13721)

Windows

• The .NET Toolkit extension is now available in Plesk for Windows.
• Running the plesk bin repair --web -sslcerts command now correctly repairs webmail SSL certificates. (PPP-57692)
• Renaming a subscription now fails with a human-readable error message if the home directory for one or more of that subscription’s additional FTP accounts is missing. (PPPM-13657)
• When updating a Plesk Obsidian server with the Git extension installed to the latest version, the misleading “ERROR: The process “git-cmd.exe” not found.” error message is no longer shown. (PPPM-13688)
• On Plesk servers with a custom favicon configured, updating to the latest Plesk version no longer results in it being replaced with the default one. (PPPM-13705)

Third-Party Component Updates

Linux

• Updated Courier-IMAP to version 5.1.8.
• Updated Roundcube to version 1.6.0.
• Updated ProFTPD to version 1.3.7e.
• Updated libcurl to version 7.85.0.
• Updated Turba to version 4.2.29.

Windows

• Updated MariaDB 10.6 to version 10.6.9.
• Updated MariaDB 10.5 to version 10.5.17.
• Updated MariaDB 10.3 to version 10.3.36.
• Updated boost to version 1.80.0.

• When clicking checkboxes, they are now selected or cleared correctly again. (PPP-58373)

• It is now again possible to add a CNAME record with underscore symbols on the “DNS Settings” screen. (PPP-58251)

• A number of improvements were made to the Laravel Toolkit extension:

  • Added the ability to turn maintenance mode off (php artisan down) and on (php artisan up) on the “Dashboard” tab in the extension interface.
  • Added the ability to automatically turn maintenance mode on and off for the duration of the application deployment.
  • Added the ability to manage deployment steps of the application on the “Deployment” tab in the extension interface.

  • Added the ability to switch between the automatic and manual deployment modes of the application on the “Dashboard” tab in the extension interface.

    If you select the automatic deployment mode, the application will be automatically deployed after a push to the repository (if the repository is local) or a webhook call (if the repository is remote). If you select the manual deployment mode, the application will be deployed when you click the Deploy button in the Laravel Toolkit or the Git extension interface.

  • A single webhook is now used for the Git and Laravel Toolkit extensions.

• A number of improvements were made to the Git extension:

  • The extension now deploys files to production websites asynchronously if the deployment was triggered by a webhook.
  • Added the run-actions option to the createand update API methods, which enable/disable execution of additional deployment actions.
  • Added the async-deploy method to the CLI and XML API. The method invokes the asynchronous deployment of files to the production website.
  • Fixed removal of additional deployment actions after disabling them in the Plesk interface.

• A number of improvements were made to the Transfer of DNS Records extension:

  • It is now possible to perform DNS record lookup.
  • The extension now supports DNS templates for the Google Workspace and Office 365 services.
  • Improved DNS records import algorithm.
  • Running the import CLI command no longer fails in Plesk on CentOS.

• A number of improvements were made to the Plesk Mobile Center extension:

  • Added support for Android 13.
  • Improved work with the mobile version of Plesk.
  • Improved app stability.
  • Fixed bugs related to the accessibility of the Plesk extension logs.
  • (Plesk for Linux) Fixed the issue where logs for the latest Plesk versions were not displayed.
• Added the “Reset admin’s password on the next login” checkbox (cleared by default) to the Plesk initialization screen.
• Added the ability to hide the entire “Assistance & Troubleshooting” section of the Tools & Settings menu in Restricted Mode.
• When a subdomain for a website with a resolvable domain name is created, SSL It! now waits for the subdomain name to become resolvable as well before trying to secure it with a Let’s Encrypt SSL certificate. This prevents situations where a newly created subdomain could not be secured with the “The domain is not resolvable” error. (PPPM-12892)
• The “Interface Controls Visibility” tab has been removed from the Tools & Settings > “Interface Management” menu because most of the controls found on the tab were obsolete. The “Hide controls for rejection messages for non-existent mail addresses” checkbox has been renamed to “Hide bounce controls” and moved to the “Interface Views” tab.
• Updated the appearance of pie charts used to show domains’ disk and traffic usage information.
• Updated the interface of the Tools & Settings > Services Management menu to make it easier to read the current status of services at a glance. (PPPM-13598)
• Incremental server backups created in remote storage no longer take an unreasonably long time to finish. (PPPM-13635)
• Creating a subscription using a private IPv6 address mapped to a public IP address in Tools & Settings > IP Addresses no longer results in the private IP address being used in the domain’s DNS records instead of the public IP address. (PPPM-13650)
• Removing a user with the “WebMaster” role no longer fails with the “Error 500: Unable to find instance with id in database” message. (PPPM-13655)
• Sorting scheduled tasks in Tools & Settings > Scheduled Tasks (Cron jobs) by “Schedule” now works properly. (PPPM-13661)
• The plesk db command line utility no longer uses the --no-defaults option when calling the mysql or mysqldump commands. (PPPM-10414)
• It is no longer possible to create a CNAME DNS record using an IP address as the canonical name. (PPP-57900)

Linux

• We are glad to introduce the production version of the .NET Toolkit extension. Added the following improvements to the extension:

  • It is now possible to manage installed versions of the ASP.NET Core Runtime.
  • It is now possible to create a website running on ASP.NET Core with just a few clicks (Websites & Domains > Add Domain > .NET site).
  • Added the ability to restart the application.
  • .NET Toolkit configuration is now included in Plesk backups.

• A number of improvements were made to the Log Browser extension:

  • It is now possible to view the systemd/journalctl logs in the Plesk interface.
  • The extension can now filter logs by priority.
  • Redesigned the log filter form.
  • The extension now uses journalctl as the default source of mail logs.

• We are glad to announce official support of ARM-based servers:

  • Plesk can now be installed on ARM-based servers running on Ubuntu 22.
  • The SSH Terminal extension can now run on ARM-based servers.
  • SFTP Backup can now run on ARM-based servers.
• nginx shipped with Plesk is now compiled with ngx_http_geoip2_module out of the box. This makes it possible to use MaxMind Geo IP databases to detect visitor’s geographical location by their IP address. This, in turn, makes it possible to limit access to websites to visitors from certain countries, or to automatically redirect them to country-specific URLs.
• The plesk repair sysusers CLI utility can now be used to repair system users on Plesk for Linux servers.
• Reports sent by Watchdog by mail no longer arrive incomplete if the report length exceeds 131072 chatacters. (PPPM-13474)
• Running the plesk repair web command no longer produces an error for every disabled Apache PHP module if the mpm_event module is enabled. (PPPM-13512)
• AWStats now correctly calculates the stats for the last day of the month if nginx is disabled on the server. (PPPM-13568)
• On Plesk servers running on Red Hat Enterprise Linux 8 and its derivatives with the Extra Packages for Enterprise Linux (EPEL) repository configured, running the dnf update command now properly updates the “plesk-phpXX-imagick” packages. (PPPM-13570)
• Plesk Premium Antivirus no longer fails to start on Plesk servers with TLSv1.x protocols disabled for the Plesk web server. (PPPM-13576)

• On Plesk servers running on Red Hat Enterprise Linux 8 and its derivatives with the Extra Packages for Enterprise Linux (EPEL) repository configured, installing AWStats packages from the EPEL repository no longer results in AWStats being non-functional.(PPPM-13617)

  Note: If you have disabled the installation of AWStats packages from the EPEL repository, you need to undo the changes, or else future Plesk updates will fail.

• Restoring one or more subscriptions from backup that had their hosting type changed from forwarding to physical hosting after the backup was created no longer results in unnecessary email notifications. (PPPM-13630)
• Misleading “Warning: Extension “Laravel Toolkit” Unable to back up extension.” message is no longer shown when creating a backup on a Plesk server with the Laravel Toolkit extension installed. (PPPM-13632)
• Disabling the DNS service for a domain no longer removes the Add Record button in Hosting & DNS > DNS Settings. (PPPM-13643)
• The Event Manager “Default domain, DNS zone of domain alias updated” event no longer triggers when the DNS zone of a domain with one or more domain aliases with the “Synchronize DNS zone with the primary domain” option disabled is modified. (PPPM-13646)
• Postfix shipped with Plesk is once again compiled with MySQL support. (PPPM-13665)
• Removing a mail address from SpamAssassin’s black or white list in Plesk no longer results in the address being removed from the list in Plesk but not in the SpamAssassin’s configuration files. (PPPM-13670)
• It is once again possible to send mail without authentication using the sendmail -bs command. (PPPM-13584)
• Emoji characters stored in MySQL databases are now backed up and restored properly. (PPPM-10414)

• Starting from Plesk 18.0.48 (November 8th, 2022), Ubuntu 20.04 LTS on the ARM architecture will no longer be supported.

  We do recommend that you either migrate to a supported OS using Plesk Migrator or run dist-upgrade to upgrade your Ubuntu 20.04 instance.

Windows

• Node.js 16 is now supported.
• To help Plesk users in India comply with the new data law, Plesk now provides a script that can be used to copy Plesk log files to a different server for long-term storage. Learn more and download the latest version of the script here.
• Internal server errors caused by running PHP CLI utilities are now caught and reported properly. (PPP-57663)
• Renaming a subscription whose main domain is disabled no longer makes the domain’s directory inaccessible for additional FTP users. (PPPM-13654)
• Scheduled backups no longer result in an email notification warning about the “Extra content at the end of the document” error being sent under specific circumstances. (PPPM-9405)

Third-Party Component Updates

Linux

• Updated sw-engine PHP to version 7.4.30.
• Updated Roundcube to version 1.5.3 (for OSes other than Red Hat Enterprise Linux 7, CentOS 7, CloudLinux 7.1, and Ubuntu 18.04).
• Updated Dovecot and Pigeonhole to versions 2.3.19.1 and 0.5.19, respectively.
• Updated RRDtool to version 1.8.0.

Windows

• Updated Node.js 16 to version 16.16.0.
• Node.js 4, 6, 8, 10, and 12 are no longer shipped with Plesk.
• Updated ASP.NET Core 6.0 to version 6.0.8.
• Updated ASP.NET Core 3.1 to version 3.1.28.
• Updated libcurl to version 7.84.0.

Linux

• Sending mail via sendmail -bs no longer requires any additional actions from customers. (PPPM-13584)

Linux

• In the Beta version of the “Wesite Log Check” tool, the requests bar is now displayed correctly. (PPP-57762)
• Opening a domain card from the Websites & Domains page no longer results in a blank screen. Previously the error occurred when the “Website Log Check” feature was manually enabled in the panel.ini file. (PPPM-13639)
• It is now possible to send mail via sendmail -bs again. (PPPM-13584)
• Added missing /usr/lib/plesk-9.0/remove_temp_backups to the “plesk-backup-utilities” package. (PPP-57734)

• Added a new feature “Website Log Check” (Beta). You can use it to scan web server logs for evidence of common issues, see how often a specific issue occurs, and get suggestions about ways to resolve them. Learn more about Website Log Check. To enable the feature, add the following lines to the panel.ini file:

  [websitesDiagnostic]
  enabled = true
  

• Plesk administrator can now specify a custom email address to be used as a mail relay (the address will be used as the sender address for all Plesk email notifications found in “Tools & Settings” > “Notifications”). Using an email address with a properly configured domain (DKIM, SPF records, etc.) would ensure that the notifications would not be treated as spam. To do so, add the following lines to the panel.ini file:

  [notification]
  senderAddress=<custom email address>
  

• The new password strength validator is now enabled by default. Learn more about the new password strength validator.
• Added the ability to schedule tasks to the Laravel Toolkit extension.
• Added the ability to run Node.js commands choosing the Node.js version and the package manager (npm/yarn) to the Laravel Toolkit extension (the Node.js extension must be also installed).
• It is now possible to upload a custom favicon in Plesk via the GUI. To do so, go to “Tools & Settings” > “Branding” (under “Plesk Appearance”). In addition, the custom favicon is no longer reset to default when updating Plesk.
• Re-added the ability to sort the list of domains by creation date.
• Additional users restricted to accessing only one specific subscription can no longer see the list of all subscriptions of the customer. (PPPM-13599)
• Emails (sent by Package Update Manager) containing the list of packages with updates available no longer mention packages that have already been updated to the latest version. (PPPM-12733)
• It is now possible to log in to Plesk as an additional user whose password has been reset via a password reset link. (PPPM-13558)
• The website preview thumbnail now gets rendered correctly. (PAUX-5171)

Linux

• We are glad to introduce the beta version of the .NET Toolkit extension. This extension enables you to:

  • Run ASP.NET Core applications on your Plesk for Linux server.
  • Use .NET 6 Core out of the box.
  • View the extension logs in Log Browser.
  • Configure environment variables.
• Added the ability to manually clear nginx cache for websites with nginx caching enabled, both via the GUI and using the plesk bin subscription_settings --clear-nginx-cache <domainName> command.
• Dropped support for Debian 9.
• The nginx ModSecurity ruleset from Comodo in now available in Plesk.
• To help Plesk users in India comply with the new data law, Plesk now provides a script that can be used to copy Plesk log files to a different server for long-term storage. Learn more and download the latest version of the script here.
• Updating to Plesk Obsidian 18.0.44 in unattended mode on a server with a customized Extra Packages for Enterprise Linux (EPEL) repository no longer fails with the “Plesk installation requires ‘epel’ OS repository to be enabled” error. (PPPM-13588)
• Running the plesk bin ipmanage --auto-remap -drop-if-exists command on a server where one or more IP addresses are listed in the Plesk database but are absent from network interfaces now correctly re-maps IP addresses in addition to removing the missing IP addresses from the database. (PPPM-13467)
• Running the plesk bin ipmanage --remap command now correctly updates DNS records for domain aliases. (PPPM-13521)
• Running the plesk sbin fsmng --fix-plesk-packages command on a server with Plesk running on a dpkg-based OS now fixes permissions on directories. (PPPM-13524)
• Disabling SpamAssassin for a mail account with a large number of mail aliases no longer fails with the “ERR [panel.ui] spammng failed:” error. (PPPM-13539)
• Custom error pages are now shown even if the nginx proxy mode is disabled for the domain with configured custom error pages. (PPPM-13542)
• Temporary files created when restoring backups on Plesk servers with Fail2Ban and/or ModSecurity enabled are now cleaned up periodically. (PPP-57024)
• The SSH Terminal extension no longer shows the “Connection broken” error every time the plesk repair web command is run on the server. (EXTPLESK-3509)
• It is now possible to rename a mail account using the name of a previously deleted mail account if that account was deleted after removing SpamAssassin. (PPPM-13567)
• Plesk Health Monitor no longer generates garbage files on Plesk servers with Cgroups enabled when users logged in via SSH perform operations on files stored on loop devices. (PPPM-13573)
• Statistics collection no longer gets stuck under very specific conditions. (PPPM-13581)
• Running the plesk bin service_plan -u 'Default Domain' -nginx-proxy-mode true command no longer results in an error. (PPPM-13586)
• Scheduled tasks fetching an URL containing one or more “%” characters no longer fail when run. (PPPM-13593)
• php-fpm_error.log files can now be opened and viewed in Log Browser. (PPPM-13596)
• Dedicated PHP-FPM processes are now stopped if the corresponding domain is suspended. (PPPM-13597)
• Switching to a different domain owned by the same subscription when on the “Mail Settings” screen no longer results in the “Warning: Possible phishing attempt detected: The link you used attempted to redirect you to another site.” error. (PPPM-13603)

Windows

• Domains are now created approximately 10% faster.
• Removed the Plesk Premium Antivirus component from the “Recommended” preset.
• The current status (enabled/disabled) of the “Deny IP Address based on the number of concurrent requests” and “Deny IP Address based on the number of requests over a period of time” IIS features is now correctly shown in Plesk. (PPPM-13613)
• Selecting either “Preventing DoS attacks by IIS dynamic IP restriction” or “Deny IP addresses based on the number of requests over a period of time” checkbox in the Plesk GUI no longer results in both “Deny IP Address based on the number of concurrent requests” and “Deny IP Address based on the number of requests over a period of time” IIS features being enabled at once. (PPPM-13614)
• Accessing the backups menu when the pmm-ras.exe binary is missing from the server now results in a comprehensible error message. (PPPM-13391)
• Plesk distributive files stored in the “C:\ProgramData\Plesk\Installer\cache” folder during Plesk update are now cleaned up once an update is installed. (PPPM-13572)
• Plesk now correctly shows whether a website’s dedicated IIS application pool is set to 32-bit or not when the Turkish locale is selected. (PPPM-13616)

Third-Party Component Updates

Linux

• Updated Logrotate to version 3.20.1.

Windows

• Updated ASP.NET Core 6.0 to version 6.0.6.
• Updated ASP.NET Core 3.1 to version 3.1.26.
• ASP.NET Core 5.0 is no longer shipped with Plesk.
• Updated PHP used by plesk-engine to version 7.4.30.
• Updated MariaDB 10.6 to version 10.6.8.
• Updated MariaDB 10.5 to version 10.5.16.
• Updated MariaDB 10.3 to version 10.3.35.
• Updated boost to version 1.79.0.
• Updated libcurl to version 7.83.1.
• Updated Turba to version 4.2.27.
• Updated BIND to version 9.16.30.

• Updated Horde Turba to version 4.2.27 to fix the CVE-2022-30287 vulnerability.

  We strongly recommend that you update Plesk.

• It is now again possible to view the list of existing WordPress websites and create new ones in WordPress Toolkit. (PPPM-13587)

Linux

• Plesk migration now restores all the required data and no longer completes with the “PHP Fatal error: Uncaught TypeError: Return value of Plesk\Service\Driver\Dns\Plesk\Core::callDnsmng() must be an instance of Service_Agent_Response_Abstract” error. (PPPM-13580)

Windows

• Adding a MS SQL server no longer fails with the “Class ‘MssqlLocalHost’ not found” error. (PPPM-13578)

Linux

• Sending mail via sendmail -bs is no longer restricted. (PPPM-13584)
• The cloning utility with the -reset-license option now works in Plesk on Ubuntu 22. (PPP-57259)
• Plesk Update Manager now works on Ubuntu 22. (PPPM-13575)

• We are glad to introduce the production version of the Laravel Toolkit extension. Added the following improvements to the extension:

  • Use the extension in Plesk for Windows.
  • Deploy a Laravel skeleton application on a domain.
  • Create a website with the latest Laravel version with just a few clicks (Websites & Domains > Add Domain > Laravel site).
  • Introduced the new “Deployment” section that makes it possible to use custom scripts to deploy applications.
  • View the extension logs in Log Browser.
  • (Plesk for Linux) Run artisan and composer commands without having to specify the whole path.
  • Enjoy smoother transitions between screens with introduced content placeholders. When Plesk loads application cards as well as Composer and Artisan sections, you can now see their rough skeletons.
  • Multiple UX improvements.
• The new “Add Domain” screen is now enabled by default. Learn more about this improvement.
• The /root/.my.cnf file that contains the password for the MySQL console client no longer blocks Plesk automatic updates.
• The interface in Power User View is now always set to “All webspaces” unless users select the desired webspace themselves. As soon as the Plesk administrator creates the second webspace, they now see a hint on how to switch between webspaces.
• Made the transitions between domain cards smoother by introducing content placeholders: when Plesk loads a domain card, users now see its rough skeleton.
• It is now possible to change IP addresses of subscriptions with “Forwarding” and “No hosting” types.
• Made it more clear for users how to add SRV DNS records: the “Service name” and “Protocol” fields now have correct examples. (PPP-56626)
• If Plesk has a subscription with the limit on domain aliases or subdomains set to zero, this no longer prevents the Plesk administrator from creating domain aliases and subdomains in the Plesk interface. (PPPM-13534)
• Specifying empty values of panel.ini settings no longer stops the domains’ “PHP Settings” page from being loaded. (PPPM-13516)
• Subscriptions’ names in Customer Panel are now again sorted in alphabetical order. (PPPM-13517)
• File Manager now correctly uploads directories with empty files or directories inside. (PPPM-13535)
• Clearing the “Mail messages” checkbox in Backup Manager > Back Up no longer resets the backup type to “Incremental”. (PPPM-13503)
• Changing PHP settings of a locked subscription no longer overrides them with the default PHP settings of the service plan the subscription was based on. (PPPM-11555)
• Operations with multiple items selected from the list now again work in Plesk extensions. (PPPM-13548)
• Increased the length of the “TXT record” text field for the following types of DNS records: TXT, MX, DS, and CAA. (PPP-56760)
• Plesk again shows the content of the Application Catalog categories (“All Available Applications” > “Web”, “Collaboration”, and so on). (PPPM-13546)
• Restoring a domain from a backup now preserves custom TTL values of the domain’s DNS records. (PPPM-13426)

Linux

• The console now works using a domain’s PHP version instead of the system PHP. Customers can now run artisan, composer, and other commands without having to specify the whole path.

  To propagate and turn on the feature for all subscriptions, run the plesk bin php_settings --update-all command.

  To use the feature in Scheduled Tasks, prepend the cron command with the following:

  export PATH="/opt/plesk/phpenv/bin:$PATH"; eval "$(phpenv init -)";
  

  To disable the feature and bring back how the console worked before, add the following lines to the panel.ini file:

  [php]
  phpenv = off
  

  Note: The feature works for Plesk PHP handlers only. It does not work for custom PHP handlers and CloudLinux with CageFS.

• Ubuntu 22.04 is now supported, with certain limitations. You can use the dist-upgrade procedure to upgrade your OS from Ubuntu 20.04 to Ubuntu 22.04.
• It is now possible to customize the client_max_body_size nginx directive in the Plesk interface, via the CLI, and via the XML API.
• It is now possible to change a database user password on the remote database server Percona MySQL 8.0.23. (PPPM-13538)
• The “PHP-FPM settings” section in a domain’s PHP settings is now present for custom PHP handlers. (PPPM-13507)
• If Apache-only hosting is turned on, third-party services that use the “Host” header validation (for example, Grafana) now work. (PPP-56778)
• Log rotation now works correctly after updating to Plesk Obsidian 18.0.43 even if /usr/local/psa/etc/logrotate.conf was customized. (PPPM-13519)
• Fixed the error message shown when a password is not complex enough for the the “Very Strong” password strength policy. (PPPM-13550)
• In Plesk on Debian 10 and AlmaLinux 8, a start, stop, or restart of the dedicated PHP-FPM handler no longer fails with the “Unable to stop service: Variable “$actionType” got invalid value “stop”” error. (PPPM-13547)
• It is no longer possible bypass email sending restrictions for Postfix and qmail by using the -bs option with the sendmail wrapper. (PPPM-13497)
• When editing a domain’s PHP settings in the “Common settings” section, the cursor no longer jumps to the end of the text box. (PPPM-13554)
• On certain servers, Plesk no longer runs its Daily Maintenance tasks significantly longer than 24 hours. (PPPM-13532)
• Collecting statistics for a domain with a large number of files (about one million) now consumes significantly less RAM. (PPPM-13415)
• BIND no longer fails to start if Plesk has websites with enabled DNS zones but absent NS records. (PPPM-13468)

Windows

• It is now possible to use the Laravel Toolkit extension.
• Backup restoration no longer fails if the DNS server was deleted from Plesk and a custom DNS service is used (for example, DigitalOcean DNS). (PPPM-13511)
• When users select the “Tradeoff” or “Thorough” configurations in ModSecurity, they now see the confirmation dialog, which informs that these configurations may disrupt operation of WordPress websites. (PPPM-13504)

Third-Party Component Updates

• Updated PHP used by Plesk to version 7.4.29.
• Updated libcurl to version 7.83.0.

Windows

• Updated POCO to version 1.11.2.
• Updated ASP.NET Core 6.0 to version 6.0.5.
• Updated ASP.NET Core 5.0 to version 5.0.17.
• Updated ASP.NET Core 3.1 to version 3.1.25.

• ionCube Loader is no longer shipped with Plesk because of the reorginization of the third-party component shipment with Plesk. ionCube will be automatically installed in one of the upcoming releases in the scope of installation of the PHP components.

  To use ionCube Loader, install it manually.

  Note: The already installed ionCube Loader component continues to work but PHP updates no longer update the component.

• Excluded the myLittleAdmin component from the “Full Installation” preset and marked the component as outdated.

  Note: The vendor does not support myLittleAdmin since 2013. Using outdated components is not secure. You can still install the component at your own risk by doing the following:

  • (During Plesk installation) Select the “Custom” installation type and then select myLittleAdmin.
  • (After Plesk installation) Run the plesk installer add --component mylittleadmin command.

Linux

• Updating Plesk to version 18.0.43 no longer fails when MySQL Community Server is used. (PPPM-13514)

• The new ‘Add Domain’ screen is now enabled by default for new Plesk Obsidian installations. This screen provides additional domain creation options:

  • Create a blank site.
  • Create a WordPress site.
  • Upload content using File Manager after website’s creation.
  • Connect a Git repository.
  • Import website from another hosting.

  To disable it, add the following lines to the panel.ini file:

    [domainManagement]
    applicationWizard.enabled = false
  

• Node.js applications now write their logs to separate log files that can be viewed in the Log Browser. To disable this feature, add the following lines to the panel.ini file:

    [ext-nodejs]
    showApplicationLogs = false
  

• The Node.js extension now automatically cleans up the downloaded archives of minor Node.js versions that are no longer necessary from the extension’s cache.

• Fine-tuned the password strength validator in Plesk to make it better at accurately evaluating strength of passwords generated by third-party applications and services.

  The feature is disasbled by default because it may affect the automatic password generation scripts that must meet the new requirements. To enable the updated password strength validator, add the following lines to the panel.ini file:

    [passwordManagement]
    estimator = zxcvbn
  

  The feature will be enabled by default in Plesk Obsidian 18.0.45. Read more about this feature.

• For customers, who use automatic scripts for subscriptions/customers creation the new “API 1038 error code” was added. This error code will be returned to a 3rd-party system if a used password was not accepted by Plesk so it will be possible to reinitiate the password generation process. It means that customers with a such scenario can update their scripts to reinitiate a password generation and validation process if the previous password was not accepted.
• On Plesk servers using BIND as the DNS server, the “notify-to-soa” option is now in effect. This ensures that the NS server specified as the primary master name server for a DNS zone in the zone’s SOA record is sent NOTIFY messages. This is useful in “hidden master” scenarios where the master NS server is not listed at the registrar and does not have an NS record in the DNS zone, and a slave NS server is listed in the SOA record instead.
• Increased the speed of website preview generation for certain websites.
• Increased the speed of switching between domains by up to 25% while using the File Manager or the domain card.
• When configuring a custom TTL value for a DNS record for a domain, the custom value is also propagated to the DNS zones of all of that domain’s domain aliases. (PPPM-13425)
• Receiving one or more emails with very long subject lines no longer causes some information to not be shown in “Tools & Settings” > “Mail Queue”. (PPPM-13462)
• Clarified the notification shown when one or more backup files in remote FTP storage do not conform to the expected naming conventions. (PPPM-13453)
• When scrolling through the contents of a directory in File Manager, the list of the files can no longer partially be seen through the page’s footer. (PPPM-13374)
• Configuring or attempting to back up to a remote FTP repository hosted on the Azure Blob service no longer fails with the “(SSH_FX_OP_UNSUPPORTED)” error. (EXTPLESK-3418)
• Perl and Python support is no longer listed as available but turned off in “Account” > “Hosting Options” if the corresponding Plesk components are not installed. (PPPM-13456)

Linux

• Indroduced a beta version of the Laravel Toolkit extension that allows you to manage Laravel applications running on your Plesk server:

  • Scan and automatically connect Laravel websites to Laravel Toolkit. That way you can manage them using the Plesk interface.
  • Get your Laravel applications from a remote Git repository and deploy them.
  • Automatically update Laravel applications using Git webhooks.
  • Manage the .env file using the graphical user interface (GUI).
  • Run artisan and composer commands without having to access the shell.

  We would love to hear your feedback about this improvement. Please send us your feedback to feedback@plesk.com.

• Plesk users granted shell access (even chrooted) can now execute certain Node.js commands (like nvm use or npm install) straight from the shell.
• The Node.js extension now supports the Yarn package manager (along with already supported npm).
• When changing the PHP handler to “FastCGI application served by Apache” for a domain owned by a subscription based on a service plan that provides PHP-FPM by default, the PHP handler is now correctly changed to FastCGI. (PPPM-13450)
• Performing dist-upgrade from Debian 10 to Debian 11 no longer results in an outdated version of the “plesk-py27-paramiko” package being installed. (PPPM-13478)
• On Ubuntu 20.04 servers, restarting the nginx service no longer results in the “Unable to restart the service: Failed to fetch” error. (PPPM-13483)
• The BIND service no longer fails to start after updating to Plesk Obsidian 18.0.42.1. (PPPM-13487)
• Clarified the error message shown and logged when subscription creation fails when greylisting is enabled in global spam filter settings, but the /var/lib/plesk/mail/greylist directory is missing. (PPPM-13457)
• Log rotation now works correctly after updating to Plesk Obsidian 18.0.42. (PPPM-13473)
• After updating to Plesk Obsidian 18.0.42, backup creation no longer fails with the “Unable to run the backup agent” error. (PPPM-13492)
• Installing Plesk Obsidian on a server running AlmaLinux 8.4 no longer results in misleading warning messages in the installer log. (PPPM-13485)
• On servers running an RPM-based Linux with Yum, it is no longer possible to run the yum clean all command during the update, which led to the update failing. (PPPM-11218)
• Setting the settings.fpm.pm.process_idle_timeout.values[] and settings.fpm.pm.process_idle_timeout.default PHP parameters to exactly “1” in the panel.ini file no longer prevents users from changing PHP handlers for hosted domains. (PPPM-13484)
• Running the plesk repair web command now also repairs missing PHP modules. (PPPM-13387)
• “Forgot password” emails are now sent in the language matching the user’s language configured in Plesk. (PPPM-13496)

Windows

• Mail sent from IP addresses added to the white list now bypasses DNSBL checks. You can now add and remove IP addresses to/from the white list via the --add-to-white-list and --remove-from-white-list options for the mailserver.exe command.
• When moving a domain from one subscription to another, the list of available target subscription now includes subscriptions whose “Mailbox Size” limit is exceeded by the sum total of disk space taken up by all mailboxes owned by the domain that is being moved. (PPPM-13398)
• Trying to change the value of the ASP.NET “Session Timeout” parameter no longer fails with the “ERR [panel] Site without PhysicalHosting cannot be Webspace” error. (PPPM-13469)

Third-Party Component Updates

• Updated OpenSSL to version 1.1.1n.

Windows

• Updated ASP.NET Core 6.0 to version 6.0.3.
• Updated ASP.NET Core 5.0 to version 5.0.15.
• Updated ASP.NET Core 3.1 to version 3.1.23.
• PHP 5.2, 5.3, 5.4, and 5.5 are no longer shipped with Plesk.
• Updated Node.js to version 12.22.11.
• Updated libxslt to version 1.1.35.
• Updated zlib to version 1.2.12.

• Performing the initial configuration no longer results in a blank screen if the “Enter Plesk” button is clicked before all necessary fields are filled out. (PPPM-13463)

Linux

• Plesk updates no longer fail on Plesk servers that do not have BIND installed and are using a different DNS server. (PPPM-13466)

• Transitions from the “PHP settings” screen now happen up to 40% faster.
• Most of the tabs on the subscription overview page (Websites & Domains, Mail, Files, Databases, Statistics, and Users) now open up to half a second faster.

• Added the option to restrict the ability to create backup to the Plesk administrator. To prevent users other than the administrator from creating, uploading, or scheduling backups in Plesk, add the following lines to the panel.ini file:

  [pmm]
  manageBackupsByAdminOnly = true
  

  Note that scheduled backups already configured by users other than the administrator will continue to run.

• The “Tools & Settings” > “DNS Template” screen has been renamed to “DNS Settings”.
• The “DNS zone serial number format” section of the “DNS Settings” > “Zone Settings [template]” has been renamed to “Advanced DNS features”.
• On Plesk servers using BIND as the DNS server, it is now possible to specify additional DNS server parameters using named.conf syntax. To do so, enter them in the newly added “Additional DNS settings” field (found on the “Tools & Settings” > “DNS Settings” > “Server-wide Settings” screen). These parameters override all other server-wide parameters configured elsewhere.
• A link to a video describing the process of managing DNS records in Plesk has been added to the “DNS Helper” wizard.
• Kaspersky Antivirus has been converted from a Plesk component to an extension and excluded from the “Recommended” preset. As a result, the size of the Plesk distributable decreased by 35%, which will lead to faster downloads and shorter installation times. This change will not impact servers with Kaspersky Antivirus installed in any way.
• On Plesk servers with the “Joomla! Toolkit” extension installed, the option to create a website with the latest Joomla! version installed has been added to the “Add Domain” wizard.
• Plesk now treats cloud servers runnng on ARM processors as KVM virtualization allowing for the use of VPS license keys.
• Reworked the way information is presented during operations performed in the drawer on the left-hand side of the screen (for example, creating a domain). Progress bars have been moved from the footer to the main body of the drawer to make the interface less visually overloaded.
• The Video Tutorials section of the Plesk Documentation Portal has been populated with a host of new video tutorials giving step-by-step explanations for the most common Plesk use cases.
• Trying to set up mail autodiscover in the iOS Mail app on iPhone or iPad via the Plesk-generated link or QR code no longer fails with the “Invalid Profile” error. (PPPM-13390)
• Scheduled backup processes no longer get stuck indefinitely when backing up to FTP storage if the configured FTP server is unavailable or if the provided credentials do not match. (PPPM-13411)
• The default SOA Expire Value for domains created in Plesk was increased from 7 days to two weeks to avoid misleading warnings (for example, “SOA Expire Value out of recommended range”). (PPP-56007)
• When creating a domain as a Plesk administrator and selecting the “Assign this domain to a customer” option, the list of IP addresses (shared and dedicated) available to the selected customer is now shown instead of the list of IP addresses available to the administrator. (PPPM-12040)
• Running the plesk login command, logging in to Plesk via the generated URL, and then running the plesk login command again no longer results in an invalid URL being generated. (PPPM-13134)
• When uploading a database dump via the “Import Dump” feature, the existing database (if it exists) is removed and then recreated if the “Recreate the database” option is enabled. (PPP-55727)
• The pmm-ras command line utility now properly logs all required information if verbose logging is enabled in the panel.ini and pmmcli-rc files. (PPPM-13396)

Linux

• Debian 11 is now supported, with certain limitations. You can use the dist-upgrade procedure to upgrade your OS from Debian 10 to Debian 11.
• Apache no longer fails to start if ModSecurity is enabled but unable to start for some reason. (PPPM-13354)
• It is no longer possible to create an additional FTP user with the account name ‘psacln’ in Plesk. (PPPM-13382)
• If an alert for “Site creation” is configured for the Plesk administrator on the “Tools & Settings” > “Notifications” page, and one or more event handlers for the “Default domain (the first domain added to a subscription) created” event have been configured on the “Tools & Settings” > “Event Manager” page, an email notification is sent to the administrator whenever a new subscription is created even if one or more event handlers return a non-zero exit code. (PPPM-13401)
• A more comprehensible error message is now shown when trying to create a domain with an internationalized domain name containing not allowed characters in punycode (for example, emojis). (PPPM-13172)
• Plesk Installer no longer fails when started on a server with certain versions of MariaDB installed from RPMs. (PPPM-13431)
• Running the one-click-installer on CloudLinux 7 no longer results in an error. (PPP-56121)
• The “www." >> "" CNAME DNS record was added to the Plesk default DNS zone template.(PPP-52146)
• When exporting database dumps, the progress bar no longer gets stuck under specific circumstances. (PPPM-13306)
• The Fail2Ban component now requires syslog/rsyslog (depending on the OS) as a prerequisite. (PPPM-13307)
• Plesk Monitoring now properly cleans up unneeded temporary files it stores in the /opt/psa/var/health/data/localhost directory. (PPPM-13313)
• It is now possible to log in to webmail for a mailbox with one or more “+” characters in the mailbox name (for example, “my+mailbox@example.com”) when the “Enable email subaddressing” option is disabled in “Tools & Settings” > “Mail Server settings”. (PPP-55620)
• A confirmation dialog box is now shown when removing a jail in Fail2Ban. (PPPM-13414)
• The “Do not deliver copies of forwarded emails to the Plesk mailbox” option can now be enabled or disabled via the CLI using the plesk bin mail -u <mailbox@domain.name> -forwarding true -delivery false command. (PPPM-13422)
• The sizes of incremental backups stored in FTP storage are no longer shown incorrectly under specific circumstances. (PPPM-13424)
• Certain access log entries that were missing before are now shown in Log Browser for domains with the “Permanent SEO-safe 301 redirect from HTTP to HTTPS” option enabled. (PPPM-13433)
• A more comprehensible error message is now shown when trying to create a subdomain for a subscription with no hosting. (PPPM-13435)

Windows

• The option to change the SSL/TLS certificate securing the mail server is no longer available if a remote SmarterMail server is configured and selected as the Plesk mail server. (PPPM-13381)
• Plesk Task Manager now properly logs agent exit code when in debug mode. If the exit code is non-zero, the information is logged with the ERROR status. (PPPM-13373)

Third-Party Component Updates

Linux

• Updated phpMyAdmin to version 5.1.3.
• Updated Courier-IMAP to versions 5.1.7.
• Updated OpenSSL to version 1.1.1m.
• Updated Dovecot and Pigeonhole to versions 2.3.18 and 0.5.18, respectively.
• Updated Postfix to version 3.5.14.
• Updated RRDtool to version 1.7.2.
• Updated Logrotate to version 3.19.0.

Windows

• Updated ASP.NET Core 6.0 to version 6.0.2.
• Updated ASP.NET Core 5.0 to version 5.0.14.
• Updated Node.js to version 12.22.9.
• Updated MariaDB 10.5 to version 10.5.15.
• Updated MariaDB 10.3 to version 10.3.34.
• Microsoft Drivers for PHP for SQL Server are now shipped with PHP 8.1.

Linux

• Emails with daily reports from the “Watchdog” extension now contain correct data instead of error messages again. (PPPM-13385)

• Cgroups Manager is now a free-to-use feature, and a welcome addition to the Plesk Web Pro and Web Host editions. Read more about this feature.

• Added the plesk bin action-log CLI utility. The utility can be used to extract action log entries in raw or JSON format, and also to manage action log rotation settings.

  See how to use the utility in Plesk for Linux and Windows.

• Added the ability to switch outgoing mail control from counting individual messages to counting the total number of recipients from the Plesk interface (“Tools&Settings” > “Mail Server Settings” > turn on limitations on outgoing email messages > “Count a number of recipients instead of messages”).
• Reduced page load time for the Domain Overview screen.
• Improved the Plesk UI related to tasks in progress to make it more appealing and easier to use.
• The “Webspace Settings” section is no longer collapsed by default when adding domains, and will instead remember its last state, whether collapsed or expanded. This will make adding multiple domains easier for people who routinely changed the default usernames, passwords, or IP addresses during domain creation.

• Decreased the page load time for a number of most popular screens in Plesk. Transitions to the following screens are now up to 400% faster:

  • DNS Settings (-400%)
  • Websites & Domains (-15%)
  • Domains (-15%)
  • File Manager (-10%)
  • PHP Settings (-28%)
  • Web Hosting Access (-25%)
  • Hosting Settings (-7%)
• Added the ‘Allow necessary cookies’ option to the cookie banner in Plesk to comply with the updated GDPR requirements.
• The SSH Terminal extension now shows a helpful pop-up with instructions if it is unable to connect (for example, because the ssh service is not running or because root login is prohibited).

• Added the ability to prevent customers from changing the Recycle Bin rotation settings in File Manager. To restrict the ability to change rotation settings to admins and resellers only, add the following lines to the panel.ini file:

  [fileManager]
  trash.rotation.customerAccess = false
  

• Based on the collected feedback, the bar on the right side of individual domains’ screens stays! The invitation to fill in the survey has been removed. Thanks for letting us know your opinion, everyone!

• Added the ability to control the logging level of XML-RPC requests and responses. To change the logging level, add the following lines to the panel.ini file:

  [log]
  filter.priority = 6 
  

  The valid values range from 0 to 7. The higher the number, the more detailed the log, with 7 being “debug”, 6 being “info”, and so on. See Zend Debug Levels for more information.

• Context promos for a number of Plesk extensions have been removed from the “DNS Settings”, “Updates & Upgrades Settings”, “Email Addresses”, “Mail Server Settings”, and “Backup Manager” screens.
• Custom promos added by the customer via the KAPC delivery mechanism are now shown before Plesk promos on the Home screen in Service Provider view.
• Improved the stability of the Extensions Catalog.
• Creating a website via the new domain creation wizard now correctly redirects to the relevant screen after the domain is created (for example, the Git extension is opened if the “Git” option was selected during domain creation). (PPP-55706)
• Notifications about the backup file being invalid are now correctly sent after backup creation. (PPPM-11642)
• The “Preview” link is now shown correctly in the Domain list in Service Provider view when either the “Quick Preview on a domain name in Plesk” or “Quick Preview on an external domain name” option is selected in “Tools & Settings” > “Website Preview”.(PPP-55571)
• It is no longer necessary to empty the list of files to be excluded from backup in “Tools & Settings” > “Backup Manager” > “Schedule” before you can clear the “Exclude specific files from the backup” checkbox. (PPPM-12262)
• Changing the IP address of a domain with log rotation enabled no longer turns log rotation off. (PPP-55573)
• It is no longer possible to update Plesk administrator profile details if the “Email address” field is empty. (PPPM-13319)
• Added a link to the documentation to the warning message shown when setting outgoing mail limit for a domain, and the configured limit for the domain exceeds the limit for the subscription. (PPPM-13203)
• The “Preview” link for the domain selected for previewing other websites (“Tools & Settings” > “Website Preview” > “Quick Preview on a domain name in Plesk”) is no longer shown in the Domain list in Service Provider view. (PPPM-13361)
• Uploading files via File Manager no longer sometimes fails with the “No files selected. To upload the files, you have to select them.” error. (PPP-54792)
• After configuring the Amazon S3 Backup extension via the CLI, it is no longer shown as not configured in the Plesk interface. (PPPM-13332)
• The confirmation message shown when removing a domain now correctly calculates the number of domains that will be removed. (PPPM-13283)
• Fixed the issue where opening a domain resulted in a white screen under specific circumstances. (PPPM-13358)

Linux

• RockyLinux is now supported, both for new Plesk Obsidian installations and for in-place conversion from CentOS 8.

• Plesk can now be installed on Ubuntu 20 servers running on ARM-based platforms (as a Beta version with certain limitations). You can also try a VPS with Plesk on Graviton2 processors by using this Plesk AWS AMI image in just a click.

  Read more about the ARM architecture in the article. Have questions or suggestions regarding this feature? We welcome your feedback!

• Added the ability to add custom headers to emails sent via the Plesk auto-reply mechanism from the Plesk interface (“Tools&Settings” > “Mail Server Settings” > “Extra auto-reply headers”). In addition, the “Auto-Submitted: auto-replied (vacation)” header in now added by default.
• It is no longer possible to create mail accounts for domains for which the mail service was disabled. (PPPM-13205)
• It is no longer possible to create a MySQL user with the name “root@localhost” under specific circumstances. (PPPM-12656)
• Importing and exporting MySQL databases with one or more definers and/or triggers via the Plesk interface now works correctly. (PPPM-13311)
• Trying to access Scheduled Tasks under Dev Tools when logged in as a reseller no longer results in the “Permission denied” error. (PPPM-13333)
• The vhostmng-find process no longer follows symlinks by default, which could prevent daily tasks from running and lead to 100% CPU load. (PPP-47419)
• On Red Hat Enterprise Linux 8.x and its derivatives, Plesk Watchdog is now able to correctly detect the status of the SpamAssassin process. (PPPM-13315)
• A more informative error message is now shown when the PUM utility tries and fails to update a duplicated package. (PPP-55204)
• Single quotes in Plesk error messages are no longer replaced with double quotes when clicking the “Search for related Knowledge Base articles” button, which led to empty search results. (PPPM-13327)
• The plesk bin custom_plan_items --update CLI utility no longer unexpectedly produces a non-zero exit code upon completion. (PPPM-13365)
• Running the plesk repair mail CLI utility no longer prevents users from creating mailboxes for domains with the mail service enabled that are owned by a subscription with the mail service disabled. (PPPM-13369)
• Incorrect breadcrumbs are no longer shown on certain screein in the Plesk interface. (PPPM-13335)
• Plesk no longer shows an incorrect “The following Apache modules are not installed on the destination server:” error after migrating from Ubuntu 16 to Ubuntu 20. (PMT-4972, PPP-55411)
• Clarified the error message shown when trying to create an FTP user with a name starting with a number. (PPPM-13344)
• XML API requests specifying the filter no longer fail. (PPPM-13353)
• Opening the PHP settings of a domain with the disabled “PHP version and handler management” permission no longer results in an error. (PPPM-13370)

Windows

• Security improvements. (PPPM-13317)
• SpamAssassin no longer penalizes messages that fail the RDNS_NONE check, which could lead to legitimate messages being treated as spam.
• The “PSAMailbackup.exe” process no longer keeps running when a backup of one or more subscriptions with mail accounts is started and then stopped. (PPPM-11671)
• Websites are now published correctly in Web Presence Builder, and website snapshots can be downloaded. (PPPM-13339)

Third-Party Component Updates

• MariaDB 10.6 is now supported.
• PHP 8.0 is now recommended to use in Plesk, and is now the default PHP versions for websites in Plesk.
• PHP 8.1 is now available in the Plesk installer.
• Marked PHP 7.3 as outdated because it has reached end of life.

Linux

• Updated PHP used by sw-engine to version 7.4.27.
• Updated nginx and the sw-cp-server service to version 1.20.2.
• Updated Phusion Passenger to version 6.0.12.
• Updated Dovecot to version 2.3.17.1.
• Updated Pigeonhole to version 0.5.17.1.
• Updated Roundcube to version 1.4.13.
• Updated ModSecurity 3 to version 3.0.6.
• Updated ModSecurity 2 to version 2.9.5.

Windows

• .NET 6.0 is now supported.
• Updated ASP.NET Core 6.0 to version 6.0.1.
• Updated ASP.NET Core 5.0 to version 5.0.13.
• Updated ASP.NET Core 3.1 to version 3.1.22.
• Updated PHP used by plesk-engine to version 7.4.27.
• Updated Node.js 12 to version 12.22.7.
• Updated Git to version 2.34.1.
• Updated BIND to version 9.16.23.
• Updated ModSecurity to version 2.9.5.

• Creating a website via the new domain creation wizard now correctly redirects to the relevant screen after the domain is created (for example, the Git extension is opened if the “Git” option was selected during domain creation). (PPP-55706)

Third-Party Component Updates

Linux

• Updated libspf2 to version 1.2.11, which fixes a number of security vulnerabilities, namely: CVE-2021-20314, CVE-2021-33912, and CVE-2021-33913.

• When restoring a customer or a Plesk server from a backup, the “Cannot update customer account: unknown country code “XX” warning no longer appears. (PPPM-13324)

Linux

• Updated Apache mod_proxy on CentOS 7, Red Hat Enterprise Linux 7, and CloudLinux 7 to fix the mod_proxy SSRF vulnerability (CVE-2021-40438). (PPP-55606)

  We strongly recommend that you update Plesk.

Third-Party Component Updates

• Marked PHP 7.3 as outdated because it reached end of life.
• PHP 8.0 is now recommended to use in Plesk.

• PHP 8.1 is now available in the Plesk installer.

  Note: At the moment, PHP 8.1 is not present in the set of recommended components.

Linux

• Certain actions in Plesk on Ubuntu run in an OpenVZ container (for example, migration, Plesk updates, backing up, and so on) no longer fail with the “boost::filesystem::copy_file: Function not implemented” error. (PPPM-13321, PPPM-13323)

Third-Party Component Updates

• Updated Roundcube to version 1.4.12 to fix the following security issues: CVE-2021-44025 and CVE-2021-44026.

  We strongly recommend that you update Plesk.

• Replaced Gzip with ZSTD as the default compression method for backup and restore operations in Plesk. On multi-CPU servers, depending on the type of data being backed up, this provides the following benefits:

  • Reduces the backup size by up to 20%.
  • Reduces the CPU load by up to 25%.
  • Reduces the backup creation time by up to 2x (fast), and by up to 4x (fastest), based on the compression level.

  The desired compression level can be set in “Tools&Settings” > “Backup Manager” > “Settings”. The ‘Fast’ level is set by default.

• Added the ability to disable automatic HTTP > HTTPS redirection for webmail. To enable it, add the following lines to the panel.ini file:

  [mail]
  webmail.forceHttp = true
  

  On Plesk for Windows, to disable automatic HTTP > HTTPS webmail redirection for existing domains, run the plesk repair web -webmail command.

• Removed a number of Plesk extensions from the Plesk Installer due to low usage. These extensions are still available from the Extensions Catalog:

  • Skins and Color Schemes
  • Domain Connect
  • Social Login

  In addition, the Plesk Cgroups Manager extension was removed from the “Recommended” preset, and the Site Import extension was added to the “Recommended” preset.

• Due to security improvements made by Google, if you are using Google Drive Backup Plesk extension to create backups on a shared drive belonging to a corporate account, you need to do the following to be able to make backups (users with personal drives are unaffected):

  • Re-register the drive and explicitly set its type to “Shared”.
  • Make sure your administrator has marked the Plesk Backup Corporate application as trusted.
• Plesk Administrator should explicitly specify their country of residence in their profile.
• A number of buttons initiating the primary action on the page have been visually highlighted to make them more noticeable.
• When creating a subscription, physical hosting is now correctly configured if the subscription’s system user’s password includes one or more ampersand (“&”) characters. (EXTREST-118)
• Domain Preview now correctly accesses the website being previewed via IPv4, even if an IPv6 address is also configured for the domain. (PPPM-13075)
• For certain older Plesk extensions, clicking the name of a domain on the extension’s page no longer results in the domain overview page opening with layout and domain name, but no content. (PPPM-13252)
• Running the plesk repair mail command for a domain in Plesk with “Outgoing messages from a subscription (per hour)” set to “Unlimited” no longer results in an error. (PPPM-13272)
• Searching for a mailbox in Plesk when on the Home Page no longer results in the “An invalid URL was requested” error. (PPPM-13273)
• Opening the Plesk Installer interface in a web browser no longer results in SSL certificate errors. (PPPM-13295)
• It is now possible to add and modify database users even if the subscription’s default MySQL server is not available. (PPPM-13265)
• Changing the IP address for a subscription now correctly updates the IP address of all domains owned by the subscription with the “Forwarding” hosting type. (PPPM-13256)
• Operations in File Manager no longer incorrectly affect previously viewed webspaces. (PPPM-13268)
• The controls in “DNS Settings” no longer sometimes disappear when logged in to Plesk as a customer. (PPPM-13292)

Linux

• Added the ability for Outgoing Mail Control to count the number of individual recipients (TO, CC, and BCC) instead of messages. This closes an abusable loophole which allows users to send bulk email by specifying a large number of recipients (the current Outgoing Mail Control logic counts each individual email as just one message sent, no matter how many recipients the email is sent to). To switch Outgoing Mail Control from counting messages to counting recipients (and vice versa), run the plesk bin mailserver --set-outgoing-messages-count-recipients <true|false> command (the change is server wide). (PPM-7181)
• Specifying custom values for both the proxy_read_timeout nginx directive and max_execution_time PHP setting for the same domain results in the max_execution_time value being substituted for the proxy_read_timeout value (e.g., adding proxy_read_timeout 1800; to “Apache&Nginx Settings” > “Additional Nginx directives” and setting max_execution_time to 90 in “PHP Settings” will result in proxy_read_timeout being set to 90 in the nginx configuration file for the domain in question). (PPPM-12599)
• On Ubuntu 18.04 and Ubuntu 20.04 servers, re-reading and repairing IP addresses in Plesk no longer results in unnecessary duplicate lines sometimes being added to the /etc/netplan/10-plesk.yaml file. (PPP-53340)
• Users can now manage the PHP-FPM version for domains after an incomplete systemd upgrade on the server. (PPPM-13248)
• Trying to remove a database registered in Plesk but hosted on an external database server no longer results in an error if the database user name includes one or more underscore (“_”) characters. (PPPM-13239)
• Removed the ampersand (“&”) character from the list of characters that cannot be used in passwords in Plesk included with the error message shown when the provided password does not meet the password strength requirements. (PPPM-13229)
• Cached memory is no longer included in the memory usage calculation in “Tools&Settings” > “Server Information”.(PPPM-13264)
• Added a human readable error message for cases when Task Manager fails to show the list of current tasks due to the number of simultaneously running tasks being very high. (PPPM-13123)
• Running the plesk bin pleskbackup command with the “-z” or “no-gzip” options now correctly results in the backup file not being compressed. (PPPM-13254)
• Trying to create a backup of a subscription no longer results in an error if the subscription’s name includes both uppercase and lowercase letters. (PPP-54691)
• It is now possible to move domains to subscriptions that were created on Plesk versions 11 or earlier and then migrated to a Plesk Obsidian server. (PPPM-12916)
• Mail messages forwarded from a Plesk server, or from one mail account to another on the same Plesk server no longer includes an unnecessary duplicate “From:” header. (PPPM-13296)
• Trying to enable SSLv3 (which is outdated and insecure) on a Plesk server by running the plesk bin server_pref -u -ssl-protocols 'SSLv3' command now correctly fails with the “Protocol ‘SSLv3’ is not supported” error. (PPPM-13242)
• Plesk Installer no longer reports errors if the locale used in Plesk is not configured correctly in Linux. (PI-331)
• Restoring a backup in Plesk no longer results in a warning if the nginxCacheBypassLocations nginx directive is configured in the panel.ini file. (PPPM-13300)
• Mailbox size limits specified in a hosting plan settings are now correctly propagated to mailboxes of all domains that belong to subscriptions based on that plan. The mailbox size is now corectly shown as “Default” instead of “Another size” in Plesk, and is changed accordingly for all mailboxes if the size limit is changed in the hosting plan. (PPPM-13274)
• The size of files smaller than 4 KB is now shown correctly in File Manager. (PPPM-13303)
• The “Upload file” command is no longer shown in File Manager when browsing a read-only directory. (PPPM-13285)
• Copying a database or exporting a database dump no longer fails if the name of the database starts with the dash (“-“) character. (PPPM-13267)

Windows

• Added the option to automatically remove emails forwarded from a mailbox in Plesk. The feature is disabled by default. To enable it, go to “Mail”, click the desired mailbox, open the “Forwarding” tab and select the “Do not deliver copies of forwarded emails to the Plesk mailbox” checkbox.
• When selecting or clearing the “Show system files and directories” checkbox in File Manager options, it is no longer necessary to refresh the browser window for the changes to take effect. (PPPM-13255)
• Outgoing Mail Control now works correctly on Plesk Obsidian servers with MailEnable Enterprise edition installed. (PPPM-13269)
• Running the plesk repair web command now correctly resolves issues with corrupted SSL certificate files that could result in users being unable to create domains. (PPP-54689)
• The “CAS trust level” setting value for newly created subscriptions in Plesk in now correctly inherited from the one set on the global level in the IIS Manager. (PPPM-13276)
• Trying to unpack a .zip file in File Manager no longer fails with the “Unable to unpack archive” error under specific circumstances. (PPPM-13309)

Third-Party Component Updates

• Updated sw-engine PHP to version 7.4.26.

Linux

• Updated Dovecot and Pigeonhole to versions 2.3.17 and 0.5.17, respectively.

Windows

• Updated ASP.NET Core 5.0 to version 5.0.11.
• Updated ASP.NET Core 3.1 to version 3.1.20.
• ASP.NET Core 2.1 is no longer shipped with Plesk.
• Updated MariaDB 10.5 to version 10.5.13.
• Updated MariaDB 10.3 to version 10.3.32.
• The “WebDAV Publishing” IIS role service is no longer added during Plesk installation.
• Updated Horde PHP to version 7.4.

Linux

• Plesk Update Manager no longer fails with the “‘NoneType’ object has no attribute ‘run_sack’” error. We have spotted this issue in Plesk Obsidian 18.0.39 Update 1 on CentOS 8.5, AlmaLinux OS 8.5, RHEL 8.5, CloudLinux OS 8.5. (PPPM-13304)

• It is now possible to hide the “What username and password to use?” link on the Plesk page or change the URL the link leads to.

  To hide or change the link, add the lines of the following pattern to the panel.ini file:

  [login]
  howToLoginArticle = '' ; Hides the link.
  howToLoginArticle = 'https://example.com' ; Changes the default URL of the link to example.com.
  

• Improved the process of adding a domain by introducing a new screen that shows the following options:

  • Create a blank site.
  • Create a WordPress site.
  • Upload content using File Manager after website’s creation.
  • Connect a Git repository.
  • Import website from another hosting.

  The new screen is disabled by default. To enable it, add the following lines to the panel.ini file:

  [domainManagement]
  applicationWizard.enabled = true
  

  We would love to hear your feedback about this improvement. Please send us your feedback to feedback@plesk.com.

• Livened up the “Add Domain” sidebar by adding images to it.

• The Plesk administrator, customers, and resellers now have a more concise interface delivered by the right sidebar collapsed by default on the following screens:

  • (Power User view) Websites & Domains
  • (Service Provider view) Domains > domain
  • (Service Provider view) Subscriptions > subscription

• Plesk users can now configure the automatic deletion of files in the Recycle Bin by date and/or by time. By default, the automatic deletion is enabled.

  The Plesk administrator can manage this feature and change its default settings by using the following panel.ini options:

  [fileManager]
  ; Shows and hides the automatic deletion feature in the interface. The default value is `true`.	
  trash.rotation.enabled 
  ; The file size limit in megabytes. When the limit is exceeded, Plesk will skip the Recycle Bin and automatically delete new files. The default value is 5 GB.
  trash.rotation.bySize.limit 
  ; The number of days the Recycle Bin stores files. Plesk automatically deletes files older than the specified number. The default value is `30`.
  trash.rotation.byDate.limit 
  

• The Plesk login and default pages now contain the link to the “How to log in to Plesk?” KB article.
• Plesk on Cloud now automatically updates its public IP address if it was changed after the server reboot. This improvement works for Plesk on Alibaba Cloud, Amazon EC2, Amazon Lightsail, DigitalOcean, Google Cloud, and Microsoft Azure.
• Improved the loading speed of the “Databases”, “DNS Settings”, “Subscription”, and “Domain” overview pages.
• Enhanced the Help menu for Plesk administrators by including links to KB articles, release notes, Plesk Facebook community, and so on.
• The Google Drive Backup extension now has different modes for configuring personal and shared drives. We made this improvement to comply with the updated Google policy of external applications that access Google users’ data.
• Renamed the Advanced Monitoring extension and its notifications “Monitoring”.
• The plesk repair db command can no longer suggest deleting resolvable domains by mistake. (PPPM-12162)
• Sped up the website, subscription, and customer creation processes. (PPP-54306)
• Improved an error message shown when scheduled backups fail because a Plesk license has expired. (PPPM-11774)
• Sped up retrieving mailbox usage statistics via API RPC. (PPP-53647)
• A pop-up message that appears when a password of a password-protected directory user is too short no longer misses password length variables. (PPPM-12740)
• The main Plesk search field can now again handle search words with whitespace characters from one or both sides. (PPPM-13195)
• The Plesk administrator and resellers can now again customize the logo. (PPPM-13202)
• Plesk now completely cleans up leftover files after deleting a customer, reseller, or subscription that was backed up to remote storage. (PPPM-13173)
• If a customer linked a Plesk mailbox to their Plesk account and then changed the account password, Plesk now shows a message that this will change the password to the linked mailbox as well. (PPPM-13088)
• It is now possible to get information about an SSL/TLS certificate that secures mail via the CLI or REST API. (PPPM-13236)
• File Manager in Power User view now displays the content of the selected domain instead of the last created one. (PPPM-13194)
• It is no longer possible to save time for a scheduled task in an incorrect format, which broke the Scheduled Tasks page causing an HTTP error 500. (PPPM-13215)
• Plesk now stops sending automatic replies late in the evening the day before the end date. (PPPM-8995)

Linux

• Webmail clients now use PHP 7.4 shipped with Plesk by default.
• Improved stability and isolation of websites that use PHP-FPM handlers. It is now possible to choose the dedicated PHP-FPM handler for each website.
• Plesk now signs outgoing emails sent via WordPress with DKIM even WordPress uses an unauthenticated SMTP server.
• Plesk now performs a deferred Apache restart using the systemd timers.
• The plesk-modsecurity jail in Fail2Ban now works if a domain uses nginx-only hosting.
• As a part of the GDPR compliance changes, made the statistics Webalizer and AWstats collect more accurate. (PPPM-10655)
• For security reasons, the default Roundcube spell checker is now disabled in Plesk by default. (PPPM-13183)
• The plesk repair db utility now deletes orphaned DNS records from DNS zones. This prevents occasional BIND crashes after the DNS records were synchronized with the server-wide DNS template. (PPM-2347)
• It is now again possible to change the mailbox quota via API RPC. (PPPM-13197)
• The Users > Create User Account form no longer shows domains with turned off mail services in the @ drop-down list next to the “Email address” field. (PPPM-13205)
• Uninstalling a webmail client no longer breaks Apache configuration files. (PPPM-12924)
• Plesk no longer duplicates forwarded emails if their initial emails failed to be delivered. (PPPM-12341)
• In Plesk on Ubuntu 20, File Manager no longer fails to open JSON files showing the “Unable to display the file : Unsupported file format" error. (PPPM-13206)
• Users can now open the wp-config.php file and other WordPress subscription files in Code Editor. Previously it was occasionally impossible under certain circumstances. (PPPM-12921)
• An event handler triggered by the “Mail account updated” event now executes the assigned script only once. (PPPM-13218)
• MySQL dump importing no longer fails with the “ERROR 1227 (42000) at line : Access denied" error. (PPPM-13086)
• An extension that uses the guzzlehttp/promises 1.4.1 package no longer causes the “Class ‘GuzzleHttp\Promise<ClassName>’ not found” error when users try configuring the following remote storage points: Google Drive, Amazon S3, DigitalOcean Spaces, or Microsoft OneDrive. (PAUX-3748)
• Plesk now automatically deletes pre-upgrade MySQL dumps older than one year. (PPPM-10488)
• It is now possible to install Plesk on a server running on CentOS 7 x64 with preinstalled MySQL. (PPP-47540)
• Plesk now updates PHP settings of a subscription’s main domain faster. (PPPM-12136)
• Changing an IP address of a subscription with multiple domains (30 or more) no longer breaks the Postfix service. (PPPM-9733)
• It is now possible to change a subscription password via REST API by sending a request without hosting_type. (EXTREST-136)
• Custom buttons with enabled “Open URL in Plesk” now work in Power User view. (PPPM-13213)
• Plesk now correctly counts the number of a reseller’s subscriptions. (PPPM-13227)
• Plesk now correctly removes websites’ historical data after their TTL period has expired. (PPPM-10655)
• Removing all custom service plan items via the CLI no longer causes the Use of undefined constant nul - assumed 'nul' PHP warning. (PPPM-13222)
• The plesk repair mail <domain|mail-address> command now repairs the Outgoing Mail Control subsystem more reliably. (PPP-52477)
• It is now possible to open websites and webmail in Safari when HTTP/2 is enabled in both nginx and Apache. (PPPM-12381)
• Improved logging to /var/log/maillog to make it easier to detect issues (if any) with outgoing mail headers. (PPP-54314)
• Updated regular expressions used by Fail2ban to prevent it from occasionally blocking secure domains. (PPPM-12058)
• Disabling and then enabling a domain’s mail service no longer breaks mailboxes with the reserved mail names: postfix, anonymous, drweb, root, and so on. (PPPM-7702)

Windows

• Plesk now supports Windows Server 2022.
• Dropped the possibility of downloading database backup files.
• Plesk reinstallation no longer breaks Task Manager. (PPPM-13208)
• It is now possible to rename a domain that uses a custom webmail client. (PPPM-13204)
• Plesk Installer no longer incorrectly detects MySQL Connector/ODBC 5.1 as installed instead of the actually installed MySQL Connector/ODBC 5.3. (PPPM-13237)
• It is now again possible to configure advanced permissions of files using File Manager. (PPPM-13228)
• It is now possible to install the “Plesk One Edition for China” license key on a clean Plesk server. (PPPM-13241)

Third-Party Component Updates

• Updated PHP used by Plesk to version 7.4.24.

Linux

• Updated ProFTPD to version 1.3.7c.
• Updated OpenSSL used by nginx to version 1.1.1l.

Windows

• Updated Node.js 12 to version 12.22.6.
• Updated Node.js 10 to version 10.24.1.
• Updated Git to version 2.33.0.2.
• Updated OpenSSL to version 1.1.1l.

Linux

• Updating Apache to the latest version in Plesk on Ubuntu that uses PHP-FPM served by Apache no longer breaks websites causing an HTTP error 500. (PPPM-13232)
• Plesk updates on Ubuntu and Debian no longer fail if system packages are marked as “hold” in apt. (PI-726)

Linux

• Apache restart works again if the restart interval is set. (PPPM-13186)
• Specifying custom proxy_buffering values in the nginx configuration file no longer breaks websites. (PPPM-13200)

• Running plesk repair db no longer removes all aliases of a domain. (PPPM-13188)

• Improved the Plesk Dynamic List view to make it easier to navigate to and focus on individual domains.
• The WordPress tab in Dynamic List view offers shortcuts to the most useful/popular features for WordPress sites.
• When opening a domain in Service Provider view, Dynamic List view is now used instead of Active List view.
• When selecting a domain in search results in Power User view, the page automatically focuses on the required domain and the domain card is expanded.
• Plesk now redirects the customer to the created domain’s card after website creation.
• The Recycle Bin functionality in the File Manager is turned on by default for all Plesk installations.
• Updated the instructions in the DNS Helper with information about glue records’ configuration.
• Added the instructions for a number of popular registrars (CloudFlare, Freenom, Papaki, ps.kz, Exabytes, registro.br, and Porkbun) to the DNS Helper.
• After creating or uploading a WordPress website during onboarding, users can now click the “Log in to WordPress” button for easy access to the WordPress admin panel.
• Improved the loading speed of File Manager.
• Transitions between pages when navigating the Plesk interface are now more fluid.
• When creating a domain in Plesk, the progress bar is now shown in the same drawer.
• Increased the transfer speed for the SFTP Backup extension.
• Improved the behavior of the top right toaster in Plesk to prevent notifications from overlapping.
• Updated the look and feel of drawers and dialogs in Plesk.
• Plesk on cloud (AWS, Google Cloud, Azure, Alibaba, Lightsail, and Digital Ocean) now automatically re-maps private IP addresses if they change after server restart.
• Domains can now be sorted by Traffic usage in Service Provider view.
• Changing a domain’s document root to an invalid path no longer results in the invalid path being written to the Plesk database. (PPPM-12648)
• Synchronizing a subscription with its service plan no longer fails if the plan’s mailbox size value has been changed. (PPPM-12862)
• When Plesk fails to make a backup to an FTP storage, the correct error is now reported instead of “Error: Unable to export backup: Transport error: Unable to create the directory”. (PPPM-12798)
• Plesk no longer shows the “Domain is not resolvable” notification for domains with no hosting, domain aliases without web service, and domain aliases pointing to a domain with no hosting. (PPPM-12928)
• Restoring a subscription from backup no longer results in PHP handlers for all domains belonging to the subscription being set to ‘FPM application served by nginx’. (PPPM-12496)
• When typing in the database user’s password when logging in to phpMyAdmin, the password is now correctly masked by the asterisk ‘*’ characters instead of being shown in plaintext. (PPPM-12414)
• When searching for content in File Manager and finding multiple files, it is now possible to open each individual file without restarting the search. (PPPM-12389)
• Searching for domains when using the Classic list in Power User view via global search now opens the card for the correct domain. (PPPM-12948)
• Creating a backup to AWS S3 via the CLI no longer results in a misleading “Unable to save statistics. Error: DB query failed” error. (PPPM-12703)
• Upgrading to the latest Plesk Obsidian version no longer sometimes fails with the “PHP Fatal error: Uncaught JMS\Serializer\Exception\RuntimeException: Could not decode JSON, syntax error - malformed JSON.” error. (PPPM-13114)
• Clicking “see details” for a failed scheduled task now correctly shows the error details. (PPPM-13073)
• Password reset email is now correctly sent when resetting the password for a user using the username. (PPPM-13047)
• Information necessary for troubleshooting issues with backups is now being written to the backup logs. (PPPM-13021)
• Clicking the “Check for updates” link no longer results in a blank page. (PPPM-13044)
• Failed login attempts via REST API are now logged in the panel.log file. (PPPM-13144)
• When migrating, warnings about non-secure FTP are no longer shown when both the source and the target servers are configured to use secure FTPS connections only. (PPP-51587)
• It is now possible to enable mail forwarding when logged in to Plesk under a mail user account. (PPPM-13166)
• Pasting a domain name in the global search bar now immediately produces results with no need for additional button presses. (PPPM-13157)
• Removing an IP address not used for hosting no longer fails with the “The IP address is already used for hosting” error. (PPPM-13160)
• The “SSL redirect” checkbox is now cleared automatically if the “SSL support” checkbox is cleared. (PPPM-13169)
• The terminology for subscriptions’ expiration/renewal dates has been cleaned up. Now, “Expiration date” is used wherever appropriate. (PPPM-13121)
• The Plesk database now stores the mailbox quota value correctly, which fixes multiple issues (for example, occasional failures to reduce the mailbox quota). (PPP-53672)

Linux

• The latest Node.js LTS versions installation and update are now available through the renewed Node.js extension. Versions 10, 12 and 14 are supported at the moment. To enable Node.JS application hosting, install the Node.JS extension.
• Mail sent via the mail command is now signed with DKIM/Domainkeys if the sender’s domain name is the same as the server’s hostname and DKIM/Domainkeys are enabled for it. (PPPM-6690)
• Improved mail logging to make troubleshooting mail-related issues easier.
• Starting from September 15th, 2021, the SSH Terminal will be enabled by default. With this feature, all admins gain root access to the server. Learn how to disable root access.
• Starting from September 15th, 2021, the Mail Log Browser will be enabled by default.
• Unchecking the “PHP Support” checkbox in a domain’s settings now correctly disables PHP for that domain instead of switching the PHP handler to the system PHP-FPM. (PPPM-12894)
• Plesk no longer tries to deliver mail sent to an alias of a mailbox if the mail service for the domain the mailbox belongs to is disabled. (PPPM-8110)
• Restoring a pre-upgrade database dump no longer fails with the “Duplicate entry for key ‘Primary’” error. (PPPM-12003)
• Browsing a domain without hosting or the Plesk server’s hostname via HTTPS now correctly shows the default page instead of the Plesk login page. (PPPM-12289)
• Fail2Ban no longer writes a lot of irrelevant warnings to fail2ban.log.(PPPM-12887)
• The issue with AWStats calculating HTTP 206 response traffic twice for files with the ‘download’ MIME type was found to be a bug in AWStats, and will have to be fixed on the ASWtats side. (PPPM-12830)
• Scheduled tasks of the “Fetch a URL” type now have the “Plesk (fetch_url utility)” User-Agent HTTP request header. (PPPM-12363)
• Websites running on nginx + Apache can now work correctly over TLS 1.3. (PPPM-13038)
• The SSH Terminal extension now works correctly if a custom SSH port is used on the server. (PPP-53727)
• Plesk installation no longer fails with the “UnicodeEncodeError: ‘ascii’ codec can’t encode character u’\xdc’ in position 0: ordinal not in range(128)” on servers with “de_DE.UTF-8” set as the server’s locale. (PPPM-10782)
• Upgrading from Plesk Onyx to Plesk Obsidian no longer results in misleading messages being written to the upgrade log. (PI-599)
• Fail2Ban is now started automatically after Plesk initialization. (PPPM-13151)
• Restoring a subscription with one or more wildcard subdomains no longer results in the “Wrong syntax for command’s “–del-all” parameter” warning. (PPP-54025)
• On AlmaLinux 8 servers, using the Plesk firewall utility /usr/local/psa/bin/modules/firewall/settings no longer results in the “safeact: /usr/local/psa/var/modules/firewall/safeact.confirm: Address already in use” error. (PPPM-13120)
• ‘systemctl status’ now correctly reports the actual status of Plesk firewall. (PPPM-13053)
• Plesk firewall no longer blocks IPv6 neighbor discovery without multicast listener query in some environments. (PPPM-13145)
• It is now possible to get an IPv6 address via DHCP on Plesk servers with Plesk Firewall enabled. (PPPM-13164)
• Web statistics for websites using nginx as proxy are now calculated correctly on Plesk servers with Apache piped logs enabled. (PPPM-8252)
• Opening the “Settings” tab of a domain’s DNS page no longer results in the “ERROR: Error: Call to undefined method DomainAlias” error if changes were made to the server-wide DNS template, but not applied to the domain in question. (PPPM-13176)
• Plesk servers deployed on AWS no longer lose IPv6 connectivity once Plesk Firewall if enabled. (PPPM-13164)
• Fail2Ban now works correctly after reloading. (PPPM-13096)
• Scheduled tasks with notify set to “Errors only” now correctly stream stdout when running. (PPPM-13034)

Windows

• Running the plesk repair web command for a single domain no longer results in all domains with hosting being repaired. (PPP-53690)

Third-Party Component Updates

Linux

• Updated ModSecurity to version 3.0.5.
• Updated OWASP ModSecurity CRS to version 3.2.0.
• Updated sw-engine PHP to version 7.4.22.

Windows

• Updated MariaDB to version 10.3.31.
• Updated ASP.NET Core 5.0 to version 5.0.9.
• Updated ASP.NET Core 3.1 to version 3.1.18.
• Updated ASP.NET Core 2.1 to version 2.1.30.

Linux

• Updating to Plesk 18.0.37 and later no longer enables email delivery for mail accounts with disabled mailboxes. (PPPM-13129)
• In Plesk 18.0.37 and later, Watchdog daily reports sent to the Plesk administrator by email no longer contain the “ERR [panel] No entry is registered for key ‘translate’” errors. (PPPM-13128)

• Updating Plesk to version 18.0.37 no longer fails if Plesk has domains that belong to the service plan whose name contains spaces at the beginning and end. (PPPM-13114)
• Updating Plesk to version 18.0.37 can no longer rename server plans that have matching names but belong to different resellers. (PPPM-13118)

Linux

• The output of the executed plesk repair all -y command no longer shows the false positive “File Not found” errors. (PPPM-13124)
• panel.log no longer contains the “Cannot start event handler: Could not decode JSON” errors if Plesk has added event handlers whose actions produce a long output to be trimmed. (PPPM-13048)

• Added the “Connection Info” to the Dashboard in the Dynamic List. Clicking it opens a drawer where users can easily view and change access information for FTP accounts and databases.
• Clicking “Add Customer” now opens a drawer on the same page instead of going to a separate page. This should make the customer creation workflow faster and easier.
• The PHP version currently in use for a domain is now shown below the “PHP Settings” button to make it easier to read at a glance.
• Links to “Backup Manager” and “Scheduled Tasks” can now be found on the domain card as well as in the right sidebar. This should make these features easier to locate and access.
• Mail Autodiscover is no longer supported for Microsoft Outlook 2019 and O365 versions. These mail clients use Microsoft proxy servers for autodiscover requests, and this configuration is not supported in Plesk.
• Added password validation to the plesk bin database-server CLI utility. It is no longer possible to set database server password containing non-printable characters which caused issues with web statistics generation. (PPPM-12972)
• It is now possible to create a subdomain for an additional domain with hosting type set to “no hosting”. (PPPM-12952)
• Changing the language on the Plesk login page and then clicking the “Forgot password?” link no longer results in the password recovery page using the Plesk default language instead of the language chosen on the login page. (PPPM-12943)
• Setting the number of automatic replies Plesk can send to a unique email address per day to more than 100 no longer results in an error. (PPPM-12434)
• Trying to create a domain when the maximum number of domains allowed by the Plesk license or the reseller plan has already been reached no longer results in a blank screen. (PPPM-13030, PPPM-13043)
• The “Use DKIM spam protection system to sign outgoing email messages” checkbox can now be selected or cleared even if the mail service for the domain is not activated. (PPPM-13041)

Linux

• Added the ability to access the server from Plesk via a secure web-based SSH client. To use the SSH client, install the SSH Terminal extension.
• Added the ability to check the statuses of all emails sent to and from a Plesk server by reviewing the maillog and filtering by date, source, or any string pattern. It is also possible to check the maillog in real-time (‘tail -fn0’ analog). To use this feature, install the Mail Log Browser extension.
• Added the option to automatically remove emails forwarded from a mailbox in Plesk. The feature is disabled by default. To enable it, go to “Mail”, click the desired mailbox, open the “Forwarding” tab and select the “Do not deliver copies of forwarded emails to the Plesk mailbox” checkbox.
• systemd-cron is now supported on Debian 9/10 and Ubuntu 18.04/20.04. The cron package can now be replaced with systemd-cron on servers with Plesk using the OS package manager. systemd-cron is a wrapper that converts cron tasks to systemd “timers”, which solves the well-known issue with a lot of emails being sent after a failed cron job.
• Dovecot now reloads the configuration files instead of restarting whenever a mail certificate is renewed. This should resolve the issue with IMAP/SMTP connections often being closed without warning on Plesk servers hosting many domains.
• The default chroot settings are no longer changed after updating Plesk to the latest version. (PPPM-12885)
• The plesk repair utility no longer fails on file system check if the virtual host directory has been changed. (PPPM-12602)
• Running the plesk repair utility no longer results in a misleading suggestion to repair incorrect permissions if the virtual host directory has been changed. (PPPM-12325)
• On Debian/Ubuntu servers with Plesk PHP session files are now cleaned up properly if PHP from the OS repository is not installed on the server. (PPPM-13022)
• Fai2ban no longer fails while processing the “plesk-panel” jail if debug mode is enabled in Plesk. (PPPM-13051)
• Updating PHP packages from Remi’s RPM repository no longer resets permissions on /var/lib/php/session potentially causing PHP websites to malfunction. (PPPM-13068)
• Converting a CentOS server with Plesk to AlmaLinux no longer fails if the EPEL repository is enabled on the server. (PPP-53540)

Windows

• MariaDB error logs no longer contain misleading “Aborted connection” warnings related to the plesksrv service. (PPPM-12737
• Errors encountered during Plesk update are now correctly recorded in the installer log. (PPP-52706)
• Restoring a password-protected subscription backup created on another Plesk server no longer fails if the correct password is provided. (PPPM-13061)

Third-Party Component Updates

• Dropped support for MySQL versions earlier than 5.7.

Linux

• Updated sw-engine PHP to version 7.4.21.
• Updated ProFTPD to version 1.3.7b.
• Updated Courier-IMAP to version 5.1.3.
• Updated Updated Dovecot and Pigeonhole to versions 2.3.15 and 0.5.15 respectively.
• Updated phpMyAdmin to version 5.1.1.

Windows

• Updated plesk-engine PHP to version 7.4.21.
• Updated Node.js 12 to version 12.22.3.
• Updated Git for Windows to version 2.32.0.
• Updated MailEnable Standard to version 10.34.
• Updated ASP.NET Core 5.0 to version 5.0.7.
• Updated ASP.NET Core 3.1 to version 3.1.16.

• In File Manager, it is now possible to upload files from remote servers by specifying the file URL.
• It is now possible to install WordPress on CloudLinux used with the ALT-PHP handlers.
• It is now possible to add and manage DNS records (including TTL) in a DNS zone via REST API.

• Revamped the “Add Subscription” and “Add Domain” pages to make them consistent with other Plesk UX elements:

  • The “Webspace settings” section is now pre-filled and collapsed.

  • By default, Plesk now hides the Let’s Encrypt and Git sections when users create subscriptions, domains, and subdomains. To make the sections visible, add the following lines to the panel.ini file:

      [ext-sslit]
      enableSecuringNewDomain = true ; shows the "Secure with an SSL/TLS Certificate" section
      secure-new-domain = true ; makes the "Secure the domain with Let's Encrypt" checkbox selected by default
    
      [ext-git]
      enableOnSiteCreate = true ; shows the "Your Files to Copy to Hosting" section
    

• Added a progress screen shown when users create domains.
• Cleaned up the Plesk onboarding: removed distractions (for example, Plesk update notifications) that used to be shown once Plesk is installed.
• Improved protection against open redirect. The trustedRedirectHosts setting now has the default “empty” value on all existing and new Plesk installations. trustedRedirectHosts specified with the “empty” value forbids Plesk from redirecting to any hosts using the success_redirect_url and failure_redirect_url parameters because such redirecting poses a security risk.
• Plesk no longer shows DNS Helper if either IPv4 or IPv6 address resolves to the Plesk server. (PPP-52686)
• Improved the message shown when a domain name is resolved to the IP address different from the Plesk server IP. The message no longer misleadingly states that the website is offline. (PPPM-12937)
• When file upload fails in File Manager, Plesk now shows a detailed error message instead of the [[fileNotUploaded]] locale key. (PPPM-12929)
• Backing up to the Microsoft OneDrive Backup storage can no longer fail because of a failed request for a new OneDrive access token. (EXTPLESK-2654)
• The --create-map command of the pleskbackup utility is now deprecated. (PPPM-12940)
• File Manager now shows a confirmation dialog before replacing an already existing file with the uploaded one that has the same name. (PPPM-12966)
• Plesk now verifies that the number of simultaneously running backup processes to be set is more than zero. (PPPM-12927)
• It is now possible to remove the Plesk email address of a subscription’s additional users if an external email address is specified. (PPPM-12849)
• Restarting the Plesk server in Tools & Settings no longer causes the “Failed to fetch” warning to be shown in the Plesk interface. (PPPM-12962)
• It is now possible to create a subdomain of an add-on domain that has the forwarding hosting type via API-RPC. (PPPM-10784)
• The pleskbackup utility used with the --domains-name command no longer backs up the whole server instead of a subscription if the specified subscription does not exist. (PPPM-12797)
• The plesk repair utility can now detect and fix the Plesk database inconsistency that leads to the “Unable to find row with id X in IP_Addresses table” error during migration or backup restoration. (PPPM-12843)

Linux

• It is now possible to create a subdomain of a disabled domain if the “Force daily log rotation for all domains” server setting is turned on. (PPPM-11930)
• Webmail is now turned on by default for domains created via API-RPC. (PPPM-12355)
• The plesk repair utility now fixes incorrect permissions in /usr/local/psa/PMM/rsessions, which in turn fixes backup and restoration logs. (PPPM-12786)
• If a domain’s IPv6 address is set to “none”, running the plesk repair db utility no longer shows the false positive “The following domains are assigned to already removed IP addresses.” error message. (PPPM-12988)
• A system user that uses the “bash (chrooted)” shell can no longer lose the ability to connect via SFTP. (PPPM-12969)
• Plesk now daily rotates PHP-FPM error logs to prevent them from consuming all the server disk space and eventually causing issues on the server. (PPPM-11362)
• Fail2ban logs and database backups can no longer consume all the server disk space. (PPPM-12981)
• Suspending a subscription that has an add-on domain with the forwarding hosting type and a subdomain of the add-on domain no longer breaks the Apache configuration. (PPPM-12939)
• nginx now returns a 404 Not Found error when requesting a non-existent static file larger than 1023 bytes whose URL contains a trailing slash. (PPP-53248)
• Disabling a domain whose webmail service was uninstalled no longer generates an incorrect webmail configuration. (PPPM-12984)
• Removing the /usr/local/psa/PMM/rsessions directory and then going to Backup Manager no longer prevents further backup restoration and download of restoration logs. (PPPM-12785)
• In Plesk on Ubuntu with libc6 version 2.31-0ubuntu9.3 or later, a subscription’s system user that uses the “bash (chrooted)” shell can now connect to the Plesk server. (PPPM-12954)
• Subscriptions’ system users that use the /bin/false shell now log in to the Plesk server via FTP faster. (PPPM-12909)
• In Plesk on a Debian-based system, rereading IP address to repair misconfigured ones no longer duplicates IP addresses in /etc/network/interfaces. (PPPM-12941)
• If Plesk with Postfix that uses milter_protocol=2 receives an email, this no longer kills the pc-remote service. (PPP-53325)
• Plesk Log Browser now displays logs compressed in the GZIP format. (PPPM-12976)
• Plesk now correctly applies locale keys of non-English Horde interface languages. (PPPM-12886)
• Generating a server report no longer fails in Plesk that has a large number of objects (for example, domains or mailboxes). (PPPM-12816)
• Apache now runs if it is configured with TLS 1.3 ciphers only. (PPPM-12964)
• Plesk now vacuums the Fail2ban database weekly to prevent it from growing large. (PPPM-12981)

Windows

• Plesk no longer fails to create mail for a subscription that belongs to the service plan that has a disabled webmail client selected. (PPPM-12968)
• Changes in the %plesk_dir%MySQL\my.ini file no longer prevent updating Plesk Onyx to Plesk Obsidian. (PPPM-12994)
• Improved the error message shown when Plesk cannot restore a remote SFTP backup because one or more database server types (for example, Microsoft SQL Server) present on the remote storage server are not present on the Plesk server the backup is being restored on. (PPPM-12974)
• It is now possible to turn on the Atomic Standard rule set in ModSecurity. (PPPM-13001)
• The plesk repair mail utility no longer fails if the “DNS zones for DNSBL service” server-wide mail setting field contains a long string. (PPPM-13002)
• Plesk now changes a domain’s PHP version in the IIS configuration files even if the PHP handler was previously uninstalled. (PPPM-12911)
• The %plesk_dir%MySQL\Data*.err file can no longer contain errors and warnings related to the PleskWebSocket service. (PPPM-12737)

Third-Party Component Updates

• Updated PHP used by Plesk to version 7.4.18.

Linux

• Updated nginx and sw-cp-server to version 1.20.1.
• Updated the sw-cp-server components: nginx-dev-kit to version 0.3.1 and lua-nginx-module to version 0.10.19.
• Updated Phusion Passenger to version 6.0.8.
• Updated Dovecot and Pigeonhole to versions 2.3.14 and 0.5.14 respectively.
• Updated Xdebug to version 3.0.4.

Windows

• Updated BIND to version 9.16.15.
• Updated ASP.NET Core 5.0 to version 5.0.6.
• Updated ASP.NET Core 3.1 to version 3.1.15.
• Updated ASP.NET Core 2.1 to version 2.1.28.
• Updated Node.js 12 to version 12.22.1.
• Updated MariaDB 10.5 to version 10.5.10.
• Updated MariaDB 10.3 to version 10.3.29.
• Updated SQLite to version 3.35.4.
• Updated Microsoft ODBC Driver 17 for SQL Server to version 17.7.2.1.

• Fixed an internal issue related to connection to Plesk additional services.

• In Plesk with enabled “DNS Helper”, the “DNS Settings” page of domains created under subscriptions without hosting no longer shows the “Internal Error” message. (PPP-52966)

Linux

• It is now again possible to enable ModSecurity with the “Comodo (free)” rule set in the Plesk interface. (PPP-52965)

• In File Manager, it is now possible to do the following:

  • Upload directories.
  • (Plesk for Linux) Change file permissions recursively. Plesk for Windows has always supported that.
• File Manager can now display SVG files.
• Improved the interface of Dynamic List view. It is now easier to distinguish one domain card from another because we made the separating lines more distinct.
• Reduced the domain creation time by four seconds. To achieve this, we split the mail service creation into a separate task.
• Improved the “Add Domain” page. Plesk now automatically fills in the system user name and password boxes. We have also removed the password confirmation box.
• The “Mail Settings” page of domains now shows a hint how to enable DKIM signing for an external DNS server. The hint shows the exact DNS records users need to add to the DNS server.
• It is now possible to get information about subdomains via the CLI or REST API. (PPPM-12825)
• Enabling the mail service via the CLI for a subdomain no longer creates the Plesk database inconsistency. (PPPM-12836)
• Disabling the domain resolution check in panel.ini now hides the “Domain is not resolvable” message under “DNS Settings” of domains. (PPPM-12891)
• The window shown after closing the Change View item in the left navigation pane now contains a correct text instead of placeholders. (PPPM-12863)
• It is no longer possible to cause the Plesk database inconsistency by deleting an IP address assigned to a subscription without hosing. (PPPM-12876)

• Introduced a new CLI command --assign-database, which assigns a database created via the API to a domain. (PPP-52056) The command has the following pattern:

  plesk bin subscription_settings --assign-database <domain_name> -database-id <database-id>
  

• The “DNS settings” page of a subscription no longer fails to be opened with HTTP Error 500 if the Plesk database inconsistency occurs. (PPPM-12877)
• Plesk can now restore backups of subdomains that belong to a domain with the forwarding hosting type. (PPPM-12903)
• Improved a hint for creating temporary domains. The previous hint was incorrect and could mislead users into specifying a temporary domain name that did not work. (PPPM-12883)
• Updating to Plesk Obsidian no longer fails if the /var/www/vhosts/ permissions are not sufficient. (PPPM-12872)
• Removing an APS application can no longer cause the Plesk database inconsistency. (PPPM-12902)
• The “DNS Settings” page of a non-resolvable domain can no longer show the “Unable to find subscription” error instead of a warning that the domain name does not resolve to the server IP address. (PPPM-12871)
• The Plesk interface can no longer occasionally show the “Cannot read property ‘querySelector’ of null” error. (PPPM-12884)
• If a service plan has the “Switch on the mail service” and “Enable mail autodiscover” mail settings disabled, subscriptions created on the basis of the service plan now inherit these disabled mail settings. (PPPM-12879)
• Improved a confusing error message. When users try to remove an IP address used by the mail server, Plesk no longer incorrectly notifies that the IP address is used for hosting. (PPPM-7984)
• If “DNS Helper” is enabled and an add-on domain has an alias, panel.log no longer contains confusing error messages. (PPPM-12906)
• The plesk repair utility now detects issues with domains assigned to already removed IP addresses and suggests reassigning the domains to existing IP addresses. (PPPM-12865)
• Improved a message shown after a Plesk password reset. (PPPM-12677)
• File Manager can now display the content of files whose names contain Cyrillic characters. (PPPM-12897)
• The pmmcli utility now ignores Error 152 and shows the path to the imported backup dump because the error does not actually affect the backup dump import. (PPP-52707)
• The pmm-ras utility no longer creates archives and migration.log in the current working directory. The utility now creates migration.log in PMM_LOGS_D if the --session-path is not specified. The utility operation before the bugfix could occasionally cause server backups to fail. (PPPM-11752)
• Sped up loading of lists with a large number of domains (more than 1000). (PPPM-12689)

Linux

• Plesk can now be installed on AlmaLinux OS.

  Note: You can now in-place convert your Plesk server on CentOS 8 to AlmaLinux OS. To do so, run the script prepared by the AlmaLinux team on your CentOS 8 server.

• Dropped support for Ubuntu 16.04.
• Improved an error message shown when IP addresses registered in Plesk do not match those set up on the server and this mismatch caused an issue with the web server. The message now contains the link to the KB article with the steps on how to fix the issue.
• Updating Plesk 18.0.33 and earlier to the latest Plesk version no longer causes Plesk Premium Antivirus to start sending false notifications that a Plesk Premium Antivirus license will expire soon. (PPP-52338)
• Mail delivery to IDN emails no longer fails. (PPPM-12866)
• Removed an unnecessary test run during Plesk installation. The failed test created a log warning message with a recommendation to check the network configuration. The test result affected neither Plesk installation nor performance. (PPP-41762)
• Plesk now preserves the following custom settings of the [php-fpm-pool-settings] section in additional php.ini directives: chroot, clear_env, decorate_workers_output. (PPPM-12666)
• phpMyAdmin can no longer show strange users without passwords (for example, the user “Any”). (PPPM-12793)
• An IP address change can no longer fail because of unfinished MySQL initialization. (PPPM-12464)
• A Plesk daily maintenance task can no longer replace Dr.Web Antivirus packages with those from Plesk Premium Antivirus. (PPPM-12850)
• The official configuration of WordPress permalinks now works if nginx and PHP-FPM are used in tandem. (PPPM-12817)
• If PHP-FPM is served by nginx in Apache+nginx hosting, custom error documents for PHP scripts now work. (PPPM-12815)
• An add-on plan with disabled PHP settings can no longer affect the PHP settings of a subscription created based on the plan. (PPPM-12864)
• The Fail2ban configuration issues can no longer prevent users from creating subscriptions. (PPPM-12045)
• Scheduled tasks with the Null attribute no longer prevent Plesk from restoring server backups. (PPPM-12912)
• When installing or updating Plesk, Plesk Installer can now detect and warn about unsupported Debian and Ubuntu repositories present on the server. (PPPM-12834)
• Plesk Installer no longer occasionally shows that the MySQL server component can be updated instead of actually updating the component. (PPPM-12658)
• Plesk can now check incoming mail by processing SPF TXT records that contain up to 1024 mechanisms. (PPPM-8103)
• In Plesk on CloudLinux, the “Server Information” page in Tools & Settings can no longer show the Internal Server Error 500. (PPPM-11898)
• Plesk now correctly counts statistics for an add-on domain not including statistics for the domain with the same name as the add-on domain (if any). (PPPM-12577)

Windows

• For an external SMTP server used with Plesk, it is now possible to use a non-email username instead of a full email address (for example, just “mail” instead of “mail@example.com”). (PPPM-12896)
• The Plesk Installer output now shows all characters of a package version. (PPPM-12842)
• Removed a warning message about a 900-second delay after a PHP version change. (PPPM-12831)
• If SmarterMail 100 is used, Plesk no longer backs up emails of domains whose mail service is disabled and warns about it. (PPPM-12522)
• If the Windows system locale language is not English, Plesk no longer skips a subscription’s mail when backing up the subscription. (PPPM-12874)
• It is now again possible to train SpamAssassin because SpamAssassin Imap.php no longer tries to connect to the localhost using TLS. (PPPM-12086)
• Improved error reporting if backup creation fails with the “Failed to create archive: Repository error”. (PPPM-12697)

Third-Party Component Updates

• Updated PHP used by Plesk to version 7.4.16.

Linux

• Updated phpMyAdmin to version 5.1.0.
• Updated Fail2ban to version 0.11.2.
• Updated ProFTPD to version 1.3.7a.

Windows

• Microsoft Drivers for PHP for SQL Server are now installed with PHP 8.0.
• Updated Microsoft ODBC Driver 17 for SQL Server to version 17.7.1.1.
• Updated Node.js 12 to version 12.21.0.
• Updated Node.js 10 to version 10.24.0.
• Updated Git to version 2.30.2.
• Updated ASP.NET Core 5.0 to version 5.0.4.
• Updated ASP.NET Core 3.1 to version 3.1.13.
• Updated ASP.NET Core 2.1 to version 2.1.26.
• Updated BIND to version 9.16.13.
• Updated OpenSSL to version 1.1.1k.
• Updated SpamAssassin to version 3.4.5.

• Plesk Obsidian 18.0.34 and later behind Cloudflare with Rocket Loader enabled for a domain no longer shows empty customers’ and resellers’ pages. (PPPM-12844)

  Note: Although the issue was fixed, we recommend that you disable Rocket Loader. It does not benefit Plesk in any way.

Linux

• Updating the Plesk server OS using dist-upgrade and updating Plesk Obsidian with Postfix installed to version 18.0.34 no longer breaks the Postfix configuration. (PPPM-12846)
• In Plesk Obsidian 18.0.34 and later, the Plesk administrator no longer receives daily emails from the Plesk cron task notifying that “ls: cannot open directory /usr/lib64/httpd/modules”. (PPPM-12853)
• In Plesk Obsidian 18.0.34 and later, updating SpamAssassin rules no longer fails with the “channel: no ‘mirrors.sought.rules.yerp.org’ record found” error. (PPPM-12848)
• Updating Plesk Obsidian to version 18.0.34 no longer fails with the “Plesk database scheme was not upgraded completely” error if the Plesk server has the specific time zone set. (PPPM-12837)

• Added the Recycle Bin to File Manager. Users can now restore files deleted by mistake from the Recycle Bin.
  The Recycle Bin is turned off by default. To turn it on, add the following lines to the panel.ini file:

  [fileManager]
  trash.enabled = true
  trash.folder = .trash ; the name of the the Recycle Bin folder
  

  The Recycle Bin appears when a user deletes a file and chooses not to delete it permanently.

• The “DNS Helper” and “Publicly resolvable temporary domain name” features introduced in Plesk Obsidian 18.0.32 will be enabled by default strating with Plesk Obsidian 18.0.34. To disable the features, add the following lines to the panel.ini file:

  [dns]
  enableResolveChecking = false ; disables resolve checking
  showDnsHelper = false ; hides DNS Helper
  [techDomain]
  subdomain.enabled = false ; removes the ability to create technical domains
  

• Even if no DNS server is installed, Plesk will now show the information about configuring DNS for domains that could not be resolved.
• Significantly sped up Plesk initialization and post-install configuration.
• Revamped file editing in File Manager. Users now edit files in a drawer instead of going to a new page.
• The image preview feature in File Manager works again in Plesk and the feature no longer needs the Image Preview extension. If the Image Preview extension is installed, updating Plesk to version 18.0.34 will remove the extension.
• Plesk UI notifications on ModSecurity rule set updates are no longer enabled by default. The Plesk administrator now explicitly turns on the notifications if necessary.
• If the Comodo rule set is not available for download because of an issue on the waf.comodo.com side, Plesk now shows an error message that describes what users can do.
• Tools & Settings > Active Plesk Sessions (under “Security”) now differentiates sessions of the Plesk administrator and additional administrators. Additionally, Plesk now shows the “Another user with the same username (admin) is already logged in to Plesk” warning only if a user of the same type is logged in. (PPPM-6227)
• It is now possible to add a description to a domain when creating the domain via REST API. (EXTREST-127)
• The plesk repair db command can now fix the default certificate inconsistencies in the Plesk database. (PPPM-12795)
• Plesk additional administrators can now change their passwords in Power User view. (PPPM-12316)
• After logging in to Plesk updated to the latest version, the “Too few arguments to function Plesk_Base_Utils_Http::getUserIp()…” error is no longer occasionally shown. (PPPM-12696)
• It is now again possible to create backups stored in FTP storage. This feature was broken since Plesk 18.0.33. (PPPM-12699)
• Plesk sw-engine now correctly uses the system time zone defined in Tools & Settings > System time (under “General Settings”) As a result, after the system time zone was changed, sw-engine now operates in the correct time zone and writes log entries that have the correct time. (PPPM-12543)
• In the output of the secret_key CLI utility, changed the “Key” field name to “Key ID” to avoid user confusion. (PPP-52085)
• The “Unable to extract : To extract RAR archives, install UnRAR" error message now contains the correct link to the "How to install UnRAR" KB article. (PPPM-12550)
• The Amazon S3 Backup extension now works with the S3-compatible storage Backblaze. To ensure compatibility, the extension no longer sends the RequestPayer option by default. (EXTPLESK-2107)
• Removed the bandwidth value validation from Plesk API RPC. (PPPM-12708)
• In Fail2Ban, a custom jail no longer disappears if it was saved with errors. We spotted this bug in Plesk 18.0.32 Update 2. (PPPM-12362)
• Installing an invalid Plesk license no longer makes the “License Management” page reload continuously. (PPP-51903)
• Getting a response to an XML API request sent to a Plesk server with a large number (100+) of secret keys or creating a new secret key on such a server no longer takes a disproportionately long time. (PPPM-12800)

Linux

• It is now possible to extract RAR archives in File Manager on RHEL-based Plesk servers with unar installed and unrar not installed.
• Apache graceful restart is now more stable and less likely to break Apache during log rotation.
• Plesk now shows only actually installed Apache module versions in Tools & Settings > Apache Web Server (under “General Settings”).
• The plesk repair mail <domain> command can now repair a mailbox even if the mailbox automatic reply contains non-ASCII characters.

• Clean installations of Plesk 18.0.33 and later no longer have database inconsistencies. (PPPM-12806)

  Note: If you got a new Plesk 18.0.33 or later, run the plesk repair db command to fix the inconsistencies. Updating Plesk to version 18.0.34 will not automatically fix them.

• After a domain was deleted or its hosting type was changed to forwarding, the Plesk database no longer has nginx.conf records left. (PPPM-12758)
• Users can no longer get Dr.Web notifications on the upcoming expiration of their Dr.Web license even though the license has already been updated in Plesk. (PPPM-12761)
• Applying the DNS template to all DNS zones no longer changes empty TTL values of the affected DNS records to 0. (PPPM-12752)
• If the “Enable email subaddressing” option is disabled, it is not possible to create email addresses that contain special characters. If Plesk already has mailboxes whose email addresses contain special characters, it is not possible to enable the option. (PPPM-12781)
• In Plesk on Debian 10 with non-standard packages installed, the Plesk DNSSEC extension no longer fails to sign the domain DNS zone. (PPPM-12589)
• Plesk can now import MySQL dumps that have the DEFINER clause set. (PPP-52224)
• After a subscription was suspended, the webmail page of the subscription no longer shows a confusing SSL warning. (PPPM-12580)
• Website preview now works if “TLS versions and ciphers by Mozilla” of the SSL It! extension was enabled with the “Modern” option. (PPPM-12641)
• After Plesk Premium Antivirus was uninstalled, entries in /var/log/maillog can no longer contain the drweb handler. (PPPM-12719)
• Making changes on the Tools & Settings > Mail Server Settings page no longer enables all inactive mailboxes. (PPPM-12753)
• In Plesk on Ubuntu, backup restoration no longer fails with the “Unrecognized option: ‘-dumps-root-dir’” error. (PPPM-12820)
• If the Plesk administrator password is too long, the Plesk mail service no longer occasionally stops working. (PPPM-12503)
• After updating Plesk Onyx 17.8 on Ubuntu with Postfix installed to Plesk Obsidian, the Postfix logs no longer contain compatibility warnings. (PPP-46809)
• DHE ciphers are now again available for sw-cp-server and nginx. (PPPM-11435)
• Plesk now regards PHP 8 as a secure handler. A change of the service plan PHP version from 7.4 to 8.0 no longer causes the “Conflicts with the server-wide security policy” message to be shown. (PPPM-12731)
• In Plesk on CentOS 7, updating Plesk licences can no longer occasionally fail with the “floatFractionPart: Assertion value < 1.0’ failed” error. (PPPM-12445)
• Update of Plesk Obsidian that has a large number of created secret keys (more than 20000) to version 18.0.34 now takes less time. (PPPM-12722)

Windows

• Microsoft IIS Compression is now shipped with Plesk.
• It is now possible to connect to a Plesk server connected to Active Directory via FTP using just the login and password of an FTP user (for example, john_doe as an FTP login instead of Plesk_server_hostname\john_doe previously).
• If “Maximum CPU usage” for the IIS dedicated pool (in service plan or domain settings) has a set value, turning off the pool no longer resets the maximum CPU usage value to “Unlimited”. (PPPM-10314)
• Plesk now propagates TTL values of DNS records to Simple DNS Plus. (PPPM-12766)
• After the website PHP handler was changed to another version, the website FastCGI application of the previous PHP handler version is now removed. (PPP-51988)
• Restoring a subscription no longer occasionally causes the “Call to a member function getType() on null” warning. (PPPM-12712)
• Backups are now longer occasionally restored with the “Unable to restore the configuration of the error documents.” warning shown. (PPPM-12710)
• Sped up how fast Plesk loads the mailbox setting page. (PPPM-12693)
• Configured mail autodiscover no longer occasionally blocks access to Plesk. (PPPM-12767)
• Plesk Reconfigurator that failed to change virtual host locations can no longer stop IIS, misconfigure all websites in Plesk, and make them unavailable. (PPPM-12707)
• Plesk Reconfigurator now correctly changes the server IP address: the DNS server zones contain records with the new IP and the DNS server can resolve the new IP. (PPPM-12718)

Third-Party Component Updates

Linux

• Updated PHP used by Plesk to version 7.3.27.
• Updated Roundcube to version 1.4.11.
• Updated Postfix to version 3.5.9.
• Updated Horde to fix a security issue. We strongly recommend that you update Plesk.
• Updated IMP to version 6.2.27.

Windows

• Updated ASP.NET Core 5.0 to version 5.0.3.
• Updated ASP.NET Core 3.1 to version 3.1.12.
• Updated ASP.NET Core 2.1 to version 2.1.25.
• Updated Horde PHP to version 7.3.
• Updated Horde IMP to version 6.2.27.
• Updated the Horde_Text_Filter library to version 2.3.7.
• Updated Git to version 2.30.0.2.
• Updated PHP used by Plesk to version 7.4.15.

• Security improvements.
• The “Change View” button in the bottom left corner of the screen is now again available for resellers. The button was absent from the reseller interface starting with Plesk Obsidian 18.0.32. (PPP-52256)

• Plesk now supports MySQL 8 as the local (Plesk for Linux) and the remote database server. To learn how to switch the Plesk local database server to MySQL 8 or to perform a clean installation of Plesk on a server with MySQL 8, refer to this KB article.

• It is now possible to hide the controls related to Plesk updates (“Check for updates” and the “Update Plesk” buttons/links) on the Home page (in Service Provider view) and on the Websites & Domains screen (in Power User view).

  To hide the controls, add the following lines to the panel.ini file:

  [updates]
  showControls = false 
  

• It is now possible to hide plesk.com in the Plesk page footer. To do so, add the following lines to the panel.ini file:

  [promos]
  pleskFooter = false
  

• Added the “Database management” checkbox to Restricted Mode. Selecting the checkbox hides the “Database management” controls in the Plesk interface and prohibits the database management.
• Manual setup of email clients now shows the information about the required mail ports and their differences.
• Starting with this update, the Plesk database stores hashes of secret keys used to authenticate API requests rather than ciphertexts. This way, even if a threat actor were to read the Plesk database, they would no longer be able to retrieve any information that would allow them to authenticate via API.

• Security improvements.

  Note: Special thanks to Tarek Bouali (@iambouali) for reporting a security issue.

• Improved the Plesk interface and texts on the “DNS Settings” (domains) and DNS Template > Zone Settings Template (the Plesk server) screens. It should more clear now which field manages the default TTL value for the zone.
• If the reseller login consists of 10 digits (1234567890), the reseller’s incremental backups no longer have the size of the full backup. (PPPM-12533)
• XML API requests now return the correct number of subdomains in a subscription. (PPPM-12592)
• It is now possible to upload a logo file in the SVG format in Tools & Settings > Branding (under “Plesk Appearance”). (PPPM-12339)
• The “Update Domain Status” event is no longer run daily when the domain status does not change (for example, when the subscription the domain belongs to is suspended). (PPPM-12644)
• Backing up to Dropbox no longer shows the checksum warning message. (PPPM-12583)
• It is now possible to set the Plesk language and the description for a customer via REST API. (PPPM-12596)
• Plesk now preserves custom mailbox size and units of measurements and does not reset them each time the mailbox page is opened. (PPPM-12647)
• The mail autodiscover feature disabled on the Plesk server can no longer cause issues for resellers’ subscriptions (previously resellers’ subscriptions could be locked and could not be synced again). (PPPM-12661)
• The additional user with the single “Manage DNS settings” permission can no longer see logs. (PPPM-12630)
• File Manager is now opened faster when displaying a large number of files whose extensions are not hardcoded (for example, .exe or .pdf). (PPPM-12635)
• File Manager is now opened significantly faster when displaying a large number of DLL files (more than 300). (PPPM-12634)
• It is now possible to create DNS records that contain placeholders in the middle. (PPPM-12521)
• If a Plesk license was terminated on a server, the customers no longer receive daily repetitive notifications of resource overuse. (PPPM-12636)
• It is now possible to use the Amazon RDS Integration with MariaDB engine. (PPPM-12645)
• The Contact Support button in Tools & Settings > Support (under “Assistance and Troubleshooting”) > “Contact support without generating a technical report.” now redirects to the correct Plesk Support URL. PPP-51824)

Linux

• Added Brotli support to nginx.

  Brotli compression is enabled by default.

  To disable Brotli on a single domain, specify brotli off; in additional nginx directives.

  To disable Brotli globally, either specify brotli off; in /etc/nginx/conf.d/yy000_brotli_tweaks.conf or run the plesk bin nginx -d brotli command.

• Dropped support for Red Hat Enterprise Linux 6.
• Dropped support for Apache 2.2 and Apache mod_rpaf module (as a part of the change mentioned above).
• It is now possible to add a CNAME record pointing to another CNAME record. (PPP-49117)
• If PHP support was disabled in an add-on plan, the add-on PHP settings can no longer be applied to a subscription in any way. For example, assigning the add-on plan to the subscription will not change the subscription PHP settings. (PPP-49098)
• After installation of or upgrade to Plesk Obsidian, the plesk repair fs command no longer mistakenly detects files with the incorrect permissions in /var/log/plesk. (PPPM-12584)
• In Plesk on CentOS 7 with PHP from the OS vendor, the Apache module php5 can now be enabled or disabled. (PPPM-12628)
• IMAP and POP3 mail accounts configured in Outlook now correctly show emails with UTF-8 characters. The related “Your E-mail reader did not enable Unicode support” error message is no longer shown. (PPPM-12639)
• If Plesk Obsidian was upgraded from Plesk Obsidian 18.0.30 and earlier, the nginx cache size equal to 0 can no longer break the nginx configuration. (PPPM-12605)
• The login name length of password-protected directory users can now be up to 32 characters. Backup restoration no longer throws an error if the password-protected directory login name contains more than 20 characters. (PPPM-12409)
• Improved an error message shown in an attempt to enable Fail2Ban when Plesk does not have Fail2Ban installed. (PPP-51635)
• If web statistics are not generated properly, customers can now understand why because AWStats errors are now logged and customers can see them in the panel.log file (if the show.util_exec_io setting is set to true in the panel.ini file). (PPPM-9832)
• Plesk administrators can no longer set a rule in the Plesk Firewall that blocks themselves and, as a result, can no longer lose access to the Plesk interface. (PPPM-12469)
• The server shutdown in Tools & Settings > Shut Down Server (under “Server Management”) is now executed immediately on the same page after confirmation. The server can no longer be shut down twice if the Plesk administrator kept the shutdown link in the browser and refreshed it after the first shutdown. (PPPM-12091)
• In ModSecurity, the switch from the Atomic Standard to the Comodo rule set no longer causes false-positive bans. (PPPM-12291)
• Plesk Reconfigurator no longer fails if msmtp is installed. (PPPM-12662)
• Migration or backup restoration now preserves the mailbox antivirus settings. (PPPM-12378, PPP-50311)
• Upgrade to Plesk Obsidian from Plesk Onyx on a Debian-based OS can no longer make phpMyAdmin inaccessible. (PPPM-12509)

Windows

• In Plesk 17.8 on Windows Server 2012 R2, the Tools & Settings > Updates (under “Plesk”) page no longer hinders customers from upgrading to Plesk Obsidian. The page occasionally got stuck in an infinite loop and was constantly refreshed. (PI-603)
• Absence of the Plesk \etc\plesk-release file now throws an error and stops the non-interactive upgrade because such upgrade could make Plesk inaccessible. (PPPM-12581)
• SpamAssassin no longer fails to learn if the autogenerated password for the sa_bayes database contains the hash character (#). (PPPM-12579)
• It is now possible to change the \vhosts folder location using Plesk Reconfigurator. (PPPM-12649)
• It is now possible to create a mailbox via the CLI if Auth Policy Status is enabled in MailEnable. (PPPM-12595)
• In Plesk on Windows Server 2012 R2, the Plesk login page can no longer open the default Plesk page after the login to Plesk because the login page does not redirect to HTTP instead of HTTPS. (PPPM-12660)
• File Manager now opens files using links in domain log entries without any issues. (PPPM-12675)

Third-Party Component Updates

• Marked PHP 7.2 as outdated because it reached end of life.
• Dropped support for Internet Explorer 11, which reached end of life.

Linux

• Updated Dovecot to version 2.3.11.3.
• Updated PHP used by Plesk to version 7.3.26.
• Updated Roundcube to version 1.4.10.

Windows

• Updated the Plesk Perl package to version 5.30.3.
• Updated OpenSSL to version 1.1.1i.
• Updated Git to version 2.29.2.3.
• Updated ASP.NET Core 5.0 to version 5.0.2.
• Updated ASP.NET Core 3.1 to version 3.1.11.
• Updated ASP.NET Core 2.1 to version 2.1.24.
• Updated Node.js 12 to version 12.20.1.
• Updated Node.js 10 to version 10.23.1.
• Updated PHP used by Plesk to version 7.4.14.

• Added the missing translations for certain UI messages. (PPP-51477)

Linux

• Installation or update of Plesk Obsidian 18.0.32 and later no longer fails on CentOS 8.3. (PPPM-12582)
• In Plesk Obsidian 18.0.32 and later, customers can now again manage per-site PHP performance and security settings of their subscriptions. (PPPM-12604)

• Databases of applications installed on additional domains are now again backed up. (PPPM-12593)
• “Web Statistics SSL/TLS” and “Web Statistics” now work again for subscriptions with several domains. (PPPM-12594)

Linux

• The plesk repair fs command now works again and does not fail reporting the issue with incorrect permissions in /var/log/plesk. (PPPM-12584)
• In Plesk Obsidian 18.0.32 and later, ModSecurity enabled with any rule set and in any mode no longer occasionally hangs if Plesk was accessed via https://<server-IP-or-hostname>. (PPPM-12591)
• In Plesk Obsidian 18.0.32 and later, switching to ModSecurity3 on nginx no longer shows false positive results when domains are actually incompatible with nginx settings and the web server configuration files can be broken. (PPP-51432)
• In Plesk Obsidian 18.0.32 and later, Apache configuration can no longer cause the webAppFirewallSettings variable error being shown in the Plesk interface. (PPPM-12586)

Linux

• Issued REST API secret keys now work again in Plesk Obsidian 18.0.31 and later. (PPPM-12569)
• Installation or update of Plesk Obsidian 18.0.31 no longer fails in non-interactive mode if the server OS is CentOS 8.2 or 8.3. (PPPM-12582)

• PHP 8.0 is now supported.

  Note: PHP 8 is still very recent (it came out on November 26) and includes significant changes, including the removal of deprecated functions and changes to how code works.

  Because of this, many PHP applications that were written for PHP 5 and PHP 7 may not work correctly with PHP 8. This includes WordPress, which will fix most (but not all) PHP 8 compatibility issues in version 5.6 that will be released on December 8.

  PHP 8 will not be included into the “Recommended” installation set and won’t be installed on new servers or when updating to Plesk Obsidian 18.0.32.

• DNS Helper - a new feature meant to help users understand that their domain does not resolve to the server’s IP address and is inaccessible over the internet, and also to make it easier for them to make their domain resolve correctly. The feature will be rolled out to Plesk servers in waves. To enable it manually, add the following lines to the panel.ini file:

  [dns]
  enableResolveChecking = true
  showDnsHelper = true
  

• Added a new CLI command plesk checkupgrade in both Plesk for Linux and Plesk for Windows. Running the command before updating Plesk checks for issues that may prevent the server from updating safely.
• Added the support for ModSecurity 3 to nginx. ModSecurity 2.9 + Apache remains for now the recommended option. To switch to ModSecurity 3 + nginx, go to “Tools&Settings” > “Web Application firewall”.
  • Switching to ModSecurity 3 may hinder your existing applications. We strongly recommend trying ModSecurity 3 out on a test server before switching your production environment to that version.
  • At the moment you can only choose the OWASP ruleset in the Plesk UI for ModSecurity 3. You can download the Comodo ruleset and upload it to Plesk as a custom ruleset. We plan to make it possible to enable the Comodo ruleset for ModSecurity 3 directly from the Plesk UI in Plesk Obsidian 18.0.33.

  • You can disable switching to ModSecurity 3 by adding the following lines to the panel.ini file:

    [modSecurity] webServer.nginx = Off

• This version introduces a guided onboarding workflow to help new users create their first website right after the new server initialization stage. Users can choose to start with a WordPress website, a PHP application, or a static HTML/CSS website. They can upload a website they already have or choose a sample website provided with Plesk. To disable this function, add the following lines to the panel.ini file:

  [ext-onboarding]
  enabled = 0
  

• As of Plesk Obsidian 18.0.32, Internet Explorer 11 support has been deprecated and will be removed in Plesk Obsidian 18.0.33. Learn more.
• Red Hat Enterprise Linux 6 has entered the vendor end of support phase. Plesk Obsidian 18.0.32 is the last Plesk Obsidian version that supports that OS. Learn more.
• The File Sharing and Bandwidth Limiting (mod_bw) component has been removed. Learn more.
• The UX of renaming websites in Plesk has been improved.

• A publicly resolvable temporary domain name can now be chosen during a website’s creation. The temporary domain name allows you to start working on a new project even if you have no registered domain name. The feature will be rolled out to Plesk servers in waves. To enable it manually, add the following lines to the panel.ini file:

  [techDomain]
  subdomain.enabled = true
  

• The <your_domain> option is no longer marked as recommended in domains’ hosting settings because selecting it can result in an infinite redirection loop under specific conditions. (PPP-50944)
• Cloning a database from a local MySQL server to an external one no longer fails if a database with the same name as the one chosen for the cloned database exists on the local database server. (PPPM-12499)
• When creating a mail account, the “Password” and “Confirm password” fields are now correctly marked as required. (PPPM-12515)
• Updating a MySQL database user’s password via XML-RPC no longer returns a malformed response if the specified password does not meet the requirements of the server password strength policy. (PPPM-12393)
• Updating a subscription’s system user password via XML-RPC now correctly updates the password used to access web statistics for that subscription to the same value. (PPPM-12463)
• Running the plesk bin domain -i command for a domain now correctly shows the log rotation status (on or off) for that domain. (PPPM-12544)
• Full backups are no longer created instead of incremental ones when backing up a subscription with an APS application installed if that application’s database is owned by a different subscription. (PPPM-12537)
• When viewing logs for a subscription, entries from custom logs added via “Logs” > “Manage Log Files” > “Add Custom Log” are no longer incorrectly filtered out. (PPPM-12554)
• Usable error message is now shown if the MySQL writer process is terminated during database cloning. (PPPM-12450)
• Restoring a subscription with the “Drupal-8.9.5-171” APS application installed from a backup no longer results in an error. (PPPM-12477)
• After renaming a PHP handler via the plesk bin php_handler command, the custom name is now shown in Plesk instead of the original name. (PPPM-12556)
• Restoring a backup created on a Plesk server with a large (1000+) number of customers and/or subscriptions no longer fails with the “The specified backup file is corrupted, modified, created on another server or in an earlier Plesk version” error. (PPPM-12461)

Linux

• Creating a domain for a subscription while simultaneously changing PHP settings for an existing domain belonging to the same subscription no longer results in both processes hanging endlessly. (PPPM-12447)
• When creating a subscription on a Plesk Obsidian server that was updated from an earlier Plesk version, the value of the “Restrict following symbolic links” parameter is now correctly passed from the service plan to the subscription. (PPPM-12532)
• Plesk no longer specifies excessively large smtpd_proxy_timeout and smtpd_timeout values in Postfix configuration files during Plesk installation or whenever the plesk repair mail command is run. (PPPM-12236)
• Running the plesk repair mail -y command for a domain no longer removes Postfix SSL configuration for that domain’s aliases. (PPPM-12103)
• Opening “PHP Settings” for a domain no longer results in the “ERROR: Method Smb_Form_Final_Web_PhpSettings::__toString() must not throw an exception” error under specific circumstances. (PPPM-12456)
• Firewall rules can now be managed via the “Firewall” extension on Plesk Obsidian servers running in VZ containers created from the ubuntu-20.04-x86_64 OS template. (PPPM-12390)
• On Debian 10 servers with the “msmtp” component installed, sending mail via an external SMTP server no longer results in an error. (PPPM-12540)
• On Debian 10 servers with the “msmtp” component installed, sending mail via an external SMTP server is now correctly logged to the mail.log file. (PPPM-12540)
• On Plesk servers with Courier IMAP installed, all incoming emails are no longer duplicated for mail accounts that were disabled and then re-enabled. (PPPM-12530)
• Plesk now correctly reports CPU and memory usage for the MySQL (MariaDB) service. (PPP-50838)
• The sw-cp-server service no longer fails to reload or restart under specific circumstances. (PPPM-12525)
• On Plesk servers with the “Plesk Web Server Configuration Troubleshooter” component installed, running the plesk repair web -n command no longer results in the misleading “Problem with nginx default limit for open files is possible” error. (PPPM-12453)
• SDK and internal Plesk utilities no longer treat directories with special bits as files instead of directories. (PPPM-12573)
• On Plesk servers with the “Fix incorrectly set sender for outgoing mail” option enabled in “Tools & Settings” > “Mail Server settings” and outgoing mail control enabled and set to unlimited, sending mail no longer results in the “Error during ‘limit-out’ handler handlers_stderr: ERROR:main:list index out of range” error being written to the mail log. (PPPM-12448)
• It is no longer necessary to reload the page after Plesk initialization to log in if the WebSocket service is stopped on the server. (PPPM-12377)
• Autoresponder now sends replies correctly to messages with national characters in the mail header. (PPPM-11553)
• The “Tools&Settings” > “Services Management” page no longer becomes unresponsive for a long time when starting or stopping certain services (for example, nginx). (PPPM-12252)
• Plesk Installer logs are now rotated correctly if the /root/.autoinstallerrc file contains the line ‘SEPARATE_LOGS=”yes”’. (PPP-47902)
• Changing an IP address on a Plesk server no longer causes issues with sending mail if the old IP address was selected in “Tools&Settings” > “Mail Server” > “Outgoing mail mode” > “Send from the specified IP addresses”. (PPPM-12466)

Windows

• Security improvements.
• Plesk no longer assigns the system privilege “Replace a process level token” to IIS users created by Plesk. We believe this to be a more secure configuration, despite it being recommended by Microsoft.
• Plesk also explicitly removes the privilege “Impersonate a client after authentication” from IIS_IUSRS group. We believe this to be a more secure configuration, despite it being recommended by Microsoft.
• On Plesk servers with SmarterMail version 100.0.7593 or later installed, creating a backup including one or more subscriptions with mailboxes no longer fails with the “Unable to back up mail messages. Error: Failed to list mail messages” error. (PPPM-12454)
• Creating scheduled backups in FTP storage no longer intermittently fails with the “Unable to validate the remote backup. It may not be restored.” error. (PPPM-12482)
• Runnig the repair fs -y command using the name of an add-on domain as the argument now shows a recommendation to use the name of its parent domain instead. (PPPM-12505)
• During the cloning procedure, the MySQL root user password is now correctly changed. (PPPM-12320)
• Changing ASP.NET settings for a domain no longer results in the “assemblies” node in the domain’s web.config file getting removed. (PPPM-12561)
• Changing ASP.NET settings for a domain no longer results in the “authentication” node in the domain’s web.config file getting duplicated.(PPPM-12568)
• Changed ASP.NET settings for a domain no longer reset to the default value the “configuration” element in the domain’s web.config file has the “xmlns” attribute. (PPPM-12555)
• Folders named “tmp” can now be created, copied, moved, or deleted in File Manager. (PPPM-12443)
• Plesk migration no longer gets stuck for a long time on the “Fetch configuration data from Plesk servers” step. (PPPM-12552)
• Running plesk repair ftp on a server behind NAT no longer results in an unnecessary warning. (PPPM-12520)

Third-Party Component Updates

Linux

• Updated PHP used by sw-engine to version 7.3.25.
• Updated ionCube loader for PHP 7.2, 7.3, 7.4, and also for PHP used by Plesk to version 10.4.5.

Windows

• ASP.NET Core 5.0 is now supported.
• Updated ASP.NET Core 3.1 to version 3.1.10.
• Updated ASP.NET Core 2.1 to version 2.1.23.
• Updated PHP used by plesk-engine to version 7.4.13.
• Updated MariaDB 10.5 to version 10.5.8.
• Updated MariaDB 10.3 to version 10.3.27.
• Updated Node.js 12 to version 12.19.1.
• Updated Git to version 2.29.2.2.

• Security improvements.

• Security improvements.
• Creating a mail account as a customer when the “All subscriptions” option is selected in the subscription selection menu no longer fails with the “The specified limit is invalid” error. (PPP-50987, PPP-51161)