Change Log for Plesk Obsidian

Read the documentation: Learn how to install Plesk updates

Legend:

new feature

functionality improved

issue resolved

pay attention

Let’s Encrypt 2.12.2

  • Translated the Let’s Encrypt description shown in the SSL It! extension. (EXTLETSENC-932)

DigiCert SSL 1.9.1

  • SSL/TLS certificates from DigiCert issued for a domain (for example, example.com) now also secure the www subdomain (www.example.com) automatically.
  • The extension no longer supports the legacy DigiCert API. To issue SSL/TLS certificates from DigiCert, users need to install the SSL It! extension.
  • Translated the DigiCert description shown in the SSL It! extension. (EXTPLESK-2094)
  • SSL/TLS certificates from DigiCert do not support SAN. Fixed the incorrect description that said otherwise. (EXTPLESK-2047)

Plesk Migrator 2.20.0

  • External IDs of customers, resellers, and subscriptions can now be migrated in the extension’s interface. Previously, it was possible to migrate external IDs only via the CLI.
  • It is now possible to install the extension in Plesk on CloudLinux that has LVE Manager installed. (PMT-3777, PMT-4832)
  • Migration of WordPress applications from Plesk 12.5 to Plesk Obsidian no longer fails with the “Element ‘wordpress-instance’: This element is not expected.” error. (PMT-4712)
  • If the source DirectAdmin server has MySQL 5.7 or later, the extension now migrates database users without any errors. (PMT-4746)
  • Mail migration from DirectAdmin now works for accounts not owned by the administrator. (PMT-4816)
  • Migration of Microsoft SQL 2019 databases no longer fails with the “Access is denied” error. (PMT-4817)
  • Email messages migrated twice are no longer displayed as source code. (PMT-4820)
  • In Plesk for Windows, permissions of FTP users are now completely migrated. (PMT-4821)

SSL It! 1.7.0

  • Added the “Keep Secured” feature for Plesk (Tools & Settings > SSL/TLS Certificates (under “Security”)). The feature is enabled by default and automatically secures Plesk with an SSL/TLS certificate from Let’s Encrypt.
  • Users that purchased SSL/TLS certificates are now automatically redirected from Plesk Online Store back to the SSL It! page.
  • Added the ability to cherry pick the exact components (mail, webmail, and/or the “www” subdomain) for which users can enable “Keep Secured”.
  • If a website is not secured with a valid SSL/TLS, Plesk UI notifications inform the website owner about it and suggest securing the website with a valid certificate on the SSL It! page.

Repair Kit 1.2.1

  • Introduced timeouts for the plesk repair operations. If an operation takes longer than expected, the extension’s interface is unlocked and ready for new tasks. This improvement solves the issue when the extension’s interface hung because of a failed operation.

    By default, the extension has preconfigured timeout values. They are specified by the aspectTimeout settings in panel.ini, for example:

    [ext-repair-kit]
    aspectTimeoutMail = 30 minutes
    
  • The “MySQL Process List (Beta)” button in Tools & Settings > Process List (under “Assistance and Troubleshooting”) now opens the MySQL process list instead of showing the “Request failed with status code 500” error. (EXTPLESK-2075)
  • If the extension does not work because the /var/log/plesk directory has the incorrect permissions, the extension now shows a clear error message, which may help users to fix the issue. (EXTPLESK-2082)
  • The extension now correctly runs the plesk repair utility with custom parameters instead of showing the “t.map is not a function” error. (EXTPLESK-1298)
  • The extension now shows the overall CPU usage correctly. (EXTPLESK-2076)

Let’s Encrypt 2.12.1

  • The Let’s Encrypt extension installed without the SSL It! extension cannot automatically renew SSL/TLS certificates that secure mail. The extension now shows the corresponding message and suggests installing SSL It!. (EXTLETSENC-884)

Extension Catalog 1.13.3

  • Minor internal improvements.

PHP Updates

  • Updated PHP 7.4 to version 7.4.11.
  • Updated PHP 7.3 to version 7.3.23.
  • Updated PHP 7.2 to version 7.2.34.

Extension Catalog 1.13.1

  • If the Extensions Catalog does not show prices for certain items for any reason, users will be redirected to Plesk Online Store to buy these items.

PHP Composer 1.1.2

  • Security improvements.

Plesk Obsidian 18.0.30 Update 2

  • After update to Plesk Obsidian 18.0.30, Plesk no longer stops Apache instead of restarting it on certain Debian and Ubuntu servers. (PPPM-12387)
  • After update to Plesk Obsidian 18.0.30 Update 1, scheduled backups no longer fail with the “The following files were not found or were corrupted” error if backed up add-on domains have DKIM enabled. (PPPM-12384)

WordPress Toolkit 5.0.0

  • Two words: interface update! No need to worry, though, as the new UI for managing WordPress sites is a logical evolution of the old UI based on newer technologies. Site administrators will find themselves in a fresh-yet-familiar interface with increased focus on site updates, better UX, improved performance and responsiveness.
  • WordPress Toolkit Lite experience (applicable for owners of Plesk Web Admin edition) has been redesigned to prettify it and make it more uniform across different screens.
  • The list of features available in WPT Lite was updated to make it more consistent and logical:
    • Management of Search Engine Indexing is now available for free in WPT Lite
    • Debugging management is now available for free in WPT Lite
    • Password Protection is now available for free in WPT Lite
    • Update settings for individual sites are now available for free in WPT Lite
    • Upload of plugins & themes in the plugins / themes management is now available for free in WPT Lite
    • Mass update operations (including modification of update settings for multiple sites at once) are now available only in the full (paid) version of WPT
  • Starting with version 5.0, WordPress Toolkit requires Plesk Obsidian to work. Existing WordPress Toolkit installations on Plesk Onyx 17.8 will continue to function, but will no longer receive feature updates. Critical security fixes for WordPress Toolkit on Plesk Onyx 17.8 will continue to be delivered until Plesk Onyx 17.8 reaches end-of-life. We strongly recommend updating to Plesk Obsidian for the best Plesk and WordPress Toolkit experience.
  • Branding of default maintenance mode template was updated. It now mentions being powered by WordPress Toolkit instead of Plesk.
  • Restoration of backup files no longer fails if they contain some files with read-only permissions. (EXTWPTOOLK-5561)
  • Websites are no longer getting stuck in maintenance mode under certain mysterious circumstances after being updated. (EXTWPTOOLK-5531)
  • Checkboxes are no longer missing on Security and Updates screens on Safari. (EXTWPTOOLK-5396)
  • Other checkboxes were not missing on Safari, but they were not aligned properly, so this was fixed as well. (EXTWPTOOLK-5367)
  • WordPres Toolkit now properly updates site URL when a WordPress site is hosted on a subdomain and the main domain is renamed. (EXTWPTOOLK-2268)
  • Smart Updates no longer compare shortcode values, avoiding certain false positives during the analysis. Shortcode names are still compared. (EXTWPTOOLK-4618)
  • Backup / Restore functionality is no longer displayed as available for sites connected via remote management plugin (because it was never actually available, mind you, not because we removed the feature). (EXTWPTOOLK-5446)
  • WordPress Toolkit now displays a helpful hint for Firefox users with enabled pop-up blockers trying to log in to WordPress via WPT. Unsurprisingly, the hint is: turn off pop-up blocker on this page if you want to log in to WordPress via WPT. (EXTWPTOOLK-5634)

Extension Catalog 1.13.0

  • The Plesk administrator and additional administrators can now purchase extensions without leaving the Extensions Catalog.
  • A purchased extension is now automatically installed and the extension’s license key is now automatically received.

Plesk Obsidian 18.0.30 Update 1

  • Fixed the note about SSL warnings on the Plesk login screen. (PPP-50397)

Windows

  • Plesk Onyx 17.8.11 that has add-on domains can now be upgraded to Plesk Obsidian 18.0.30 without any issues. (PPP-50357)

Let’s Encrypt 2.12.0

  • The extension now supports a new chain of trust based on ISRG Root. Before January 11, 2021, the old IdenTrust root remains the default one, while the new ISRG Root is an alternative one. After January 11, 2021, the extension will issue SSL/TLS certificates based on the new ISRG Root, while the old IdenTrust root will become an alternative one.

    To have the extension issue SSL/TLS certificates based on the alternative root (which is ISRG Root before January 11, 2021, and IdenTrust after this date), add the following lines to panel.ini:

    [ext-letsencrypt]
    use-alternate-root = true
    
  • Improved an error message shown when the “Keep secured” task fails if the email address of a domain owner is missing. (EXTLETSENC-887)

WordPress Toolkit 4.10.2

  • WordPress installations accessible via several domains with the same docroot can now be updated properly. (EXTWPTOOLK-5566)

Plesk Obsidian 18.0.30

  • The Plesk login page can now show a notification what hostname to use for logging in to avoid the warning about an untrusted connection. The notification is shown when a user logs in to Plesk using the server IP address, while the server is secured with a valid SSL/TLS certificate from Let’s Encrypt.
  • To enhance security, Plesk now generates a random prefix for a temporary server hostname.
  • Dropped support for the File Sharing feature. File Sharing is no longer available in Plesk Obsidian by default.
  • G Suite can now be set up with the Plesk DNS service because it is now possible to set an MX priority value to 1 in the Plesk interface.
  • Dynamic List view now shows a number of subdomains and domain aliases (if any) and a number of pages they occupy.
  • Increased the load speed of Dynamic List view.
  • Improved the look of the empty list of Plesk UI notifications.
  • If IP mapping to a public IP address is configured, plesk bin dns --reset no longer mistakenly resets DNS zones. (PPPM-12186)
  • Improved error reporting when UTF-8 characters are malformed (it may happen, for example, during backup restoration). (PPP-50033)
  • The statistics (Tools & Settings > Summary Report (under “Statistics”)) no longer contain obsolete mail redirect fields. (PPPM-12336)
  • A correct database is now shown on the left side of the screen in phpMyAdmin when one database user exists for multiple databases and the “User has access to all databases within the selected subscription” option is enabled. (PPPM-4734)
  • Backup creation no longer occasionally fails with the “Unable to create backups: Unable to create remote backup. Error: Unable to export backup: Transport error: unable to list directory: Curl error: (28)” error. (PPPM-12215)
  • A subdomain is no longer created with the mail account tab if the subdomain’s subscription belongs to the service plan that has the “Ability to change mail settings” option disabled. (PPPM-12314)
  • The server-wide certificates page (Tools & Settings > SSL/TLS Certificates (under “Security”)) no longer fails to be opened if the server has a large number of subdomains (more than 500) secured with SSL/TLS certificates. (PPPM-12350)
  • It is now possible to configure and use FTP storage on the vsftpd 3 servers. (PPPM-12277)
  • The plesk repair db utility can now fix the mail service records in the IpAddressesCollections table. (PPPM-4845)
  • Improved error reporting of Backup Manager. Backup Manager now considers content errors to be warnings and proceeds with backup restoration. (PPPM-12334)
  • Improved error reporting of Backup Manager. Backup Manager now sends the information about all occurred issues to the email address configured in the scheduled backup task. Failures to dump subscription databases are now regarded as important issues because they prevent subscriptions from being fully restored. (PPPM-12097)
  • Fixed the path to the Plesk favicon. Previously it could be occasionally incorrect. (PPP-49932)

Linux

  • Plesk now supports VERP-style email addresses. The corresponding setting (“Enable email subaddressing”) is enabled by default in Tools & Settings > Mail Server Settings (under “Mail”) on new Plesk Obsidian installations.
  • The plesk repair web -php-fpm-configuration command can now detect PHP-FPM misconfigurations and fix them by removing obsolete PHP-FPM configuration files.
  • To mitigate the Apache and nginx symlinks vulnerability, the “Restrict the ability to follow symbolic links” option is now enabled by default for new service plans and new custom subscriptions. Learn more about mitigating the symlinks vulnerability.
  • Made integration with phpMyAdmin more robust.

    Note: phpMyAdmin files are now located in /usr/local/psa/phpMyAdmin.

  • Updated sw-engine to version 2.30.1.
  • Updated sw-engine PHP to version 7.3.22.
  • Watchdog can now be activated on CentOS 8 in VZ containers.
  • Under specific circumstances, Plesk no longer fails to detect the main IP address on the server. (PPPM-11484)
  • If, in Restricted Mode Settings, Firewall (under “Tools & Resources”) is selected, while Extensions management (under “Extensions”) is not, going to Tools & Settings > Firewall no longer shows the “permission denied” error when Power User view and Restricted Mode are enabled. (PPPM-8847)
  • The dk_sign mail handler no longer throws segmentation faults if an email contains DKIM-Signature as the last header. (PPPM-12221)
  • Users can no longer lose access to phpMyAdmin via Plesk after updating to Plesk Obsidian or after Plesk Obsidian updates. (PPPM-11253)
  • AWStats TXT files are now completely removed after the corresponding TTL has expired. (PPPM-10655)
  • Plesk now detects and shows the warning if a new PostgreSQL database name and user name are the same. (PPPM-12224)
  • Auto-replies can now be delivered via a relay host to email addresses whose names contain non-ASCII characters. (PPPM-11553)
  • Made the “IP address ban period” field of Fail2Ban longer. The field now completely displays large values. (PPPM-12349)
  • Improved a confirmation message shown when plesk repair ftp can remove an orphaned system user. Additionally, plesk repair ftp no longer removes the user’s home directory. (PPPM-11058)
  • A domain alias can no longer point to a subdomain instead of the main domain. (PPP-49923)
  • It is no longer possible to create a subdomain with the webmail prefix (for example, webmail.example.com) if the main domain already has webmail enabled. (PPPM-12356)
  • If a domain’s access_ssl_log contains lines with the malformed URI sequence, the log browser no longer shows the blank page instead of the actual log. (PPPM-12345)
  • In Plesk on CentOS 8, a mailing list can now be restored from a backup. (PPPM-12347)
  • Fixed specific cases when a Plesk license for virtual machines could not be installed on KVM virtualization. (PPPM-12317)
  • After some domains were deleted from a server and PHP-FPM was reloaded, php-fpm.sock of some domains is no longer lost and the domains no longer become unavailable. (PPPM-12280)

Windows

  • Updated PHP used by Plesk to version 7.4.10.
  • Customers can no longer log in to mail using Horde IMP with an incorrect case password. (PPPM-8584)
  • An LDAP query no longer throws the “LDAP local: No Memory” error because libcurl was updated to version 7.71.1. (PPPM-10971)
  • A mail account can now be updated via the CLI without any issues after the limit of a subscription’s mailboxes was reached. (PPPM-11679)
  • It is now possible to switch to the latest version of SmarterMail without any issues. (PPPM-12295)
  • ModSecurity no longer conflicts with SmarterMail API: SmarterMail sites no longer contain ModSecurity modules. (PPPM-12296)
  • After Plesk 11.0 was upgraded to Plesk Obsidian, it is now possible to remove subscriptions. (PPPM-12177)
  • Fixed error reporting when the SMTP server refuses connection. (PPPM-12267)
  • Mail forwarding now works in SmarterMail. (PPPM-12246)
  • Plesk updates no longer change an installed myLittleAdmin additional license key to the default myLittleAdmin license. (PPPM-12244)
  • MySQL ODBC 3.51 DNS can now be configured with the required settings. (PPPM-12233)
  • The plesk bin repair --reconfigure-ftp-sites command can now fix anonymous FTP users. (PPP-46657)
  • Plesk now correctly logs issues when ODBC DSN resources are lost after backup import. (PPP-50196)

Third-Party Component Updates

Linux

Windows

  • ionCube Loader 10.4.1 is now shipped with PHP 7.4.
  • Updated BIND to version 9.16.6.
  • Updated ASP.NET Core 3.1 to version 3.1.8.
  • Updated ASP.NET Core 2.1 to version 2.1.22.
  • Updated MariaDB to version 10.5 (both for the Plesk database and for customers’ websites).
  • Updated libcurl to version 7.71.1.

DigiCert SSL 1.9.0

  • The DigiCert SSL extension now supports DigiCert APIv2.
  • The DigiCert SSL extension UI has been integrated with the SSL It! extension. From now on, please issue SSL/TLS certificates via SSL It! The DigiCert standalone UI can be used to finish orders placed via the legacy DigiCert API. The DigiCert standalone UI does not support DigiCert APIv2 and will be removed in the future.
  • By default, SSL It! only shows a small subset of all available SSL/TLS certificates. To see more certificates, go to “Extensions” > “My Extensions” > “SSL It!” and click “Configure”.
  • Ordering a secure site wildcard certificate from Symantec for a wildcard subdomain (for example, “*.example.com”) no longer fails. (EXTPLESK-1600)
  • Ordering a RapidSSL certificate no longer fails when the certificate’s owner country is set to “United Kingdom of Great Britain and Northern Ireland”. (EXTPLESK-1695)
  • Starting to order a certificate for a subscription and then renaming it before finishing the order will no longer result in failures. (EXTPLESK-1634)
  • Fixed several translation issues.

WordPress Toolkit 4.10.0

  • Site administrators can now back up and restore individual WordPress sites using the brand new ‘Back Up / Restore’ functionality exclusive to WordPress Toolkit. Site backup files are included in subscription backups by default, so site administrators can use Plesk Backup Manager functionality like scheduled backups or backing up to cloud for further processing. Note: this feature isn’t available on Plesk 17.8 Onyx for Windows.
  • Updated and improved multiple text messages shown in the product.
  • Security improvements.
  • Updating WordPress to version 5.5.1 does not trigger wp-cli errors anymore. (EXTWPTOOLK-5490)
  • Additional user accounts no longer blow up WordPress Toolkit (figuratively speaking), when accessing Plugins or Themes tabs. (EXTWPTOOLK-5219)
  • Server administrators now can access default plugin and theme sets on cloned Plesk installations. (EXTWPTOOLK-3132)
  • “Change default database table prefix” security measure does not fail anymore if database table has a period in its name. (EXTWPTOOLK-5376)
  • WordPress Toolkit no longer fails to remove one of several WordPress sites if another site under the same user account was broken in a quite specific way that we’d better not explain here for brevity’s sake. (EXTWPTOOLK-5486)
  • “Update Site URL” control now works properly in List view. (EXTWPTOOLK-5037)

SSL It! 1.6.0

  • In Plesk for Windows, domains with the “Forwarding” hosting type can now be secured via SSL It!.
  • The extension now supports the latest Mozilla preset in Plesk Obsidian. Also improved the UX and fixed a number of issues that the new preset can cause. (EXTSSLIT-541)

    Note: The “modern” preset is not supported on CentOS 8.

  • Added the new “Session resumption” settings: session_timeout and session_cache improve the security and also increase the load speed of a website by speeding up the TLS handshake.
  • Improved the SSL It! interface when the website status is “Security can be improved”. Now it should be easier for users to understand which settings to turn on to get the the “Safe and sound!” status.
  • The “Keep websites secured” feature no longer substitutes a custom email in an SSL/TLS certificate with one that belongs to the website owner. (EXTSSLIT-531)
  • Checkboxes are now again shown in the extension’s interface opened in Safari. (EXTSSLIT-1080)
  • If an issue occurred, the executed “Keep websites secured” task no longer substitutes the error message that explains the cause of the issue with an unrelated error message. (EXTSSLIT-1052)
  • The extension’s interface now works for a domain when the list of SSL/TLS certificates offered by SSL It! is empty and the domain has an alias. (EXTSSLIT-1047)
  • A subdomain secured with a wildcard SSL/TLS certificate is no longer wrongly shown as “Not secured” if the certificate was assigned to the main domain. (EXTSSLIT-669)

PHP Updates

  • Updated PHP 7.4 to version 7.4.10.
  • Updated PHP 7.3 to version 7.3.22.

Linux

  • Updated PHP 7.4 to version 7.4.10.
  • Updated PHP 7.3 to version 7.3.22.
  • Updated ionCube loader for PHP 7.3 and PHP 7.4 to version 1.4.2.

DigiCert SSL 1.8.4

  • Fixed the issue where icons for DigiCert products were not shown in “SSL\TLS Certificates”. (EXTPLESK-2034)

Plesk Obsidian 18.0.29 Update 3

  • The headers of notifications in the Notification Center are no longer malformed. (PPP-50118)
  • Outgoing Mail Control now works correctly if the time zone on the server is set to one of the USA time zones (e.g. New York, NY, USA GMT-4). (PPPM-12321)

Linux

  • ModSecurity security rules no longer stop working after an unsuccessful attempt to update rules. (PPPM-12324)

PHP Composer 1.1.1

  • Removing a domain with the composer.json file present no longer results in errors being logged to the panel.log file, potentially breaking integrations. (EXTPHPCOMP-129)

WordPress Toolkit 4.9.2

  • It is now possible again to change database setting via the CLI for existing WordPress sites. (EXTWPTOOLK-5384)

Plesk Obsidian 18.0.29 Update 2

  • Checkboxes are now again shown in the interfaces of the WordPress Toolkit and SSL It! extensions opened in Safari. (PPP-50041)

Linux

  • After update to Plesk Obsidian 18.0.29, custom Comodo rule sets are no longer removed after daily task execution. (PPP-50022)

PHP Updates

  • Updated PHP 7.4 to version 7.4.9.
  • Updated PHP 7.3 to version 7.3.21.
  • Updated PHP 7.2 to version 7.2.33.

Linux

  • Updated Redis to version 5.3.1 for PHP 7.2, 7.3, 7.4.
  • Updated libwebp to version 1.1.0 for PHP 7.2, 7.3, 7.4.

DigiCert SSL 1.8.3

  • Improved the overall performance of the Digicert SSL extension as a plugin of the SSL It! extension. (EXTPLESK-2017)

SSL It! 1.5.3

  • Sped up the load time of Plesk pages if the extension is installed. (EXTSSLIT-1068)

Joomla! Toolkit 2.4.3

  • Added the administrator login button to the domain overview page - the button is only displayed if the credentials are provided.
  • Improved the bulk process result message if errors occur during the long task process.
  • Batch Update (Core&Extensions) - The update process does not stop if an extension update fails. (EXTCERT-3034)
  • Fixed the backup limit set to 0 (not unlimited) and the error message if the limit is reached. (EXTCERT-3026)
  • Fixed the backend link in the row view - if auto-login is possible, the direct administrator link is displayed.

Plesk Obsidian 18.0.29 Update 1

  • It is now again possible to set the Plesk administrator’s email address using subaddressing. (PPPM-12260)

Windows

  • Update to Plesk Obsidian no longer fails because of certain unnecessary Horde files, which Microsoft Security falsely detected as malware. (PPPM-12266)
  • Forwarding to a domain without SSL support can now be set up again. (PPP-49922)

WordPress Toolkit 4.9.1

  • WordPress Toolkit version and build number is now displayed on top of the “WordPress Toolkit Settings” screen.
  • CLI utility for the Update Site URL feature was added. It can be accessed through the plesk ext wp-toolkit --update-site-url command.
  • CLI utility for managing various wp-config.php settings was added. It can be accessed through the plesk ext wp-toolkit --wp-config command.
  • Security measure “Block access to potentially sensitive files” now also blocks public access to .ini files. This change is not applied automatically: to enforce it, reapply the measure on required websites.
  • Installing a WordPress site via WPT CLI will no longer display unnecessary and overwhelming information in a background task window inside Plesk UI. (EXTWPTOOLK-5217)
  • Jetpack plugin is now installed without PHP errors on Plesk for Windows. (EXTWPTOOLK-5259)

SSL It! 1.5.2

  • Email notifications about failed renewal of wildcard certificates on domains with the external DNS service are now sent according to the notification settings. (EXTSSLIT-1056)

Plesk Obsidian 18.0.29

  • The list of domains in Dynamic List view now has indents for domain aliases and subdomains.
  • Increased the load speed of Dynamic List view.
  • The backup process now correctly calculates server space necessary for a backup by ignoring files configured to be skipped during backing up.
  • Repair Kit can now detect and fix the database inconsistency: missing entries in IpAddressesCollections.
  • When a user changes a website’s PHP handler, Plesk now informs that this change will make the website unavailable for a number of seconds.
  • Increased SecResponseBodyLimit of ModSecurity: certain websites in Plesk can no longer become unavailable because of the “ModSecurity: Output filter: Response body too large” error.
  • It is now possible to hide “Skins and Color Schemes” and “Interface management” in Restricted Mode.
  • Improved the picture and text shown when the Plesk UI notification pane is empty.
  • The “View Certificates” button (Websites & Domains > domain > SSL/TLS Certificates > Advanced Settings) is no longer shown if the Plesk administrator did not configure the button’s link to a website where customers can buy SSL/TLS certificates. (PPP-49711)
  • If a database user has the “User has access to all databases within the selected subscription” option enabled, it is now possible to get information about the database user via XML API. (PPPM-12202)
  • Changed the reseller’s permission name “Subscription creation in Server Administration Panel and domain creation in Customer Panel” to “Domains Management”. The new name now matches the same permission in resellers’ plans and does not confuse customers and resellers. (PPPM-12184)
  • Add-on domains can now be restored from backups created on another Plesk server. (PPPM-12122)
  • The “Management of access to the server over SSH” permission in resellers’ service plans now works correctly: a reseller’s subscription system user can no longer receive SSH access that conflicts with the permission. (PPPM-12124)
  • A website’s sitemap.xml generated by Web Presence Builder now includes the www and HTTPS prefixes of the website URLs when “Permanent SEO-safe 301 redirect from HTTP to HTTPS” is selected and the www domain is preferred. (PPPM-6867)
  • File Manager breadcrumbs now show the correct location. (PPP-49542)
  • Custom buttons can now be created in Additional Services. (PPPM-12171)
  • Backing up to FTP storage no longer occasionally fails with the “Unable to find archive metadata” error. (PPPM-12213)
  • When trying to open domains’ logs, users no longer occasionally see an HTTP error 500. (PPP-37350)
  • If an additional Plesk administrator is logged in to Plesk in Power User view, “Logged in as” no longer shows the username of the main Plesk administrator. (PPPM-12135)
  • An additional user’s email address can no longer be created based on a subscription that has the mail service disabled. (PPPM-12188)
  • If a Plesk server’s public IP address was set an then removed from the IP addresses, the Plesk Home page (“System Overview”) no longer shows empty brackets next to the Plesk IP address. (PPPM-12117)
  • Customers’ external_id can now be updated via REST API. (EXTREST-97)
  • A REST API request to retrieve the Plesk administrator’s details now returns the correct type value. (EXTREST-103)
  • A REST API request to change a customer’s name now needs only the name field value to be submitted. (PPPM-12198)

Linux

  • Ubuntu 20 is now supported. Plesk Migrator supports migration from Ubuntu 16 and 18 to Ubuntu 20.
  • Introduced the new option “Fix incorrectly set sender for outgoing mail” that significantly reduces the likelihood of outgoing emails landing in spam (if DKIM and SPF are also enabled and properly set up). If the option is enabled, Plesk fixes incorrect sender headers and the envelope-sender address for outgoing mail.
  • Security improvements.
  • Update to Plesk Obsidian 18.0.29 will reconfigure Apache and nginx websites.
  • Updated PHP used by Plesk to version 7.3.20.
  • In Plesk on CentOS 8.1 and Debian 10 with IPv4 and IPv6 addresses, fixed unnecessary steps in the generated firewall script. (PPPM-11795)
  • Nginx configs are now removed after nginx support was disabled. (PPPM-11197)
  • If a large number of websites use the same PHP handler, the PHP handler change of one website no longer makes websites that use the target PHP handler temporarily unavailable. (PPPM-12241)
  • Premium Antivirus by Dr.Web now works without a license key installed when TLSv1 is disabled for sw-cp-server. (PPPM-5740)
  • It’s possible to customize MySQL variables used by database export and import via the server-wide my.cnf. (PPPM-10773)
  • The “Website Copying” feature can no longer exceed the hard disk quota. (PPPM-11523)
  • Plesk Repair can no longer break the Apache configuration and cause websites’ downtime if an SSL/TLS certificate that secures one of the websites has the empty cert_file value in the Plesk database. (PPPM-10522)
  • If the free Comodo rule set is selected and WordPress is installed on a website, Fail2Ban can no longer block the Plesk server’s IP address after customers spend some time working in WordPress. (PPPM-11961)
  • The list of static files served directly by nginx now contains the webp extension. (PPPM-12109)
  • Plesk Repair now checks the ulimit value before showing a warning about it. (PPP-47989)
  • If the submitted text of the mailbox quota warning is too long, Plesk now informs that this text cannot be longer than 2000 characters. (PPPM-12089)
  • Removed excessive debug messages “ERR [panel] ADD” from the Plesk log. (PPPM-12156)
  • Emails sent from a Plesk server with Horde and SpamAssassin enabled are no longer wrongly labeled as spam. (PPPM-12120)
  • Site Preview now opens a website even if the website URL does not have a trailing slash. (PPPM-12149)
  • The Watchdog (System Monitoring) component can now be enabled in Plesk on CentOS 8 in Virtuozzo containers. (PPPM-12247)
  • Update to Plesk Obsidian 18.0.28 no longer fails if Plesk has two protected directory users who have the same names but the letter cases are different. (PPPM-12107)
  • If a user scheduled backups to be stored in FTP storage and the FTP timeout is low, the user no longer receives the repetitive warning message “Export error: Size of volume 
 does not match expected one 
 . The remote backup may not be restored.” (PPPM-12084)

Windows

  • After checking web & FTP servers, “Diagnose & Repair” no longer mistakenly informs that a domain’s temporary file folder is missing. (PPPM-12196)
  • If the Plesk administrator’s profile is broken, Plesk Migrator now shows a more detailed error message instead of the general “Unable to set backup sign certificate” error. (PPPM-12105)
  • Migration of Microsoft SQL database servers no longer occasionally fails with the “Login failed for user ‘admin’” error. (PPPM-12169)
  • When fixing FTP users, Plesk Repair no longer occasionally fails with the “Failed to recreate the junction: ftpmng failed: C structured exception: 0xc0000005” error. (PPPM-12174)
  • Mass email messages can now be sent if no template is used and only selected customers are chosen. (PPP-49645)
  • plesk_fopen errors are now correctly processed: if a customer does not have the permission to view a certain file, the customers will now see the correct error message. (PPP-49766)
  • When trying to open domains’ logs, users no longer occasionally see the “Class ‘Plesk_Log_Timestamp’ not found” error. (PPPM-12165)
  • If Plesk installation was interrupted, Plesk is no longer broken and does not show the “ImpersonationCache.db uninitialized/corrupted” error. (PPPM-11384)
  • MySQL databases that contain non-ASCII characters can now be again exported without any issues. (PPPM-12116)

Third-Party Component Updates

Linux

  • Updated nginx and the sw-cp-server service to version 1.18.0.
  • Updated Kronolith to version 4.2.29.
  • Updated Roundcube to version 1.4.7.

Windows

  • Updated ASP.NET Core 3.1 to version 3.1.6.
  • Updated ASP.NET Core 2.1 to version 2.1.20.
  • Updated Horde to version 5.2.23.
  • Updated BIND to version 9.16.4.

PHP Updates

Linux

  • Argon2 usage in PHP 7.2 and 7.3 no longer causes errors in PHP applications (for example, 503 HTTP errors during attempts to log in to TYPO3 and Nextcloud). (PPP-49780)

WordPress Toolkit 4.9.0

  • Server Administrators can now use Service Plans to limit the number of WordPress sites that customers can install and manage in WordPress Toolkit.
  • “Global Settings” screen now has the option to define the default database table name prefix for new WordPress installations.
  • It’s now possible again to log in to WordPress installations after changing the access password in WordPress Toolkit and not refreshing the installation info via “Refresh” button or other means. (EXTWPTOOLK-5156)
  • Security measures are no longer applied to detached websites. (EXTWPTOOLK-5107)
  • Redundant backslashes in non-English email notifications from bug EXTWPTOOLK-4699 have returned from the dead and were quickly sent back packing. (EXTWPTOOLK-5042)
  • Websites can now be properly cloned if their scheduled task created to replace native wp-cron has no description. (EXTWPTOOLK-5033)
  • Update version of manually uploaded plugins and themes is now detected correctly. (EXTWPTOOLK-4966)
  • WordPress Toolkit working in Lite mode now correctly accepts update settings specified by users in wp-config.php file. (EXTWPTOOLK-682)

Plesk Migrator 2.19.6

  • The extension can now be installed in Plesk on Debian 10.
  • The extension can now migrate large mailboxes (more than 2 GB) to SmarterMail at a time.
  • Fixed the following issues that could occasionally happen if the target mail server uses IMAP to restore mail (for example, SmarterMail 100 or later):
    • Texts of email messages were not migrated completely.
    • Errors occurred when the emails were restored on the target mail server. (PMT-4768)
  • Migration now works if the source server has freshly installed cPanel of the latest version. (PMT-4795)

Advisor 1.8.2

  • Added the recommendation to install the Imunify360 extension.

SSL It! 1.5.1

  • No error now occurs when the “keep-secured” scheduled task tries to renew a certificate uploaded manually to a domain. (EXTSSLIT-1036)

PHP Composer Advisories 1.0.1

  • Internal security improvements.

Plesk Obsidian 18.0.28 Update 3

  • Security improvements.
  • Error messages related to an incorrect AUTO_INCREMENT value in the Plesk database now show a suggestion to fix the error using the Repair utility (either in the Plesk interface or in the CLI).

Linux

  • Fixed the following issues previously occurred when the Plesk mail server is secured with an SSL/TLS certificate from Comodo whose certificate chain points to the expired Sectigo root:
    • Connections from webmail and mail clients to the mail server no longer fail. The improvement does not work in Plesk on CentOS 6/RHEL 6/CloudLinux 6.
    • The rule set from Comodo can now be activated.
  • Changes of a website’s PHP handler cause the website’s downtime if the Apache restart interval has a non-zero value. To prevent the website’s downtime, it is now possible to ignore the Apache restart interval and to force the web server restart on each change of PHP handler settings. To do so, the Plesk administrator needs to add the following lines to panel.ini:

    [webserver]
    restartApacheWhenChangingFpmHandler=1
    

SSL It! 1.5.0

  • The list of secured components on a domain’s SSL It! page was rearranged. Absence of a non-wildcard certificate and a certificate that secures mail is no longer displayed as an error at the top of “Secured Components”.
  • If panel.ini contains invalid values of SSL It! settings, a domain’s SSL It! page no longer fails to be opened with a 500 HTTP error. (EXTSSLIT-959)
  • A certificate can now be issued for a domain that is used to access Plesk (the “Customizing Plesk URL” feature). (EXTSSLIT-962)
  • IDN domain aliases can now be automatically renewed. (EXTSSLIT-978)

Linux

  • Domains with the “Forwarding” hosting type can now be secured via SSL It! with certificates from Let’s Encrypt. The feature works in Plesk Obsidian for Linux with the Let’s Encrypt extension version 2.11 and later.

Windows

  • If SmarterMail is selected as a webmail client, webmail can now be secured.
  • When SmarterMail is selected as a webmail client, renewal of a Let’s Encrypt certificate that secures webmail no longer resets the webmail status to “Not secured”. (EXTSSLIT-886)

DigiCert SSL 1.8.2

  • Users can specify “The United Kingdom (UK)” in contact information while issuing a certificate. (EXTPLESK-1695)

PHP Updates

  • Updated PHP 7.4 to version 7.4.8.
  • Updated PHP 7.3 to version 7.3.20.
  • Updated PHP 7.2 to version 7.2.32.
  • Introduced PHP updates are the last ones for Debian 8 “Jessie”. See Plesk EOL Policy for details.

Linux

  • ionCube Loader is now shipped with PHP 7.4.
  • Updated the following PHP components shipped with Plesk:
    • ionCube to version 10.4.0.
    • Redis to version 5.3.0.
    • xdebug to version 2.9.6.
    • Imagick to version 3.4.4.
    • PEAR components: Pear to version 1.10.12, Archive_Tar to version 1.4.9, Console_Getopt to version 1.4.3, and XML_Util to version 1.4.5.
  • Argon2 is now shipped with both FastCGI and FPM. (PPP-49652)

Plesk Mobile Center 1.14

  • The extension now uses a new Apple Push Notification service certificate.

Let’s Encrypt 2.11.0

  • Sped up the remove-expired-tokens.php task. Expired tokens are now removed faster from the acme-challenge directory on servers with a large number of domains. (EXTLETSENC-845)
  • A certificate can now be issued for a domain that is used to access Plesk (the “Customizing Plesk URL” feature). (EXTLETSENC-874)
  • The server setting of panel.ini is now removed as deprecated. (EXTLETSENC-879)

Plesk Obsidian 18.0.28 Update 2

  • After updating to Plesk Obsidian 18.0.28, users that have custom web server templates no longer occasionally have web server reconfigurations errors. (PPPM-12119)
  • After updating to Plesk Obsidian 18.0.28, Backup Manager no longer occasionally shows false positive errors that a backup is invalid. If the backup is indeed invalid, an error message is shown and the corresponding entry is written to a log. (PPPM-12110)
  • After updating to Plesk Obsidian 18.0.28, a full server backup is no longer erroneously created instead of an incremental one when the base backup exists and it is valid. (PPPM-12112)

Ruby 1.3.10

  • The extension can now be installed on Debian 10.

Plesk Obsidian 18.0.28 Update 1

  • Debian 10 “Buster” is now supported. Plesk on Debian 10 “Buster” has the following limitations:

    • PHP versions 5.2-5.6 and 7.0 are not distributed with Plesk.
    • The time synchronization settings are not available.
    • Connection to the server might be interrupted the first time the Plesk Firewall rules are activated.

    Note: Plesk does not support any dist-upgrade scenarios for Debian 10. To upgrade to Debian 10 from previous Debian versions or other OSes, use Plesk Migrator.

Linux

  • The plesk bin repair --db -n command works correctly again and does not return the “Wrong admin password is found for PSA database server” error. (PPPM-12094)

G Suite 1.0.2

  • The extension is now compliant with the new Google customer account transfer procedure.
  • If a password contains the & symbol, a G-Suite subscription can now be activated. (EXTPLESK-1961)
  • When a trial period ends, seats are now counted correctly. (EXTPLESK-1959, EXTPLESK-1890, EXTPLESK-1920)
  • G Suite licenses are now displayed correctly in the customer account after verification. (EXTPLESK-1921)

WordPress Toolkit 4.8.4

  • Update of certain plugins & themes will not mark WordPress sites as broken if there were JSON decoding errors. (EXTWPTOOLK-4736)
  • Trying to update a commercial plugin or theme that requires a license will not cause JSON decoding errors anymore. (EXTWPTOOLK-5048)
  • Password protection can be enabled on websites that have a double quote character in the site title. (EXTWPTOOLK-5086)
  • Permalinks no longer can be broken under certain circumstances when plugins or themes are updated. (EXTWPTOOLK-5118)
  • Permalinks no longer can be broken under certain circumstances when a theme is activated. (EXTWPTOOLK-5119)

Plesk Migrator 2.19.5

  • The extension can now be installed in Plesk on Debian 10.
  • When migrating a domain secured with an SSL/TLS certificate from Direct Admin, the certificate is now correctly selected in Plesk after migration. (PMT-4789)
  • Emails migrated to SmarterMail 100 no longer have their sending and delivery dates replaced with the date of migration in the SmarterMail web interface. (PMT-4786)

Plesk Obsidian 18.0.28

  • The Plesk administrator can now disable all promotions in Plesk by adding the following lines to the panel.ini file:

    [promos]
    enabled = false
    
  • By default, Plesk is now automatically secured with an SSL/TLS certificate from Let’s Encrypt. See more details.
  • Updated sw-engine PHP to version 7.3.18.
  • Rebuilt PHP 7.4.7 on CentOS 7/RHEL 7/CloudLinux 7 because of the Oniguruma update.
  • Running the plesk repair fs command now shows a clearer message if suspicious ownership of files and directories is detected in the root directory of a domain. (PPPM-4400)
  • If the AUTO_INCREMENT issue appears, the Plesk administrator can now fix it by running the plesk repair db -y command. (PPP-49217)
  • Websites’ screenshots in Dynamic View are now rendered significantly faster. (PPPM-11589)
  • Improved the search for domains: extra spaces or tabs no longer empty the search results. (PPP-49037)
  • The resellers’ mailbox quota is now calculated correctly. (PPPM-11653)
  • The “Site name” drop-down list on the “Website copying” screen now shows websites in alphabetical order. (PPP-49370)
  • Changes in the server-wide SpamAssassin settings now actually update these settings. (PPPM-11983)
  • Limited the number of email addresses that can be added to the mail forwarding list. (PPPM-10677)
  • Changing a PHP version now preserves the selected PHP handler type if the PHP version supports the handler. (PPPM-10694)
  • It is now possible to add non-endpoint IP addresses via the Plesk interface. (PPP-49198)
  • When Plesk has several subscriptions, the “Open” button next to “Databases” on the domain page in Power User view now opens the “Databases” screen. (PPPM-9466)
  • PHP settings in site-isolation-config now work again. (PPPM-12020)
  • It is now possible to add only IP addresses (without a mask) in Domains > domain > DNS Settings > Zone Transfers. (PPPM-10874)
  • Removed the outdated release-tier and autoupgrade-stable parameters from the plesk bin server_pref utility. (PPPM-11614)
  • During backups’ restoration, Plesk now resets the objects selected to restore each time users change a type of objects to restore (for example, database or files of domains). This prevents the impression that multiple objects types can be restored at once. (PPPM-12028)
  • The password reset link is now present for mail on subscriptions that do not belong to the Plesk administrator. (PPPM-12033)
  • Statistics in summary reports are now calculated for resellers. (PPPM-11034)
  • An attempt to delete a non-existent remote backup no longer results in an error. (PPP-47687)
  • Put a limit on long scheduled tasks to prevent cases when the Plesk interface hangs because of massive data stored in a long task. (PPPM-11966)
  • It is now possible to restore a full server backup stored in the Google Drive Backup storage when the “Restore this backup despite the fact that it does not have a valid signature” option was not enabled and the Plesk server has a large number of subscriptions (more than 100). (PPPM-12029)
  • The “Activate/Deactivate Services” button is no longer missing for mail of a subscription created under a hosting plan that has the 0 value in “Maiboxes”. (PPPM-10770)
  • Network errors no longer can hinder backing up and restoration. (EXTPLESK-1948)
  • The Plesk interface now clearly shows that backup rotation depends on a number of stored backup files. (PPPM-11931)
  • It is now possible to back up a server to FTP storage if the server has customers whose names contain German characters. (PPPM-11967)
  • “Mail configuration and content” is no longer shown during backing up in Plesk without mail. (PPP-48943)
  • It is now possible to see details of backups if the backups were created by resellers and contain resellers’ subscriptions. (PPPM-11914)
  • Editing DNS records can no longer occasionally lock subscriptions. (PPPM-11940)
  • It is now possible to remove a mail account from an add-on domain if the mail service of the mail domain is disabled. (PPPM-11974)
  • Resellers can now increase outgoing mail limits in the email address settings if they have already been changed. (PPPM-11496)
  • The “SSL/TLS support” and “Permanent SEO-safe 301 redirect from HTTP to HTTPS” options are now automatically enabled in hosting settings of customers’ subscriptions created under a hosting plan in which the settings were disabled. (PPPM-11563)
  • It is now possible to update a subdomain’s settings via the CLI or API when the main domain has the disabled PHP support. (PPPM-11947)
  • Removing a subscription with configured remote storage settings now also removes all the subscription’s backup settings from the psa.BackupsSettings table. (PPPM-11933)
  • If FTP storage was configured for a domain that had already used the storage and then the storage had some connectivity issues, it no longer takes about a minute to open the domain’s Backup Manager. (PPPM-12060)
  • It is no longer possible to lose access to a MySQL database if the database name has the maximum allowed size and contains underscores. (PPPM-12057)
  • Errors in extensions’ custom buttons can no longer break the whole Plesk page. (PPPM-12021)
  • Sped up the migration of subscriptions to the target server with the same OS and Plesk version as the source by removing unnecessary information from backup.log and the XMl-configuration file when the subscriptions are backed up. (PPPM-11919)
  • Plesk now shows sizes and numbers of tables for all databases of a subscription if the subscription has a large number of databases (more than 25). (PPPM-12062)
  • Backup Manager now shows comments (if any) under the “Comments” column for backups stored in remote storage. (PPPM-11714)

Linux

  • PHP shipped with Plesk now supports Argon2.
  • Removed the mirroring feature from Plesk Autoinstaller.
  • Moving a domain that uses PHP-FPM handlers to another subscription no longer occasionally fails. (PPPM-4225)
  • If the root (/) and /var directories are located in different partitions, it no longer negatively affects chroot setups. (PPPM-11977)
  • Resellers can now choose the exact FPM application type (served by Apache or by nginx) in their own service plans. (PPPM-12019)
  • Running the plesk bin http2_pref --enable command to enable HTTP/2 now updates TLS versions for nginx. (PPPM-11991, PPPM-11965)
  • After update to Plesk Obsidian, IMAP and POP3 mail accounts configured in Outlook now correctly show emails with UTF-8 characters. (PPPM-11248)
  • If the SpamAssassin filter is enabled, it is now possible to return to a previous domain name without the “Integrity constraint violation: 1062 Duplicate entry” error. (PPPM-12016)
  • Plesk now validates the Apache and nginx directives more strictly: users are less likely to accidentally break nginx. (PPPM-11962)
  • Removed obsolete Python modules. After a Plesk update, the var/log/plesk/install/plesk_<version>_installation.log log will no longer contain confusing error message from these modules. (PPPM-11981)
  • If Plesk is configured with a remote database server, databases are now backed up. (PPPM-11993)
  • The cgi-bin directory is now added to the website directory template on new Plesk installations. As a result, the directory is created in /var/www/vhosts/ when “CGI support” is selected in a domain’s hosting settings. (PPP-46488)
  • It is now possible to change an email password via webmail in certain network configurations because xinetd ACL now allows all correct connections from the localhost. (PPPM-11839)
  • Postfix Sender Rewriting Scheme (SRS) now works with email addresses that contain the plus sign (+). (PPPM-10128)
  • After a PHP script located in the customer’s home directory was run by a scheduled task, chroot environment is no longer set up for the directory. (PPPM-11985)
  • The greylisting logs now contain the information explaining why emails were rejected. (PPP-47900)
  • Plesk Autoinstaller now checks for errors in yum/dnf during a Plesk update. If the errors are found, the update is stopped and an error message is shown. (PPPM-11956)
  • It is now possible to add or remove a large number of items (more than 2000) to or from the black/white list. (PPPM-11900)
  • The Roundcube and Horde php.ini templates now have the local open_basedir directive that does not override the global one in the Plesk php.ini. This prevents customers from accidentally breaking the Plesk php.ini.
  • After the PHP-FPM handlers’ configuration was updated, Plesk now force restarts PHP-FPM. As a result, if the new configuration failed to be applied, users will see an error in the Plesk interface right away. (PPPM-11570)
  • “Quick Preview on a domain name in Plesk” now works for domains hosted on a IPv6 server. (PPPM-12008)
  • Greylisting no longer rejects emails from Instagram. (PPPM-11674)
  • The plesk repair fs utility now fixes incorrect permissions in /var/www/vhosts. (PPPM-12051)
  • Improved a message shown after the Comodo rule set was activated. (PPPM-10829)
  • Creating or deleting domains on a server that has a larger number of subscriptions (more than 100) no longer occasionally causes the “httpd: Syntax error on line” error being shown. (PPPM-9180, PPPM-7236)
  • The /var/log/httpd/error_log file no longer contains the following multiple error messages: “client denied by server configuration: /usr/share/plesk-service.localdomain/”. (PPPM-11377)
  • Improved a message shown when nginx is not enabled but there was an attempt to start it. (PPP-46905)
  • Mail Autodiscover now works when the www domain is selected as the preferred domain. (PPPM-11747)
  • Mail now works on a subscription that belongs to a hosting plan whose mail service was disabled and then enabled both for the hosting plan and the subscription. (PPPM-11958)
  • A subscription’s disk usage statistics can no longer show the chroot directories category with a non-zero value if the chroot shell environment was not enabled. (PPP-49136)
  • Fixed the iptables version detection in the Plesk firewall script on operating systems with nftables (CentOS 8 and Debian 10). (PPPM-11795)
  • It is now possible to create a mailbox on a subdomain after the plesk repair utility fixed the subdomain. (PPPM-11954)
  • The “Mailbox usage exceeded 95% quota” email notification now has the date header with the current server time: the notification is less likely to be misplaced. (PPPM-12055)
  • It is no longer possible to select a disabled PHP handler for a domain after switching between “No web hosting” and “Website hosting” in the domain’s hosting settings. (PPPM-11928)
  • A full server backup is now created without warning messages after a domain was moved to another subscription. (PPPM-11765)
  • It is no longer possible to change the database server used for the Plesk psa database or change the database’s password via the CLI or API. (PPPM-11086)

Windows

  • Plesk no longer gets stuck on the “Initializing” screen if the selected trial license option failed to be processed. (PPP-49156, PPP-47384)
  • To prevent issues with accessing Plesk, the urlrewrite package is now updated before the panel package. (PPPM-12027)
  • It is now possible to manage databases on SQL Server 2008 and SQL Server 2008 R2 in Plesk. (PPPM-11942)
  • When SSL/TLS certificates are updated, an old certificate is now automatically deleted after it was replaced with the newly issued one. (PPPM-11953)
  • Custom buttons’ icons are now loaded correctly. (PPPM-12038)
  • An update from Plesk Onyx to Plesk Obsidian is now blocked and a warning message is shown if Active Directory Domain Controller and Plesk are installed on the same server. Resuming the update with this configuration will break Plesk after the update. (PPP-48660)
  • It is now possible to add multiple server headers at once via the CLI by using the -add-web-server-header option with the plesk bin domain --update-web-server-settings <domain_name> command. (PPPM-12031)
  • The installation of Microsoft .NET Core 3.1.4 - Windows Server Hosting no longer fails with code 1638 and no longer breaks Plesk. (PPPM-12030)
  • Plesk now hides the “Add database” button when the limit of MySQL databases is reached. (PPPM-11939)
  • Plesk can now import dumps of very large Microsoft SQL databases without any errors. (PPPM-11996)
  • The outdated PHP handlers (versions 5.6 and 7.0) no longer contain custom upload_tmp_dir as their values. (PPP-49179)
  • Plesk can now export MySQL 5.1 databases. (PPPM-12002)
  • It is now possible to rename a subscription if its mail service was secured with an SSL/TLS certificate generated in Plesk (for example, a Let’s Encrypt certificate or a self-signed one). (PPPM-11995)
  • It is now possible to change the administrator’s credentials for the Microsoft SQL server in Plesk. (PPPM-12001)
  • Plesk can now use the custom DumpTempDir value for temporary backup files. (PPPM-11935)
  • After an attempt to install WordPress via Applications on a server that has disabled PHP handlers and MySQL, a clear error message is now shown instead of an HTTP error 500. (PPPM-10705)
  • Plesk now backs up unassailable log files without warning messages. (PPPM-10885)
  • PowerShell scheduled tasks now work in Plesk on Windows Server 2019. (PPPM-11321)
  • It is now possible to rename a database user of the remote Microsoft SQL database in the Plesk interface. (PPPM-12059)

Third-Party Component Updates

Linux

  • Updated Roundcube to version 1.4.6.
  • Updated Horde to version 5.2.23.
  • Updated Dovecot to version 2.3.10.1.

Windows

  • Updated ASP.NET Core 3.1 to version 3.1.15.
  • Updated ASP.NET Core 2.1 to version 2.1.19.
  • Updated MariaDB to version 10.3.23 (both for the Plesk database and for customers’ websites).
  • Updated MariaDB Connector/C to 3.1.8.
  • Updated BIND to version 9.16.3.
  • Updated Node.js 12 to versions 12.18.0.
  • Updated Node.js 10 to versions 10.21.0.
  • Fixed a severe vulnerability in myLittleAdmin.

Panel.ini Editor 3.2.2

  • Added a number of descriptions of the Let’s Encrypt extension’s settings.

Let’s Encrypt 2.10.2

  • Panel.ini Editor now shows all necessary Let’s Encrypt settings. (EXTLETSENC-648)
  • After a Plesk daily task was executed, the “PHP Fatal error: Modules_Letsencrypt_CustomInfo” error no longer appears in the logs. (EXTLETSENC-861)

Grafana 1.1.6

  • After update to Grafana 7, the pages of the Grafana and Advanced Monitoring extensions no longer show the “login.OAuthLogin(state mismatch)” error instead of the expected content. (EXTPLESK-1868)

PHP Updates

Linux

  • Rebuilt PHP 7.4.7 on CentOS 7/RHEL 7/CloudLinux 7 because of the Oniguruma update.

PHP Updates

  • Updated PHP 7.4 to version 7.4.7.
  • Updated PHP 7.3 to version 7.3.19.

Let’s Encrypt 2.10.1

Windows

  • The extension can now issue an SSL/TLS certificate to secure the server hostname if no domain with this hostname and no default website exist in Plesk. (EXTLETSENC-855)
  • The extension no longer fails to issue SSL/TLS certificates if the common challenge directory support is enabled and the plesk binary path is absent from the IIS process environment. (EXTLETSENC-854)

Advanced Monitoring 1.3.1

  • The extension can now automatically detect server hardware changes and make the necessary adjustments: redraw graphs and recalculate thresholds of the notifications.
  • It is now possible to set thresholds in MB and GB instead of bytes (which was previously the single option).
  • The memory usage graph in Plesk for Windows now shows more available metrics.
  • Units on the y-axis are now displayed more accurately: the fractional part is no longer rounded. (EXTPLESK-1844)
  • The extension no longer interprets custom thresholds in the custom-health-config.xml file as the default ones. (EXTPLESK-1789)
  • In Plesk for Windows, the threshold of physical and virtual memory usage is now calculated correctly. (EXTPLESK-1743)
  • If the Parallels.MonitorSrv.exe.Config component is not installed correctly during the extension’s installation in Plesk for Windows, the component is now automatically fixed and the extension is installed without any issues. (EXTPLESK-1435)
  • If the health-monitoring component is absent from Plesk for Windows for any reason, the component is now automatically installed and the System Health Monitor service is present. (EXTPLESK-1864)

PHP Composer Advisories 1.0.0

  • Initial release.

WordPress Toolkit 4.8.3

Windows

  • IIS web server configs are no longer erroneously applied to all domains in a subscription with shared IIS application pool if at least one of these domains had WordPress installed. (EXTWPTOOLK-5044)

PHP Composer 1.1.0

  • Added support for Composer 2.0. The extension now works with Composer 1.0 and 2.0.
  • The Composer utility shipped with the extension is now automatically updated by default.
  • When two applications are installed on a domain, it is now possible to switch between the applications’ folder in PHP Composer. (EXTPHPCOMP-104)
  • The PHP Composer button is no longer shown for a domain alias whose main domain does not have web hosting. (EXTPHPCOMP-100)
  • Starting with Plesk Obsidian 18.0.20, the page in “Applications” > “Manage My Applications” shows the message that informs how to locate a Composer application. (EXTPHPCOMP-56)

SSL It! 1.4.1

  • If a domain has a subdomain with the SSL support disabled, the SSL It! domain page no longer fails to be opened with a 500 HTTP error. (EXTSSLIT-955)
  • If domains have the SSL support disabled, only SSL/TLS certificates from Let’s Encrypt can now be selected to secure the domains’ webmail. Previously it was possible to select SSL/TLS certificates from DigiCert but they cannot secure webmail of the domains without the SSL support. (EXTSSLIT-952)
  • Domains are now again can be secured when they are created (when the “Secure the domain with Let’s Encrypt” option is selected). (EXTSSLIT-953)
  • When a domain was secured with an SSL/TLS certificate and then the SSL support for the domain was disabled, the “Websites & Domains” page for the domain is now opened without any issues. (EXTSSLIT-954)

G Suite 1.0.1

  • Internal security improvements.

SSL It! 1.4.0

  • In Plesk for Windows, significantly decreased a number of cases when the extension cannot issue a Let’s Encrypt certificate because the HTTP-01 challenge cannot be passed. To achieve this, we made the common challenge directory support turned on by default. This features has been already introduced in Plesk for Linux for quite some time. Now it works for Windows as well.

    Note: If necessary, you can turn off the common challenge directory support via the CLI. However, we recommend that you always keep the support on.

  • The extension can now secure webmail on domains without web hosting.

  • The CLI can now manage wildcard certificates issue and turning on and off HSTS. To see details, use the plesk ext sslit –help command.
  • Added cache to store domains’ security status. In certain cases, it speeds up the loading of the extension’s domain screen.
  • Redesigned the extension’s icons to make them more in tune with the Plesk Obsidian style.
  • For non-Let’s Encrypt certificates, added the “Suggest renewing” indicator on a domain card. The indicator means that an SSL/TLS certificate is about to expire and the extension cannot renew it automatically. We suggest that users renew the certificate manually in due time.
  • When a domain is secured with a custom SSL/TLS certificate, the domain’s security status is now identified correctly. (EXTSSLIT-784)
  • When a domain has only its www alias secured (for example, only www.example.com is secured but not example.com), the “Domain with the “www” prefix` option” is no longer marked as not secured. (EXTSSLIT-802)
  • Significantly sped up Plesk search on servers that have a large number of subscriptions (more than 100) and the extension installed. (EXTSSLIT-806)
  • Cleaned up the code executed after a user clicks to issue or renew an SSL/TLS certificate. The extenion no longer shows the “Get it free” button instead of “Renew” and the “No CA plugins available” message by mistake. (EXTSSLIT-832)

WordPress Toolkit 4.8.2

  • Corrected mistakes in English locale.
  • Additional fix was added for the issue previously addressed in WPT 4.8.1: Apache rewrite rules are no longer erroneously applied to all domains in a subscription if at least one of these subscriptions had WordPress installed. (EXTWPTOOLK-5017)

DigitalOcean DNS 1.2.1

  • Synced locale languages supported by the extension.

WordPress Toolkit 4.8.1

  • Under certain circumstances, Apache rewrite rules could stop working with enabled hotlink protection, block authors scan, or bot protection security measures. (EXTWPTOOLK-5009)

WordPress Toolkit 4.8.0

  • Server administrators can now define default WordPress installation language in the global WordPress Toolkit settings.
  • CLI command for enabling and disabling Smart Updates on a site was added. Run plesk ext wp-toolkit --smart-update to access it.
  • Plugins and themes that require a license for automatic update will now cause a proper error message when users try to update them via WordPress Toolkit without a license.
  • Backup / Restore links now always lead to the corresponding subscription’s Backup Manager screen. (EXTWPTOOLK-1582)
  • Smart Updates can now update plugins and themes uploaded manually to WordPress Toolkit if their updates were also manually uploaded to WPT. (EXTWPTOOLK-4080)
  • WordPress Toolkit buttons are now properly displayed in Action List if Plesk is in restricted mode. (EXTWPTOOLK-4596)
  • German translation for multisites was corrected. (EXTWPTOOLK-4627)
  • Certain manually uploaded plugins with incorrect plugin slugs no longer display a broken Changelog link. (EXTWPTOOLK-4662)
  • It is no longer possible to disable native wp-cron on WordPress sites that use disabled or absent PHP handler. (EXTWPTOOLK-4799)

Let’s Encrypt 2.10.0

  • Automatic renewal of Let’s Encrypt certificates no longer fails when a domain has a large number of secured subdomains (more than 200). (EXTLETSENC-644)
  • Challenge token files (which are created after certificates failed to be renewed or issued) are now deleted after 3 months. The extension’s folders are no longer cluttered. (EXTLETSENC-676)
  • In Plesk for Windows with Bind, wildcard challenge DNS records are now added automatically to the DNS zone of a domain that you try to secure with a wildcard certificate. (EXTLETSENC-813)

Plesk Obsidian 18.0.27 Update 1

  • Website configs are now regenerated if Plesk had previous upgrades from version 11 or earlier. (PPPM-11952)
  • Added certain translations that were missing from Plesk 18.0.27. (PPP-49052)

Linux

  • Enabling Plesk Firewall no longer crashes the sw-cp-server service. (PPPM-9966)
  • Multiple sw-cp-server restarts no longer cause Plesk downtime on Ubuntu 18.04. (PPP-49063)
  • Plesk Obsidian can be now updated to version 18.0.27 without the “20200423164000-create_stored_sslmng_configuration” warning being shown. (PPPM-11943)
  • Hosting settings can now be changed if the sysuser login has more than 20 characters. (PPPM-11955)

Amazon Route 53 2.8.0

  • It is now possible to have white-label or vanity name server with Amazon Route 53. To configure them, users need to select the “Manage NS and SOA records” checkbox and then follow step 7 and further in the Amazon Route 53 guide.

    The feature described above was introduced by the extension’s user. We express our gratitude and welcome the contribution of Amazon Route 53 users into further development of the extension.

  • Added the warning message shown after users click the “Sync All Zones” button. The warning explains that Plesk will overwrite all DNS records in Route53 with those in Plesk and will remove those DNS records from Route53 that do not exist in Plesk.
  • The extension can now handle 2048-bit DKIM keys. (EXTPLESK-286)

Grafana 1.1.5

  • Resolved compatibility issues with Grafana 7.0. (EXTPLESK-1867)

PHP Updates

  • Updated PHP 7.4 to version 7.4.6.
  • Updated PHP 7.3 to version 7.3.18.
  • Updated PHP 7.2 to version 7.2.31.

Plesk Migrator 2.19.4

Linux

  • It is now possible to migrate subscriptions containing additional Apache and nginx directives to Plesk 18.0.27. (PMT-4783)

Plesk Migrator 2.19.3

  • Migration now works in Plesk 18.0.26 and later. (PMT-4781)

Plesk Welcome Guide 1.1.0

  • Refactoring for Plesk Obsidian.
  • Increased requirement to 18.0.23.
  • Added core permission check “manage_server_modules” to check whether user has the right to install extensions.
  • Updated presets (added Email Security & Joomla! Toolkit).
  • Replaced Toggle Button with Switch element for status change.
  • Updated copyright year.
  • PSR-12.

Plesk Obsidian 18.0.27

  • The GD library shipped with Plesk PHP packages now supports WebP.
  • Fixed inconsistencies found in the Plesk database before initializing Plesk.
  • Subscription backups are no longer created in invalid state if there are improper values in the ‘protected_dirs’ table in the Plesk database.(PPPM-11889)
  • In German locale, on the administrator’s home page, a number of words are now displayed in German instead of English. (PPPM-11887)
  • It is now possible to configure which TLS version to use when creating backups in FTP storage by adding the following lines to the panel.ini file: (PPPM-11906)

    [pmm]
    ftpMaxTlsVersion = 12
    
  • It is now possible to hide the “Cookies” link found on the login screen by adding the following lines to the panel.ini file: (PPPM-11808)

    [gdpr]
    cookieSettings.loginFormEntrypointEnabled = false
    
  • The File Sharing and Bandwidth Limiting (mod_bw) components have been deprecated and will be removed soon. Learn more.
  • In a number of non-English locales, the database export progress dialog messages are now shown in the corresponding language instead of English. (PPPM-11875)
  • On servers with the “Skins and Color Schemes” extension installed and enabled and a custom skin installed, logging in to Plesk and refreshing the page no longer resets the skin to the default one. (PPPM-11831)
  • Operations in Plesk no longer sometimes fail with the “Integrity constraint violation: 1062 Duplicate entry for key ‘PRIMARY’” error. (PPP-48787)
  • Creating a backup in Amazon S3 storage no longer produces unhelpful error messages in case of failure. (EXTPLESK-1742)
  • Restoring a customer account from backup no longer fails if the customer’s password is missing from the backup. (PPPM-11867)

Linux

  • Updating Plesk no longer results in system packages and installed extensions being updated as well, which should decrease the number of failed updates.
  • It is now possible to enable beta support for dynamic IP addresses by adding the following lines to the panel.ini file (not recommended for use in production, please report any issues you encounter on the Plesk Forum):

    [network]
    dynamic_ipv6 = on
    
  • Using Dovecot on Plesk servers deployed on LXC no longer results in errors. (PPPM-11878)
  • The plesk repair web <domain.tld> no longer reports all domains without physical hosting as having problems. (PPPM-10907)
  • The plesk repair web <domain.tld> now correctly repairs web server configuration issues for domains without physical hosting. (PPPM-10907)
  • Under specific circumstances, Plesk no longer fails to detect the main IP address on the server. (PPPM-11484)
  • On Red Hat Enterprise Linux 8 and CentOS 8 servers, installing Plesk now finishes successfully if the chsh utility is missing from the server. (PPP-48847)
  • PostgreSQL database server is shown in “Tools & Settings” > “Database Servers” even if it is not started or initialized. (PPP-48341)
  • Enabling a disabled Fail2ban jail no longer results in misleading errors being written to the ‘/var/log/fail2ban.log’ file. (PPPM-8105)
  • Running the apache2ctl -t or systemctl restart httpd commands after creating a certificate for a domain via the Let’s Encrypt extension and the removing the ‘*-ca.crt’ part no longer breaks Apache configuration.(PPPM-11899)
  • On Red Hat Enterprise Linux and CentOS servers, constants for selecting SSL/TLS versions are now available in PHP shipped with Plesk. (PPPM-11904)
  • Running the plesk repair web -y command now correctly fixes Apache configuration if the ‘*-ca.crt’ part of SSL/TLS certificate is missing for one or more domains. (PPP-48798)
  • Trying to log in over FTPS using an incorrect password for an existing user no longer results in the connection being reset due to ProFTPd experiencing a segfault. (PPPM-11866)
  • On Red Hat Enterprise Linux 8 and CentOS 8 servers, the Postfix service no longer fails to start. (PPP-48637)
  • On CloudLinux 7 servers, installing Plesk with Phusion Passenger, installing and configuring CageFS, and then installing the passenger-cagefs package no longer fails with the “clcommon.cagefs python module is unavailable” error. (PPPM-11922)

Windows

  • Running the plesk repair fs command now also checks for missing, corrupted or outdated Plesk files.
  • The plesk sbin websrvmng --configure-plesk-website command no longer fails if an “application/octet-stream” MIME type for the .* file extension exists on the server. (PPP-48654)
  • Publishing a site snapshot in Web Presence Builder no longer results in an error if the “Enable Win32 long paths” policy is disabled on the server. (PPPM-10611)
  • Restoring a backup when there is not enough free disk space on the server now results in a more helpful error message. (PPPM-11912)
  • PHP scripts using the file_get_contents() function no longer fail with the “Warning: file_get_contents(): SSL operation failed with code 1.” error. (PPPM-11909)
  • On Plesk servers with SmarterMail installed, mail content for newly created domains is now correctly stored in the “C:\SmarterMail\Domains\example.com” directory instead of “C:\SmarterMail\Domains\Domains\example.com”. (PPPM-11659)

Third-Party Component Updates

  • Updated Horde to version 5.2.22.

Linux

  • Updated OpenSSL used by nginx to version 1.1.1g.

Windows

  • Updated SpamAssassin to version 3.4.4.
  • Updated OWASP ModSecurity CRS to version 3.2.0.
  • Updated MariaDB to version 10.3.22 (both for the Plesk database and for customers’ websites).
  • Updated plesk-engine PHP to version 7.3.17.
  • Updated Git to version 2.26.2.

WordPress Toolkit 4.7.4

  • Updated the hint for “Disable wp-cron” feature in accordance with official WordPress documentation.

Domain Traffic Monitor 1.3.2

  • vhosts-traffic-monitor now restarts successfully when the worker process is dead but the pidfile exists. (EXTPLESK-1235)

WordPress Toolkit 4.7.3

  • Fine-tuned Jetpack license checks to avoid clogging up the log files.
  • Update of WordPress Toolkit extension no longer fails under certain specific conditions with “Value is not allowed. Allowed one numeric value and ‘*’” error. (EXTWPTOOLK-4798)

WordPress Toolkit 4.7.2

  • A bunch of new default WordPress site names was added. Also, some of the gloomier old names were changed to more positive ones for the sake of cheering people up a bit.
  • Updated the destination of Changelog links on the Updates screen. (EXTWPTOOLK-4733)
  • It’s now possible to properly disable wp-cron.php if scheduled tasks with missing PHP handlers are present on the server. (EXTWPTOOLK-4764)

Plesk Obsidian 18.0.26 Update

  • Plesk now supports CentOS 7.8. (PPPM-11893)

DigitalOcean DNS 1.2.0

  • It is now possible to authorize the extension using DigitalOcean API tokens as well as OAuth 2.
  • NS records for vanity DNS servers (“ns1.yourdomain.com” instead of “ns1.digitalocean.com”) are now correctly synchronized from Plesk to DigitalOcean.
  • Changes made to the TTL values of DNS zones in Plesk are now correctly synchronized to DigitalOcean. (EXTPLESK-1677)
  • CAA records created in Plesk are now correctly synchronized to DigitalOcean.(EXTPLESK-1745)

SSL It! 1.3.2

  • Managing a domain’s SSL/TLS certificates using Internet Explorer no longer results in a blank page. (EXTSSLIT-822)

PHP Composer 1.0.6

  • Opening PHP Composer in Internet Explorer no longer results in a blank page. (EXTPHPCOMP-128)

WordPress Toolkit 4.7.1

  • Made nginx caching great again (well, now you can enable and disable it again). (EXTWPTOOLK-4746)

PHP Updates

  • Updated PHP 7.4 to version 7.4.5.
  • Updated PHP 7.3 to version 7.3.17.
  • Updated PHP 7.2 to version 7.2.30.

WordPress Toolkit 4.7.0

  • WordPress Toolkit now can update paid plugins & themes, if these updates are available in the WordPress admin area. Note that certain plugins and themes do not support automatic updates, but display notifications about update availability anyway. This particulal scenario isn’t fully supported yet.
  • WordPress administrators now have the option to disable the execution of wp-cron.php via default WordPress mechanism. Enabling this option will automatically create a regular scheduled task in Plesk, which means users can manually adjust the frequency of wp-cron.php task execution on a per-site basis.
  • “Updates” window now displays Changelog links for plugins and themes.
  • It’s now possible to filter WordPress sites in the “Installations” list by their labels.
  • Reduced the number of screenshot creation timeouts.
  • Exterminated redundant backslashes in non-English email notifications. (EXTWPTOOLK-4699)
  • Remote WordPress sites connected via plugin can now be properly updated again. (EXTWPTOOLK-4622)
  • WordPress Toolkit now works again on Windows 2012 R2, if access to Plesk via port 443 is enabled. (EXTWPTOOLK-4166)
  • Creation time of restore points is not updated anymore if data copy or update procedure is carried out without creating a new restore point. (EXTWPTOOLK-4115)
  • Updates for manually uploaded plugins and themes will now be visible in the interface if they become available in WordPress admin area. (EXTWPTOOLK-1785)

SSL It! 1.3.1

  • On CentOS 6 servers, automatic renewal of SSL/TLS certificates issued via the Let’s Encrypt extension no longer fails. (EXTSSLIT-821)

Advisor 1.8.1

  • Adjusted the logic for the “Plesk Email Security” recommendation.

Advisor 1.8

  • Plesk Advisor now recommends installing the Plesk Email Security extension.

Plesk Obsidian 18.0.26

  • With this update (18.0.26) Plesk Obsidian is now considered to be a “stable” (late adopter) release.

    Late adopter release. By the time this tier becomes available, the latest Plesk version has been out long enough to have most of its nagging issues discovered and fixed. You can be certain that the Plesk version you are about to install has already been used in production environments for some time, and there are no major issues that could compromise the stability of your Plesk servers.

  • Which domain to use to access Plesk via the standard HTTPS port can now be configured via the Plesk GUI. Go to Tools & Settings and look for Customize Plesk URL (under “General Settings”).
  • Domains with the “Forwarding” hosting type now support HTTPS. The support for securing such domains with Let’s Encrypt certificates via the Let’s Encrypt extension will be added later. (PPP-42238)
  • Plesk interface no longer partially fails to load on Plesk Obsidian servers protected by CloudFlare with RocketLoader enabled. Still, we do not recommend using RocketLoader with Plesk, as not only it will not speed up UI rendering, but may slow it down and cause UI to flicker.
  • Certain Plesk features (Web Users, Web Presence Builder, and Website Copying) that are hidden in Dynamic View by default can now be returned to the Plesk interface by adding the following lines to the panel.ini file:

    [dynamicList]
    enableFeatures = webusers, sitebuilder, sitecopy
    
  • Updated xdebug to version 2.9.4.
  • Updated uuid to version 1.1.0.
  • Updated sw-engine to version 2.27.6.
  • Updated sw-engine PHP to version 7.3.16.
  • The File Sharing and Bandwidth Limiting (mod_bw) components will be deprecated in the next Plesk Obsidian release (18.0.27). Learn more.
  • The “PHP Settings” button is no longer missing in Power User view on Plesk servers with the Restricted Mode turned on, “PHP version and handler management” enabled, and “Hosting settings management”, “Common PHP settings management”, and “Setup of potentially insecure web scripting options that override provider’s policy” disabled. (PPPM-11542)
  • The “Activate the mail service” checkbox is no longer shown to customers during domain creation if their service plan does not include access to mail. (PPPM-11626)
  • The date of the last backup is once again correctly written to the “BackupsSettings” table of the Plesk database. (PPPM-11721)
  • Scheduled backups are now properly stored for X weeks instead of X days (X is determined by the value of the “Keep backup files for X weeks” option). (PPPM-11796)
  • Full backups are no longer created instead of incremental ones if the server hostname contains one or more uppercase characters. (PPPM-11825)
  • Browsing the Application Vault no longer results in the “Package with UID ‘’ not found” error. (PPP-48152)
  • Storing a backup on Microsoft One Drive no longer fails if One Drive erroneously reports 0 GB free space remaining and the “Start the backup only if your server has the sufficient amount of free disk space” option is enabled. (EXTPLESK-1716)
  • The pleskrestore utility can now be called via REST API. (EXTREST-112)

Linux

  • Added the ability to set priority for backup processes. Go to Tools & Settings > Backup Manager (under “Tools & Resources”), click “Settings” and look for the “Run scheduled backup processes with low priority” and “Run all backup processes with low priority” options. (PPPM-10734)
  • On Ubuntu 16.04 x64 servers, the installed iptables version is now returned correctly. (PPPM-9487)
  • Running plesk repair db -y on a newly installed Plesk Obsidian server that has not yet been initialized no longer makes later attempts to initialize the server fail. (PPPM-11446)
  • Changing a customer’s password no longer results in the “The external email address matches the primary one” error if the “Enable mail management functions in Plesk” option is disabled in Tools & Settings > Mail Server Settings (under “Mail”). (PPPM-11745)
  • Custom error pages are now displayed correctly for domains served by nginx only. (PPPM-11748)
  • Domains can now be added to the mail server blacklist if the Plesk interface language is set to German. (PPPM-11766)
  • Read email messages fetched via the POP3 protocol are no longer marked as new after switching from Courier 5 to Dovecot. (PPPM-11776)
  • On newly installed Plesk Obsidian servers the server IP address is now automatically added to the Fail2Ban trusted IP addresses list. (PPPM-11777)
  • On CentOS 8 x64 servers, checking the status of the firewall via the systemctl status psa-firewall command no longer results in an error. (PPPM-11795)
  • Updating Plesk no longer makes the names of some mail folders to become unreadable. (PPPM-11801, PPPM-11807)
  • On Plesk servers using apache in tandem with nginx, clients’ IP addresses are now correctly logged in /var/log/httpd/access_log instead of the server’s IP address. (PPP-38930)
  • Plesk servers with Plesk Premium Antivirus installed no longer send the admin an email warning them of the “Dr.Web Updater: failed to download files” error every time scheduled tasks are processed. (PPP-45087)
  • nginx no longer returns the “504 Gateway Timeout” error when processing slow PHP scripts. (PPP-45489)
  • Plesk no longer produces the “PHP Notice: Undefined variable: locale” error under specific circumstances. (PPP-48212)
  • On CentOS 8 x64 and Red Hat Enterprise Linux 8 servers, Plesk installation and updates no longer fail if the network connection to the configured CentOS mirror is slow. (PI-658, PPP-48254)
  • On CentOS 8 x64 and Red Hat Enterprise Linux 8 servers, Plesk updates no longer fail if certain Python 3 packages are installed on the server. (PPP-48266)

Windows

  • Removed obsolete information from the notification shown when securing webmail with an SSL/TLS certificate. (PPPM-6184)
  • Creating a backup on a mapped drive via the pleskbackup.exe utility no longer fails with the “The system cannot find the path specified” error. (PPPM-11761)
  • Incremental backups now only contain new email messages instead of all email messages. (PPPM-11772)
  • Updating Plesk on a server with a Microsoft SQL Server 2017 instance no longer fails. (PPPM-11785)
  • Creating a Microsoft SQL Server database no longer fails if the limit on MySQL databases in the Service Plan is reached for the subscription. (PPP-46436)

Third-Party Component Updates

  • Updated phpMyAdmin to version 5.0.2.

Linux

  • Updated Roundcube to version 1.4.3. The “Elastic” responsive skin with full mobile device support is now enabled by default.
  • Updated OpenSSL used by nginx to version 1.1.1f.
  • Updated Dovecot to version 2.3.9.3.
  • Updated Horde ActiveSync to version 2.41.3.
  • Updated Horde Form to version 2.0.20.
  • Updated Horde Image to version 2.6.1.
  • Updated Horde Test to version 2.6.4.
  • Updated Horde Socket Client to version 2.1.3.

Windows

  • Updated .NET Core 3.1 to version 3.1.3.
  • Updated .NET Core 2.1 to version 2.1.17.
  • .NET Core 3.0 and 2.2 are no longer shipped with Plesk.
  • Updated IIS URL Rewrite Module to version 7.2.1993.

SSL It! 1.3.0

  • Changed the way how you customize the list of SSL/TLS certificates offered by SSL It!:
    • You can now do so in the extension’s interface and via the CLI.
    • The previous way of customization (via panel.ini) is no longer available. The corresponding panel.ini setting filteredProducts is now deprecated. If you used customization via panel.ini, use the CLI commands instead.
    • Already done customizations continue working after the extension’s update.
  • The extension now uses the same CA bundle that comes with Plesk.
  • In Plesk Obsidian, the SSL It! security indicator on a domain card works significantly faster, which makes a difference for servers with a large number of domains.
  • Removed the additional check of SSL/TLS certificates implemented because of the Let’s Encrypt bug. The check is no longer relevant.
  • Issue of an SSL/TLS certificate no longer fails with the “Domain alias not found by id=
” error if the corresponding certificate order had had an associated domain alias that was then deleted while the order was pending. (EXTSSLIT-677)
  • A 500 HTTP error no longer occasionally occurs when users try to access the “SSL/TLS Certificates” screen of certain subscriptions. (EXTSSLIT-678)
  • The extension now correctly displays the security status of domains secured with SSL/TLS certificates from DigiCert if the domains’s names are mixed-case. (EXTSSLIT-745)
  • The extension now correctly displays the security status of a domain secured with a wildcard SSL/TLS certificate if the certificate was previously assigned to another domain. (EXTSSLIT-769)
  • The extension now correctly detects the “Keep websites secured” option state for domains created under a service plan that had both the SSL It! and WordPress Toolkit services selected. (EXTSSLIT-754)

Site Import 1.4.4

  • Mail importing now works if the target server is remote SmarterMail 100. (PMT-4764)
  • Improved stability of mail importing if the target server is remote SmarterMail 100. (PMT-4765)

SEO Toolkit 1.1.9

  • Fixed issues related to a number of available keywords in Rank Tracker.
  • Other internal fixes.

Git 1.1.4

Linux

  • In Git version 2.16.0 and later, it is now possible to clone a remote Git repository even if it uses a non-standard SSH port. (EXTGIT-106)
  • When the git-helper utility is executed, the utility name is now shown. (EXTGIT-107)

Plesk Migrator 2.19.2

  • Migration now works if the source or target server is remote SmarterMail 100. (PMT-4754)
  • Improved stability of migration if the target server is remote SmarterMail 100. (PMT-4760)
  • If the protected directory name contains the dot (.) character, the name of the protected directory user is no longer changed during migration. (PMT-3317)

Advisor 1.7.6

  • Fixed the issue with incorrect links in the “Secure Websites With SSL/TLS Certificates” recommendation. (EXTADVISOR-808)

Advisor 1.7.5

  • The free Comodo rule set became the default one in Advisor. On OSes where the Comodo rule set is not available, the free OWASP rule set became the default one.
  • Clicking the “Upgrade” button now opens the SSL It! extension’s screen. (EXTADVISOR-801, EXTADVISOR-802)
  • Fixed an invalid domain link provided by the “Secure Websites With SSL/TLS Certificates” recommendation. (EXTADVISOR-768)
  • If ModSecurity is turned off, the “Configure ModSecurity & Fail2ban” recommendation can be now applied without PHP warnings in logs. (EXTADVISOR-772)
  • After Fail2ban was disabled in panel.ini and then the “Configure ModSecurity & Fail2ban” recommendation was applied, the “pm_Exception: Could not enable jails” error is no longer shown. (EXTADVISOR-789)
  • Fixed license-related issues during ModSecurity and Fail2ban activation. (EXTADVISOR-798)
  • If Advisor could not enable ModSecurity with the Comodo rule set, ModSecurity is now enabled with the free OWASP rule set as the default one. (EXTADVISOR-803)
  • Unnecessary “PHP Deprecated Construction” error messages are no longer written to panel.log during Advisor installation. (EXTADVISOR-689)

Plesk Obsidian 18.0.25 Update 2

Linux

  • Fixed conversion to UTF-8 in Plesk with Dovecot when mailnames without mailboxes exist. (PPPM-11757)

Let’s Encrypt 2.9.0

  • After Plesk cloning, the extension now tries to automatically secure cloud images and cloned images of Plesk Obsidian with SSL/TLS certificates from Let’s Encrypt.
  • After Plesk was initialised, the extension now tries to automatically secure Plesk with an SSL/TLS certificate from Let’s Encrypt.
  • The extension now uses POST requests instead of GET requests in accordance with the Let’s Encrypt decision.
  • Removed the additional check of SSL/TLS certificates implemented because of the Let’s Encrypt bug. The check is no longer relevant.
  • The extension now automatically secures both 8443 and 443 ports during Plesk Obsidian installation. (EXTLETSENC-679)
  • If the DNS server is disabled, error messages are no longer shown in panel.log after wildcard SSL/TLS certificates were issued. (EXTLETSENC-707)
  • In Plesk for Linux, the “Exception: PHP Warning: array_filter” error messages are no longer reported when issuing wildcard SSL/TLS certificates. (EXTLETSENC-720)
  • A clear error message is now shown when users try to issue wildcard SSL/TLS certificates but the corresponding feature is disabled. (EXTLETSENC-741)
  • Auto-renew of SSL/TLS certificates no longer fails after a secured domain or subdomain was renamed. (EXTLETSENC-768)
  • Decreased the possibility of rare issues when IDN domains could not be secured with SSL/TLS certificates from Let’s Encrypt. (EXTLETSENC-573)

PHP Updates

  • Updated PHP 7.4 to version 7.4.4.
  • Updated PHP 7.3 to version 7.3.16.
  • Updated PHP 7.2 to version 7.2.29.

Plesk Obsidian 18.0.25 Update 1

  • If the limitations on outgoing email messages are turned on in the mail server settings, Outgoing Mail Control no longer reports false positive and false negatives results on the Home screen. (PPP-48115)

Windows

  • Mail in the SmarterMail mail server can be now backed up if a mail account’s password was changed via the SmarterMail client. (PPPM-11684)
  • Mail in the SmarterMail mail server can be now backed up without the “Unable to back up message Inbox/1.1: Syntax error in ENVELOPE.” warning. (PPPM-11719)

Docker 1.4.6

  • The extension can now be installed on CentOS 8/RHEL 8. (EXTDOCKER-98)
  • After being installed on CentOS 8/RHEL 8, Docker Remote Node Management no longer shows an unclear error message. (EXTDOCKER-87)
  • It is now possible to specify environment variables whose names contain the period character (“.”). (EXTDOCKER-99)
  • After being installed in Plesk Obsidian for Linux, the extension is now available and does not show the the “Permission denied” error. (EXTDOCKER-95)

Plesk Migrator 2.19.1

  • If a database that is being migrated already exists on the target server but not registered in Plesk, the database is no longer overwritten with one from the source server. Plesk now detects such issues, does not migrate the database, and shows a warning message. (PMT-4723)
  • Migration from cPanel no longer fails if a password of the source database server is enclosed in single quotes. (PMT-4751)

Plesk Obsidian 18.0.25

  • Plesk now support CentOS 8/RHEL 8 (installation and migration). Note that a number of limitations exist.
  • Mail autodiscover now works for Microsoft Outlook 2019/O365 mail clients. (PPPM-11428)
  • As a part of GDPR compliance changes: added the cookie information banner shown the first time users log in to Plesk. Users can now also set their cookie preferences in Plesk (using the corresponding button on the banner or going to Tools & Settings > Cookies in Plesk (under “Plesk”)).
  • It is now possible to check for Plesk updates on the Home screen.
  • Users from areas embargoed under Internal Export and Sanctions Compliance Policy can no longer use Plesk with a trial license. When the users proceed with a trial license, they see a message that Plesk is not currently available in their regions.
  • The Plesk default password strength policy is now set to “Strong” on new Plesk Obsidian servers. Existing Plesk servers that were updated to Plesk Obsidian 18.0.25 keep their chosen password strength policies.
  • Removed the Cloudflare from Plesk Autoinstaller.
  • Retrieving keys now works correctly (a 502 Bad Gateway error is no longer shown) on servers with a large number of customers, resellers, or additional users (more than 700). (PPPM-11672)
  • Backing up large databases (more than 50 GB) no longer fails. (PPPM-11535)
  • It is now possible to use custom buttons with Dynamic List view. (PPPM-11584)
  • Customers and additional users can no longer create subscriptions. (PPPM-11680)
  • The server backup can now be created if a customer login contains the forward slash character (“/”). (PPPM-11640)
  • A database user whose password is encrypted can now import and export the domain database after providing the database password. (PPPM-7968)
  • Extensions with EventListener can no longer break Plesk. (PPPM-11656)
  • Plesk email notifications are no longer blocked by SPF in Plesk Obsidian 18.0.23 Update 2 and later. (PPPM-11537)
  • The plesk bin pleskbackup server --exclude-domain command can now again exclude domains from a server backup. (PPPM-11695)
  • Backing up to FTP storage no longer fails if the destination folder contains non-ASCII characters. (PPPM-11704)
  • Headers of Plesk email notifications are now correctly displayed if the sender’s name contains UTF-8 characters. (PPPM-11667)
  • Setting IPv6 addresses to none in Web Hosting Access of a domain no longer removes TXT records for the domain. (PPPM-11648)
  • A Plesk server created by cloning no longer has an IP address of the template server. (PPPM-11718)

Linux

  • Updated sw-engine to PHP 7.3.15.
  • The main IP address is now correctly detected even under specific IP configurations. (PPPM-11484)
  • Fixed the issue when, occasionally after Plesk cloning, nginx was not running and IP mapping was incorrect. (PPPM-11701)
  • It is now possible to restore backups that have a mailing list without its owner. (PPP-47723)
  • Plesk on a Lenovo Cloud server is no longer detected as a dedicated server. (PPPM-11660)
  • Subscription backups can now be created and stored in an NFS storage. (PPP-46555)
  • Mail folders whose names contain umlauts (Ă€, ö, ĂŒ) are now displayed correctly after update from Plesk Onyx to Plesk Obsidian. (PPPM-11200)
  • The check on SMTP ports 25 and 587 can no longer return false-positive results. (PPPM-11528)
  • It is now possible to create a scheduled backup of a subscription with an add-on domain is the main subscription’s domain is suspended. (PPPM-11698)
  • A server backup can now be restored without the “An error occurred while setting MAPS zones:” error message if more that one zone was set. (PPPM-11609)
  • Deleting the CA part of an SSL/TLS certificate no longer causes an error. (PPPM-5892)
  • Installing Plesk via https://get.plesk.com no longer fails with the “Installation to the host has been already started” error if there has been an aborted or unsuccessful attempt to install Plesk on a server with the same IP address in the past. (PPPM-11275)

Windows

  • Maintenance mode is now turned on immediately when the cloning tool is executed.
  • Subscriptions with the SmarterMail mail server can be now backed up correctly without multiple warning messages. (PPPM-11682)
  • IIS logs are now rotated. (PPPM-11651)
  • Numerous interface_async_executor.exe processes no longer hinder Plesk work because their number is now limited. (PPPM-11677)
  • Technical reports are now correctly created and, if any issues happen, they are clearly reported. (PPPM-11644)

Third-Party Component Updates

Linux

  • Updated ProFTPD to version 1.3.6c, which includes a fix for a security issue. We strongly recommend that you update Plesk.

Windows

  • Microsoft Drivers for PHP for SQL Server are now shipped with PHP 7.4.
  • Updated Microsoft ODBC Driver 17 for SQL Server to version 17.5.1.1.

Syslog Watch 1.2.1

  • Logs are now automatically updated when the “Automatically append log content” option is enabled. (EXTPLESK-390)

WordPress Toolkit 4.6.0

  • WordPress administrators can now automatically update their website URL in the WordPress database and wp-config.php file based on the actual current URL. This procedure is particularly useful after migrating a website from a different location like your local workstation. The Update Site URL feature is available in the “hamburger” (context drop-down menu) on a WordPress site card.
  • CLI utility for the Clone feature was added. It can be accessed through the plesk ext wp-toolkit --clone command.
  • CLI utility for the Data Copy feature was added. It can be accessed through the plesk ext wp-toolkit --copy-data command.
  • Remote sites with modified meta tag generators can now be properly connected to WordPress Toolkit, and their WordPress version is now properly detected. (EXTWPTOOLK-4468)
  • It is now possible to install WordPress via CLI if the document root path is specified as / or \. (EXTWPTOOLK-4457)
  • WordPress administrators are no longer forced to reapply security measures due to automatic WordPress core updates flagging the site as insecure. (EXTWPTOOLK-4127)
  • WordPress Toolkit now works on Internet Explorer 11 because what is dead may never die. (EXTWPTOOLK-4392)
  • Smart Updates of WordPress Core no longer fail with the “Exception: Warning: Failed to fetch checksums. Please cleanup files manually” error. (EXTWPTOOLK-4195)
  • Interactive elements and text in the headers of the sliding screens are now much more visible even when a customized color scheme is used. (EXTWPTOOLK-3612)
  • Additional services added to Plesk by WordPress Toolkit are now shown properly on Plesk Obsidian. (EXTWPTOOLK-3408)
  • Scan operation is no longer stuck if a website with a root symlink is found. (EXTWPTOOLK-3096)
  • Updates check task no longer fails if a domain with a WordPress site was changed from physical hosting to something else. To tell you the truth, it has been working properly for several years, we simply didn’t know for sure when exactly this bug was fixed. Well, better late than never! (EXTWPTOOLK-1042)

Plesk Migrator 2.19.0

  • The extension can now migrate mail if the source mail server is SmarterMail 100.
  • The extension can now be installed in Plesk on CentOS 8.
  • After migrating mail, actual dates when emails were received are no longer changed to the date of migration on certain mail clients (for example Apple Mail). (PMT-4559)

Advanced Monitoring 1.3.0

  • It is now possible to select the graphs you want to be displayed on the extension’s tabs. To do so, go to Advanced Monitoring and then click Settings > Customize.
  • It is now possible to configure the extension via the CLI (run plesk ext monitoring --help to see the CLI commands).
  • Useless “OK” notifications are no longer shown after Plesk or Advanced Monitoring are installed.
  • Resolved compatibility issues with the upcoming Plesk Obsidian 18.0.25. (EXTPLESK-1670)
  • Fixed the Grafana bug about the missing datepicker. (EXTPLESK-1616)
  • Made the Advanced Monitoring notifications less noisy: they are now automatically hidden after a few seconds. You no longer need to close each notification manually. To read the notifications that you have hidden, click the bell icon in the upper right corner of the screen. (EXTPLESK-1575)
  • The “Check server health” button (shown on Advanced Monitoring warning notifications) now redirects to the exact tab with the resource usage graph whose threshold was exceeded. (EXTPLESK-1484)

Grafana 1.1.4

  • It is now possible to configure the extension via the CLI (run plesk ext grafana --help to see the CLI commands).
  • Resolved compatibility issues with the upcoming Plesk Obsidian 18.0.25. (EXTPLESK-1670)
  • The extension can now be opened in Plesk Mobile App for iOS and Android. (EXTPLESK-1384)

Let’s Encrypt 2.8.7

  • Let’s Encrypt has found a bug and revokes some of its SSL/TLS certificates on March 4. This improvement solves the issue. The Let’s Encrypt extension will check domains as a part of the “Autorenew” feature, then will renew and replace affected Let’s Encrypt certificates. Future autorenew tasks will be done as usual when SSL/TLS certificates are about to expire.

    To turn off the check and replacement of Let’s Encrypt certificates affected by the bug, add the following lines to the panel.ini file:

    [ext-letsencrypt]
    renew-lets-encrypt-revoked-certificates = false
    

SSL It! 1.2.2

  • Let’s Encrypt has found a bug and revokes some of its SSL/TLS certificates on March 4. This improvement solves the issue. The SSL IT! extension will check domains as a part of the “Autorenew” feature, then will renew and replace affected Let’s Encrypt certificates. Future autorenew tasks will be done as usual when SSL/TLS certificates are about to expire.

    To turn off the check and replacement of Let’s Encrypt certificates affected by the bug, add the following lines to the panel.ini file:

    [ext-sslit]
    renewLetsEncryptRevokedCertificates = false 
    

PHP Updates

  • Updated PHP 7.4 to version 7.4.3.
  • Updated PHP 7.3 to version 7.3.15.
  • Updated PHP 7.2 to version 7.2.28.

Site Import 1.4.3

  • Website import can now be again launched. (PMT-4694)
  • After importing mail, actual dates when emails were received are no longer changed to the date of import on certain mail clients (for example, Apple Mail). (PMT-4559)
  • If the source Linux server has a custom umask set up (other than 0022), website import no longer fails with an error. If the target server has a custom umask set up, a website now correctly works after migration. (PMT-4730)

LDAP Auth 2.1.2

  • Added error logging for failed cURL requests.

Plesk Obsidian 18.0.24

  • Updating Plesk Onyx to Plesk Obsidian now also replaces the old default pages with brand new ones introduced in Plesk Obsidian 18.0.21 (unless the default pages have been customized, in which case they are not replaced).
  • Plesk Administrator can now force all subscriptions to only use the Dynamic, Active, or Classic list by adding the following lines to the panel.ini file:

    [navigation]
    forceWebsiteList = dynamic (or = active, or = classic)
    

    It is also possible to hide one or more options from the list:

    [navigation]
    hideWebsiteList = active, classic
    
  • The FileServer component is no longer supported. It will no longer be installed on new Plesk Obsidian servers, but updating to Plesk Obsidian 18.0.24 will not affect this component if it was already installed.
  • A new SDK method pm_Domain::getHostingParam has been introduced. It is used for retrieving information about hosting settings of domains. The method enables user-created extensions to use SDK instead of API RPC or direct database queries.
  • File indexing was improved for the purposes of creating backups. Plesk no longer tries to include removed files in backups. (PPPM-6486)
  • When moving addon domains between subscriptions, users are now warned that any databases owned by those domains must be reassigned manually.
  • .webp files can now be used with the plesk bin branding_theme utility to apply custom themes to Plesk Obsidian. (PPPM-11426)
  • Accidentally removed SSL/TLS certificates are now automatically restored from the Plesk database when a domain’s hosting settings are changed.
  • Backing up a subscription with one or more mail accounts with the autoresponder enabled no longer results in the “Unable to back up autoresponder settings.” error if no mail server is installed. (PPP-47307)
  • Plesk no longer allows the creation of non-TXT DNS records containing the underscore (“_”) character. Having one or more such records in a DNS zone hosted in Plesk caused the bind DNS server fail to start. (PPPM-11448)
  • Email notifications sent by Plesk servers no longer contain the duplicate “Content-Type” header, which caused them to be bounced during local delivery. (PPPM-11530)
  • Dumps of MySQL databases are now correctly included in server-wide Plesk backups. (PPPM-11575)
  • Creating a backup no longer fails if usernames of one or more clients being backed up contain the ampersand (“&”) character. (PPP-47205)
  • Passive mode is now turned on by default in the FTP storage settings. (PPPM-11461)
  • Creating a full server backup no longer produces misleading error messages if the cuBackupRestoreHelper.php file is corrupted. (PPP-47304)
  • Backing up a subscription no longer results in an invalid backup if the subscription’s DNS zone contains one or more DNS records of the type “none”. (PPP-47209)
  • Backing up a subscription no longer fails if one or more files or directories owned by the subscription could not be read at the time of backup creation (Note: unreadable files and directories are not included in the resulting backup). (PPP-47164)
  • Creating a full server backup no longer results in an invalid backup if certain fields in the backup properties have empty values. (PPP-47207)
  • Plesk email notifications are now shown in Thunderbird 68.4.2. (PPP-47282)
  • It is now possible to upload a file whose name contains square brackets ([ or ]) via File Manager. (PPPM-5294)
  • Replaced the “Call to a member function getErrorObjects() on null” error message with a more meaningful one when a backup, under certain circumstances, fails to be created. (PPP-47502)
  • It is no longer possible to secure anything with an invalid SSL/TLS certificate whose *.crt part is missing. (PPPM-11458)
  • If the mail service for a domain or a subscription (for example, example.com) is disabled, the plesk bin subscription -i example.com command no longer fails. (PPP-45257)
  • A directory with the “0” name can now be opened in File Manager. (PPPM-11541)
  • A reseller can now install an SSL/TLS certificate via an XML-RPC request without specifying the ip_address option value. (PPPM-11577)
  • Updating to Plesk Obsidian now preserves a custom branding and color scheme (if it is set) and no longer changes it to the default Obsidian color scheme. (PPPM-11511)
  • If the DNS component is not installed, running the plesk repair all -y command no longer shows the “The NS configuration file 
 is absent” error. (PPPM-11479)
  • Access from property now works again in API RPC. (PPPM-11559)
  • Removing an IPv6 IP address registered in Plesk no longer fails with the “Cannot remove the IP address” error. (PPPM-3818)

Linux

  • Accessing AWStats data for domains hosted in Plesk no longer results in the “404 Not Found” error. (PPPM-11342)
  • Creating a backup on a Plesk Server with the “Acronis Backup” extension installed no longer results in the “Not all the data from /usr/local/psa/var/modules/acronis-backup/ was backed up successfully.” error. (PPPM-11587)
  • Creating a backup on a Plesk Server with the “Fail2Ban” component removed no longer results in an unnecessary warning. (PPPM-11521)
  • Restoring a subscription no longer results in a warning if the subscription’s system user is using the “bash (chrooted)” shell and the chrooted template has been customized. (PPPM-11515)
  • Downloading a large backup file (10 GB or more) from Plesk no longer fails with the the “Network Error” message shown in a browser. (PPP-44962)
  • The issue with the plesk repair utility that could not fix issues with the missing libmyodbc5.so package is no longer relevant because Plesk now uses its own plesk-libmaodbc driver. (PPP-37827)
  • “Mail for Non-Existent Users” can now be enabled even if the “Bounce with message” text field is empty. (PPPM-11556)
  • When restoring a number of domains from a backup, SSL/TLS certificates that secure these domains are now also restored. (PPPM-9686)
  • Webserver Configuration Troubleshooter no longer shows that some configs are broken when they are actually not after reconfiguration (for example, after domain’s hosting settings were changed but these changes did not propagate yet). (PPPM-6752)
  • Plesk now shows an explicit message what to do with custom web server configuration templates (if any) during update to Plesk Obsidian. (PPPM-11580)
  • SSL/TLS certificates from Let’s Encrypt can now be used for client certificate authorization. (PPPM-11544)
  • Custom error pages now work when nginx-only hosting is enabled. (PPPM-8889)
  • On Ubuntu and Debian, the plesk repair utility no longer hangs in case of apt-get returning an error. (PPPM-10348)

Windows

  • Node.js 12 is now supported.
  • The maximum allowed length of FTP users’ logins was increased to 20 characters.
  • Long tasks now fail with an error message instead of silently getting stuck and never starting if the psaadm and Plesk Administrator users are assigned the “Deny log on as a batch job” security policy. (PPPM-11429)
  • Backing up a subscription no longer results in an error message if one or more files owned by the subscription are deleted as the subscription is being backed up. (PPP-47210)
  • When Plesk is set up with a remote SmarterMail server, backing up a subscription with mailboxes no longer shows the “Provider ‘SmarterMail Remote’ cannot list mail mesages.” warning. (PPP-47305)
  • Calculating web statistics of the parent domain no longer fails with the “The system cannot find the path specified. (Error code 3)” error after a browsed add-on domain of the parent domain was deleted. (PPPM-11456)
  • Creating a new domain or enabling the mail service on the existing domain no longer occasionally fails with the “mailmng failed: Loaded Postoffice Configuration Provider (MEAIPO.DLL) MEAOPO.PostOffice.AddPostOffice failed” error. (PPP-42721)
  • Plesk Reconfigurator now allows to change the virtual hosts location to a directory on a disk volume with the ReFS partition. (PPP-46513)
  • The rotation date of the php_error.log file of a domain is now counted based on the file creation date. (PPPM-11104)
  • The SpamAssassin training is now completed without any issues even some emails contain non-UTF-8 characters. (PPPM-11456)
  • If an IPv6 address goes before an IPv4 one in the database, the plesk repair ftp command run for a domain no longer shows the “The domain name 
 resolves to another IP address” warning. (PPPM-11405)

Third-Party Component Updates

Windows

  • Updated MySQL ODBC connector 5.3 to version 5.3.14.
  • Updated Node.js 12 to version 12.14.1

Let’s Encrypt 2.8.6

  • If an automatic renewal of a Let’s Encrypt certificate fails with the “Detail: Order’s status (“pending”) is not acceptable for finalization” or “Detail: No order for ID *****” error, the order is removed automatically. The next automatic renewal should complete with no errors. (EXTLETSENC-782)

Plesk Obsidian 18.0.23 Update 4

  • Plesk no longer “forgets” the IP address selected as the address to send mail from in “Tools & Settings” > “Mail Service Settings” > “Outgoing mail mode”. (PPPM-11533)
  • Backing up one or more subscriptions no longer results in an invalid backup if certain information related to those subscriptions is missing from the Plesk database. (PPPM-11564)

Linux

  • Backing up one or more subscriptions with one or more capital letters in the name (for example, “Example.Com”) no longer results in an error message. (PPP-47446)

Windows

  • Backing up one or more subscriptions with wildcard subdomain no longer fails with the “Exception: PHP Warning: mkdir(): Invalid path” error. (PPP-47443)

Let’s Encrypt 2.8.5

  • If users face the “No order for ID” error when they renew their SSL/TLS certificates, the extension fixes the error in the background and the users are asked to issue an SSL/TLS certificate once again, which helps in most cases. (EXTLETSENC-765)

Plesk Obsidian 18.0.23 Update 3

  • Backing up a subscription when the logs folder of the subscription’s domain is deleted no longer shows an unnecessary warning message. (PPP-47351)
  • Backing up a subscription when the statistics folder of the subscription’s domain is deleted no longer shows an unnecessary warning message. (PPP-47352)
  • Backing up a server when the extensions’ data folders are deleted (for example, the /usr/local/psa/var/modules/patchman folder) no longer shows an unnecessary warning message. (PPP-47353)
  • Backing up a subscription when its DKIM spam protection is turned on but the corresponding domain keys are missing (for example, because the DNS support is turned off) no longer shows an unnecessary warning message. (PPPM-11503)
  • A server backup no longer fails when the TmplData table of a server reseller plan contains the ‘phpSettingsId’ setting. (PPP-47356)
  • Domains can be now removed after switching from the Dynamic List to the Classic List view. (PPP-47098)

WordPress Toolkit 4.5.1

  • Proper text is now displayed instead of placeholders for filter names on Mass Update and Mass Security screens. (EXTWPTOOLK-4324)
  • Trying to retrieve Jetpack plan status on a site with Free Jetpack plan should not return a weird error anymore. (EXTWPTOOLK-4323)
  • WordPress can now be correctly installed without triggering the “Unable to download the WordPress package” error caused by a bug in Guzzle client. (EXTWPTOOLK-4326)
  • Users will no longer see a scary “500 Exception Permission Denied” server error when switching to a subscription without access to WordPress Toolkit. (EXTWPTOOLK-4165)
  • Smart Updates do not repeatedly fail with the same “plugin not found” task error anymore. (EXTWPTOOLK-4176)

Advisor 1.7.4

  • The high and the highest server ratings are now shown correctly as a text and not as locale keys. (EXTADVISOR-784)

G Suite 1.0.0

  • Initial release

Amazon Route 53 2.7.3

  • CAA records in Plesk can now be synced with Amazon Route 53. (EXTPLESK-1611)
  • Installation of the extension in Plesk Obsidian no longer produces PHP error messages written to /var/log/plesk/panel.log in Plesk for Linux and %plesk_dir%\admin\logs\php_error.log in Plesk for Windows. (EXTPLESK-1143)

Advisor 1.7.3

  • Resolved a number of compatibility issues with Plesk Obsidian 18.0.24. (EXTADVISOR-776)

WordPress Toolkit 4.5.0

  • Users can now mark their sites with one of the predefined labels (for example, “Staging” or “Production”) for easier identification.
  • Commercial Jetpack plugin plans can now be purchased in the plugin installation interface by end-customers. To disable this ability on the server, add jetpackPluginUpgradeEnabled = false to your panel.ini file.
  • WordPress Toolkit can now properly clone and Smart Update sites on Linux OSes, if their wp-config.php file is set to read-only. (EXTWPTOOLK-4216)
  • Database dumps created during cloning are now properly removed if database import failed during the cloning for some reason. (EXTWPTOOLK-4131)
  • WordPress Toolkit no longer apologetically displays [object Object] message when users are clicking on “Remove” to remove a site without selecting anything. (EXTWPTOOLK-4159)
  • Plugin and theme images in the plugin or theme installation dialogs no longer occupy much more space than allowed on Plesk Obsidian in Safari. (EXTWPTOOLK-3992)
  • Preview screenshots no longer occupy much more space than allowed on Plesk Obsidian in Safari. (EXTWPTOOLK-3990)
  • WordPress Toolkit update no longer fails due to migration package dependencies. (EXTWPTOOLK-3981)
  • Site counters are no longer visually glued to filter names on “Updates” and “Security” screens for several sites. (EXTWPTOOLK-3827)
  • Fixed several translation issues.

PHP Updates

  • Updated PHP 7.4 to version 7.4.2.
  • Updated PHP 7.3 to version 7.3.14.
  • Updated PHP 7.2 to version 7.2.27.

Linux

  • Updated Xdebug to version 2.9.0 for PHP 7.3 and 7.4.

Plesk Obsidian 18.0.23 Update 2

Linux

  • DKIM and DMARC can be now enabled for a server whether the DNS component is installed or not. (PPP-47270)

SSL It! 1.2.1

  • It is now possible to enable solely HSTS: without turning on additional HSTS options “Include subdomains” and “Apply to webmail”. (EXTSSLIT-676)
  • Fixed the extension’s UI that was broken in Plesk Obsidian 18.0.23. (EXTSSLIT-681)

PHP Composer 1.0.5

  • On servers with Plesk Obsidian 18.0.23 or later, the UI for specifying environment variables for Composer is no longer malformed. (EXTPHPCOMP-111)

Plesk Obsidian 18.0.23 Update 1

Linux

  • On Plesk servers without an installed DNS server, updating to Plesk Obsidian 18.0.23 no longer results in an internal error when trying to access mail setting. (PPPM-11478)

Plesk Obsidian 18.0.20 Update 3

  • Fixed an issue that prevented some Plesk Obsidian 18.0.20 servers from updating. (PPP-46986)

Plesk Obsidian 18.0.23

  • Webmail for domains with no physical hosting can now be secured with SSL/TLS certificates. Support for securing such domains with Let’s Encrypt certificates via SSL It! will come at a later date.
  • Support for Apple Mail was added to the “Configure Email Client” page.
  • Plesk administrator can now specify a custom domain name for mail autodiscover in “Tools & Settings” > “Mail Server Settings”.
  • Mobile configuration files generated in Plesk to enable mail autodiscover are now signed with the domain’s or the server’s SSL/TLS certificate.
  • Redesigned the Plesk notifications’ interface with improved navigation and better placement of Call to Action buttons in mind.
  • Improved the templates used by Plesk notifications sent via email by adding paragraphs and HTML formatting.
  • Plesk now automatically checks whether the SMTP ports 25 and 587 used for sending mail are filtered. If they are, notifications are shown in the Plesk interface (in “Tools & Settings” > “Mail Server Settings” > “Settings” and “Subscriptions” > “Mail” tab > “Mail Settings”).
  • Changed the presentation of long running tasks in the Plesk UI.
  • Updated the Dynamic View to make it render better on mobile devices.
  • When configuring minimum password strength for the server, ‘Very Weak’, ‘Weak’, and ‘Medium’ choices are clearly marked as not recommended.
  • Added PHP 7.4 to the Recommended preset and removed PHP 7.2 from the Recommended preset. Removed PHP 7.1 from the Full preset.
  • The “Server Error” screen has been updated to better match the Plesk Obsidian look and feel.
  • Plesk resellers can now use the XML API “certificate” operator to generate, install, and remove SSL/TLS certificates.
  • Users switching from a trial license to a paid one will now be asked to fill a short feedback form to let us know what motivated them to become a customer. This information will help us better tailor our offering to the customers’ needs and expectations.
  • Users that have been using Plesk Obsidian for at least 30 days will now be asked to fill a short feedback form to let us know their thoughts and opinions on Plesk Obsidian. This information will help us better tailor our offering to the customers’ needs and expectations.
  • Creating a backup in the FTP storage if the available disk space is insufficient now clearly indicates how much disk space is required for the backup to finish. (PPPM-11389)
  • Subdomains for domains with names in punycode can now be created via XML API. (PPPM-11381)
  • Creating a dump of a database whose size exceeds the amount of RAM on the server no longer fails. (PPPM-11361)
  • It is now possible to switch to Power User view and back in Plesk Mobile application. (PPP-45080)
  • The length of the user name provided as an argument is now validated by all CLI utilities, avoiding situations where the execution of some utilities failed midway because the provided user name was too long. (PPPM-11393)
  • Exporting a database dump and closing the corresponding notification no longer results in the dump being downloaded for the second time if the “Automatically download dump after creation” option is enabled.(PPPM-11385)
  • Domains not owned by the currently selected subscription are not shown to the Plesk administrator in Power User view when using the Classic list and when the total number of subscriptions owned by the Plesk administrator exceeds the limit (100 by default). (PPP-46050)
  • The error message that appears when domain creation fails because a subdomain with the name ‘webmail.' already exists in Plesk now clearly states the reason for the failure. (PPPM-11411)
  • Trying to contact Plesk support via ‘Tools & Settings’ > ‘Assistance and Troubleshooting’ > ‘Support’ no longer results in a ‘HTTP 403 Forbidden’ error. (PPPM-11421)
  • You can now disable the creation of the ‘.ftpaccess’ file when creating backups to the FTP repository by adding the following lines to the panel.ini file: (PPPM-11436)

    [pmm]
    ftpForbidFtpaccessFileCreation = 1
    
  • Importing a custom Plesk theme no longer results in misleading warning messages being shown. (PPP-47049)
  • Searching for a domain name in Power User view now works as expected (click the domain name to open it) if the total number of domains exceeds the limit configured in panel.ini. (PPPM-11391)
  • Customers can no longer attempt to delete backups created by the Administrator (because such backups can only be deleted by the Administrator). (PPPM-10982)
  • HTTP POST requests to domains secured with an SSL/TLS certificate and with SEO redirect from HTTP to HTTPS enabled are no longer automatically converted to GET requests. (PPPM-11284)
  • The built-in code editor now works correctly if the Plesk locale is set to Arabic or Hebrew. (UILIB-746)
  • Updating a Plesk instance using a custom skin to Plesk Obsidian no longer results in a broken skin. Instead, the custom skin is replaced with the default Obsidian skin. (PPP-45324)
  • Additional FTP accounts for domains that are disabled can now log in to the server via FTP. (PPP-46062)
  • Updating to Plesk Obsidian no longer produces the “getSettings() must be of the type array, null returned” error. (PPP-46354)
  • On Plesk Obsidian servers with the “Subscription expiration” event enabled, Plesk now sends a single email listing all expired subscription once per day instead of sending a separate email for each expired subscription. (PPP-46442)
  • Searching for domains on mobile no longer results in an error. (PPP-46556)

Linux

  • Emails sent via sendmail (including auto-reply) now have a DKIM signature (if DKIM signing is enabled server-wide and for the sender’s domain).
  • When updating Plesk, Plesk installer now checks for issues with missing dependencies and duplicated packages before starting the update.
  • On Debian 9 servers, Plesk and extension updates no longer fail if some other apt-get or dpkg operation is running at the same time on the server. (PPP-46130, PI-616)
  • The ‘postfix’ service no longer randomly fails to start after updating the Plesk ‘postfix’ package. (PPPM-11334)
  • Restoring DNS zones from Plesk backups no longer randomly fails with the ‘Unable to manage DNS features: DNS does not return features list’ error. (PPPM-11379)
  • DMARC checks no longer result in a segmentation fault under specific circumstances, which caused errors to be written to the logs and temporary files not being cleaned up. (PPPM-10547, PPPM-7166)
  • Restoring a website with Drupal installed via the Application Catalog from a backup in Plesk no longer results in Drupal being inoperable. (PPPM-11382)
  • The ‘httpsd_access_log’ file is now rotated correctly according to the log rotation settings. Note: a number of Plesk logs are now rotated by the system logrotate (configured in /etc/logrotate.d/plesk). (PPPM-11236)
  • The ‘Mailing List’ button is no longer shown in Dynamic List view if the ‘Mailman’ component is not installed on the server. (PPPM-11409)
  • Backups stored in the FTP repository are now rotated in accordance with the rotation settings if backup rotation is enabled. (PPPM-10468, PPPM-11418)
  • HTTP > HTTPS redirect now works correctly for domains that are configured to be used to access Plesk. (PPPM-11407)
  • Changes made to the panel.ini file no longer take time to come into effect. (PPPM-11413)
  • Images accompanying the Dynamic List tour are now shown on Plesk servers that use a custom theme. (PPP-47050)
  • Plesk Installer no longer fails on CentOS 7 based Google Cloud instances with OS Login enabled. (PI-607)
  • Website Copying via FTP now correctly copies files with one or more “%” characters in the path. (PPP-44238)
  • White space characters in the SPF explanation text specified in “Tools & Settings” > “Mail Server Settings” are no longer replaced with the “%” character. (PPP-44640)
  • Entries in the web server logs containing long URLs with many special characters no longer cause the Log Browser display the logs as blank. (PPP-45326)
  • Plesk Installer now properly checks if the /var partition has enough free disk space before installing or updating Plesk. (PPP-45791)
  • Restoring a Plesk backup no longer randomly produces warnings due to the nginx restart rate getting exceeded. (PPP-46099)
  • The default SPF check failure message no longer contains an outdated link to http://www.openspf.org/ which is no longer operational. (PPP-46173)
  • Obsolete files stored in the /usr/local/psa/handlers/spool/ directory are now cleaned out on a regular basis. (PPP-46178)
  • Kaspersky Anti-Virus heuristics are now enabled by default. (PPP-46203)
  • Mailbox quota warning now works as expected after it is disabled and then enabled again in “Tools & Settings” > “Mail Server Settings”. (PPP-46278)
  • Updating to Plesk Obsidian no longer produces the “/usr/local/psa/bootstrapper/components/management-node.sh: line 1588: -D: command not found” error. (PPP-46386)
  • On CentOS 6 servers, the misleading “Information on some packages might not be actual: inconsistencies were detected in the system’s package manager database.” warning is no longer shown in “Tools & Settings” > “System Updates”. (PPP-46395)
  • Correct memory usage is now shown on the “Tools & Settings” > “Server Information” page. (PPP-46397)
  • Plesk backups no longer fail on servers with sql-mode=ANSI specified in the /etc/my.cnf configuration file. (PPP-46398)
  • On CentOS 7 servers, website logs are no longer processed by the backup manager if the “exclude log files” option is selected during backup. (PPP-46464)
  • Backing up and restoring a subscription with the “Use DKIM spam protection system to sign outgoing email messages” option enabled no longer results in the “Domain has no NS DNS record.” error. (PPP-46509)
  • On Ubuntu 16 and Ubuntu 18 servers, files created by scheduled cron tasks running under the psaadm user are now assigned the ‘644’ file system permissions instead of ‘664’ permissions. (PPP-46609)

Windows

  • ASP.NET Core 3.0 is now supported.
  • Microsoft SQL Server 2019 is now supported.
  • Added the ability to simultaneously fix the permissions for a folder as well as every other folder in the path via the plesk bin repair CLI utility:

    plesk bin repair --directory-permissions -directory "<path to the folder>" -fix-parent-dirs
    
  • Temporary files generated by PHP FastCGI processes are now stored in a separate folder inside the corresponding domain’s webroot directory.
  • Cloning a Plesk server now takes significantly less time. In addition, after cloning a server, the latest updates are automatically installed on the newly created server.
  • The information about default documents is no longer stored in individual websites’ ‘applicationHost.config’ files, unless the default documents were modified.
  • Creating a backup in Plesk no longer results in the ‘[Errno 13] Permission denied’ error. (PPPM-11374)
  • Restoring individual files from a Plesk backup after logging in to Plesk via the TCP port 443 no longer results in the ‘Warning: Permission Denied’ error. (PPP-46715)
  • Restoring large (1 GB or more) Microsoft SQL Server databases from a Plesk backup no longer results in the ‘Execution Timeout Expired’ error. (PPPM-11359)
  • Website preview no longer fails with the “HTTP Error 404 Not Found” if access to Plesk via the TCP port 443 is enabled on the server. (PPPM-11406)
  • Syncing a subscription with a customized value of the “The maximum number of worker processes” parameter with its service plan no longer fails. (PPPM-11388)
  • Switching the Plesk mail server to SmarterMail no longer fails if one or more network adapters on the server are disabled. (PPPM-11348)
  • Files uploaded via WordPress are now assigned the correct file system permissions. (PPPM-4539)
  • Clicking “Dedicated IIS Application Pool for Website” no longer results in the “Unable to manage the IIS application pool because all websites are using a single dedicated application pool.” error on Plesk servers with the “Tools & Settings” > “IIS Application Pool” > “Global Settings” > “Assignment and placement policy” option set to “Always assign one application pool to each subscription”. (PPP-45368)
  • Plesk backups are now properly compressed and take less disk space than the content that was backed up. (PPP-46132)
  • Plesk email notifications sent to external email addresses no longer fail DKIM validation checks. (PPP-46140)
  • Sending a technical report to support from the Plesk UI no longer results in the “<html><head>406 Not Acceptable</head>” error. (PPP-46487)
  • Changes made to IIS configuration during domain creation are now correctly rolled back if domain creation fails. (PPP-46562)
  • Switching the mail server from MailEnable to SmarterMail no longer fails if an alias without an email addresses but with the flag “include all domain users” was created in SmaterMail. (PPP-46652)

Third-Party Component Updates

  • Updated PHP used by Plesk to version 7.3.13.

Linux

  • Updated Postfix to version 3.4.8.
  • Updated Dovecot to version 2.3.9.2.

Windows

  • Updated Python to version 2.7.17.
  • Updated BIND to version 9.14.8.

Plesk Migrator 2.18.0

  • When migrating from cPanel to Plesk, DNS records are now migrated as well.
  • When migrating from DirectAdmin to Plesk, SSL is now enabled on the target servers for domains that had SSL enabled on the source server. (PMT-4684)
  • Migration from cPanel to Plesk no longer fails if one or more reseller-owned domains are being migrated and resellers are not supported on the target server (for example, because the Plesk administrator is in Power User view or because a license other than the Web Host Edition license is installed on the target server). (PMT-4691)
  • Gave the field for the IP address of the source server on the “New Migration” a more descriptive name. (PMT-4705)

PHP Composer 1.0.4

  • Clicking ‘PHP Composer’ > ‘Scan’ > ‘Install’ now produces an error message instead of hanging indefinitely if the contents of the composer.json file are malformed. (EXTPHPCOMP-98)
  • The composer.json property ‘prefer-stable’ is now properly taken into account when determining whether packages are up to date or not. (EXTPHPCOMP-99)

Docker 1.4.5

  • Using the ‘=’ (equal) character as the value of an environment variable no longer results in being unable to change the value of that environment variable. (EXTDOCKER-44)
  • The “Learn more” link now correctly leads to the up-to-date documentation. (EXTDOCKER-94)

WordPress Toolkit 4.4.1

  • Two secret features were added.
  • Internal security improvements.
  • Set installation tasks happening simultaneousluy with WordPress Toolkit update to v4.4 no longer cause WordPress Toolkit to be inaccessible by clients. (EXTWPTOOLK-4089)
  • WordPress installation directory field does not lose input focus anymore. (EXTWPTOOLK-4043)
  • Plugins and themes can now be properly uploaded to certain directories via CLI on Plesk Obsidian. (EXTWPTOOLK-4037)
  • Resellers can now uninstall plugins and themes uploaded by server administrators on the “Plugins” or “Themes” tab. (EXTWPTOOLK-4033)
  • In a surprise guest appearance, the status of WordPress updates is now properly refreshed in the “Keep WordPress up-to-date” advice of the Advisor extension. (EXTWPTOOLK-4032)
  • A various variety of translation issues was fixed. (EXTWPTOOLK-4022)
  • Website screenshots are now automatically updated after the installation and activation of a theme from the “Themes” tab. (EXTWPTOOLK-4005)
  • Pagination controls in the list of WordPress sites were peacefully relocated from the East of UI to the West of UI to make sure they are no longer blocked by the window with the status of ongoing tasks. (EXTWPTOOLK-3806)
  • “Don’t show me again” control on the Smart Update free trial pop-up is now working correctly. (EXTWPTOOLK-4147)

SSL It! 1.2.0

  • The SSL It! extension can now be used to secure the mail service for the domain with the domain’s SSL/TLS certificate.
  • Sped up the generation of web server configuration files for domains secured via SSL It!
  • Updated the list of trusted root certificates with those from Mozilla CA bundle.
  • Unnecessary messages about wildcard certificate renewal failure are no longer sent to users from Plesk servers with the DNS service disabled. (EXTSSLIT-610)
  • The title and description of SSL/TLS certificates other than those issued by Let’s Encrypt can now again be changed by editing the panel.ini file. (EXTSSLIT-604)
  • The extension no longer randomly crashes on servers where it was used to issue a large number of SSL/TLS certificates (1000 or more). (EXTSSLIT-609)
  • An unclear error message is no longer shown when SSL It! is unable to connect to the Let’s Encrypt server for a long time. (EXTSSLIT-614)
  • Additional subscription users now have access to the SSL It! extension. (EXTSSLIT-619)
  • Clarified the text under the SSL It! button in the Plesk interface. (EXTSSLIT-621)
  • Resolved a number of compatibility issues with Plesk Obsidian.

Extension Catalog 1.11.0

  • Added the ability to see extensions’ prices with or without VAT. Plesk remembers your choice, but you can change it at any moment.

DigitalOcean DNS 1.1.5

  • Synchronizing a domain’s DNS zone with DigitalOcean DNS now correctly creates SRV records in DigitalOcean DNS. (EXTPLESK-753)
  • Newly created domain aliases are now automatically synced with DigitalOcean DNS. (EXTPLESK-1037)
  • On Plesk for Windows servers, it is now possible to open a subscription’s page from the main extension’s page. (EXTPLESK-1516)

Action Log 1.1.0

  • Action Log now shows more information about the logged actions right in the extension’s interface - you no longer need to read the logs to find out what happened exactly.
  • Added the ability to select or clear all “Logged actions” checkboxes at once on the “Settings” tab.

Plesk Obsidian 18.0.21 Update 5

  • Creating an incremental backup in the FTP storage no longer fails. (PPP-46305)
  • Separate files can now be restored from a local backup. (PPP-46601)

PHP Updates

  • Updated PHP 7.4 to version 7.4.1.
  • Updated PHP 7.3 to version 7.3.13.
  • Updated PHP 7.2 to version 7.2.26.

Hosting Plan Exporter 1.0.0

Hosting Plan Exporter helps you copy service plans between Plesk servers by exporting and importing them.

  • Both hosting and add-on plans can be exported and imported.
  • When importing service plans, conflicts are automatically detected. For example:

    • when a service plan with the same name already exists on the target server, you will be offered to rename the imported plan;
    • when imported service plan has a limit which does not exist on the target server, a warning will be shown on the import screen and the limit will not be imported;
    • when target server does not support imported value of a hosting setting, you will be offered to select one of supported values.
  • Service plans are exported to JSON file format.

The extension can be used by Plesk administrators and resellers. Try it out!

Slave DNS Manager 1.9.2

  • The status icons for the slave servers are now properly shown in the extension’s interface. (EXTPLESK-1082)
  • On Plesk Obsidian servers, the extension’s interface is no longer malformed and unusable. (EXTPLESK-1403)

SSL It! 1.1.4

  • Resolved a number of compatibility issues with Plesk Obsidian.

Advanced Monitoring 1.2.0

  • Added buttons and menu items inviting Advanced Monitoring users to fill out a survey about their experience with the extension. Doing so helps us better understand what kind of monitoring for servers and websites our customers need.
  • Advanced Monitoring can now send notifications via email as well as show them in the Plesk interface.
  • Changes made to thresholds can now be reverted with a click thanks to the “Restore Defaults” button.
  • “Overview” is now the first tab you see when you open Advanced Monitoring. It contains an overview of most important information about the server, such as CPU and memory usage.
  • On Plesk for Linux servers, stacked the graphs showing memory and swap usage on the “Memory” tab.
  • Disk time access and IOPS metrics are now shown on the “Disk” tab.
  • We made a number of improvements to the extension’s UI and UX.
  • On Plesk for Windows servers, all activity tracked by the extension in now correctly reported via the graphs. (EXTPLESK-1386)
  • On Plesk for Windows servers, the “Network” tab now shows accurate data for “writeBytes”. (EXTPLESK-1393)
  • Graphs for periods of time a week ago or older are no longer blank. (EXTPLESK-1404)
  • All tabs now display the proper graphs instead of the “Dashboard not found” error in the French locale. (EXTPLESK-1447)
  • On Plesk for Windows servers, the graphs on the main monitoring page are no longer empty if during the Plesk installation a directory outside of the Plesk installation directory was chosen for storing the user data. (EXTPLESK-1492)

Grafana 1.1.3

  • Resolved a compatibility issue with the upcoming Plesk Obsidian 18.0.22. (EXTPLESK-1427)
  • On Plesk for Windows servers, Grafana can now be installed if during the Plesk installation a directory outside of the Plesk installation directory was chosen for storing the user data. (EXTPLESK-1489)

PHP Composer 1.0.3

  • It is now possible to switch between multiple applications with separate composer.json files installed on a single domain in PHP Composer. (EXTPHPCOMP-102)

WordPress Toolkit 4.4.0

  • Server administrators can now install plugin & theme sets on existing websites at any time. This can be done by visiting the “Sets” tab, finding the required set, and clicking on “Install Set” in the corresponding ‘
’ dropdown menu.
  • The “WordPress Toolkit Settings” tab was redesigned and moved to a separate screen opened via Settings button located next to the WordPress Toolkit screen title.
  • The “Plugins”, “Themes”, and “Sets” tabs were rebuilt using Plesk UI Library to make sure we can quickly redesign and update them in the future.
  • Pop-up notifications about successful execution of various operations are now automatically hidden 3 seconds after appearing, so they are (hopefully) less annoying.
  • Improved various translation strings.
  • Quarantined WordPress sites no longer have a chance to prevent installation of plugins or themes from the “Plugins” or “Themes” tabs. (EXTWPTOOLK-4023)
  • It should be possible (again) to upload plugins and themes from a specified URL via CLI. (EXTWPTOOLK-3988)
  • WordPress Toolkit now properly cleans up temporary files on the server when users install plugins or themes. (EXTWPTOOLK-3977)
  • Changing the domain name on very busy servers should not lead to WordPress site becoming quarantined due to timeout anymore. (EXTWPTOOLK-3961)
  • Changing the domain name now properly changes the corresponding domain name in WordPress configuration files and database. (EXTWPTOOLK-3901)
  • WordPress Toolkit no longer generates PHP warnings during certain plugin updates. (EXTWPTOOLK-3938)
  • Proper plugin and theme names are now shown on the Updates screen instead of slugs. (EXTWPTOOLK-3826)
  • Smart Updates now properly work for WordPress sites where home is not where siteurl is. (EXTWPTOOLK-3784)
  • Loading of WordPress site list no longer slows to a crawl in presence of quarantined sites. (EXTWPTOOLK-3853)
  • Pagination in lists now correctly shows the current page number on Plesk Obsidian. (EXTWPTOOLK-3772)
  • The second and subsequent pages of the WordPress site list are now working properly on Plesk Obsidian. (EXTWPTOOLK-3771)
  • Owner links on the WordPress site cards now open in the same browser tab instead of a new tab. (EXTWPTOOLK-3362)
  • Outdated link to reference page about WordPress debugging was updated. (EXTWPTOOLK-3178)

SSL It! 1.1.3

  • The Encryption Everywhere SSL/TLS certificates are no longer available for issue (even if they are specified in filteredProducts in the panel.ini file) because the corresponding API is reaching EOL. Issue free certificates from Let’s Encrypt instead. The already issued Encryption Everywhere certificates keep working until their expiration dates.

DigiCert SSL 1.8.1

  • The Encryption Everywhere SSL/TLS certificates are no longer available for issue (even if they are specified in filteredProducts in the panel.ini file) because the corresponding API is reaching EOL. Issue free certificates from Let’s Encrypt instead. The already issued Encryption Everywhere certificates keep working until their expiration dates.

Plesk Obsidian 18.0.21 Update 4

  • PHP 7.4 is now supported.

PHP Updates

  • PHP version 7.4.0 is now shipped with Plesk on all OSes except CentOS 6, Red Hat Enterprise Linux 6, and CloudLinux 6.

Extensions Catalog 1.10.1

  • Go back to the earlier logic of automated extensions’ installation (Plesk installs newly purchased extensions automatically instead of sending a notification) by adding the following lines to the panel.ini file:

    [ext-catalog]
    extensionAutoInstall = true
    

PHP Updates

  • Updated PHP 7.3 to version 7.3.12.
  • Updated PHP 7.2 to version 7.2.25.

Extensions Catalog 1.10.0

  • After purchasing an extension, the Plesk administrator is now shown a notification prompting them to install the purchased extension.
  • Updated the extensions that have a free trial period to show a notification clearly stating that a license must be purchased to use all of the extensions’ features. (EXTCATALOG-124)
  • The price of the WordPress Toolkit extension is no longer shown if the license for the extension is already included in the installed Web Host license. (EXTCATALOG-205)
  • Corrected an error in the German translation of the extension. (EXTCATALOG-266)
  • Added a white space character between the word “Buy” and the extension’s price on the “Buy” button. (EXTCATALOG-286)
  • The “Extensions” > “My Extensions” page is no longer blank. (EXTCATALOG-306)

Plesk Obsidian 18.0.21 Update 3

Linux

  • After update to or installation of Plesk Obsidian on CentOS 7, the mail forwarding, the autoresponder, and other mail-related features now work correctly. (PPP-46272)

Plesk Obsidian 18.0.21 Update 2

  • After the update to Plesk 18.0.21, the “Tools & Settings” screen in Power User view is no longer endlessly loaded and no JS errors appear in a browser console. (PPP-46229)
  • Scheduled backups can now be created if the backups owner locale was not defined (set to null). (PPP-46219)

Plesk Obsidian 18.0.21 Update 1

  • Fixed the text in the banner promoting the Dynamic List view. (PPP-46204)

Plesk Obsidian 18.0.21

  • Added a banner promoting the Dynamic List view, a new and improved way of listing and managing domains in Plesk.
  • On new Plesk Obsidian servers, the Dynamic List view is now selected by default.
  • Added a guided tour explaining the benefits of the Dynamic List view.
  • Verified that the Plesk mail autodiscover feature is fully compatible with the default Android “Mail” application.
  • Plesk servers created via cloning now take less time to initialize.
  • Changed and clarified the consent form text shown when a user is prompted to subscribe to the Plesk newsletter. Plesk administrator will see the new consent form and the suggestion to subscribe on their next login to Plesk or right after updating to Plesk Obsidian.
  • Changed and clarified the consent form text shown when a user is signing up for a Plesk trial.
  • Revamped and updated the default pages shown to visitors of domains without hosting, as well as the Plesk default web page.
  • Updated PHP used by Plesk to version 7.3.11 to secure Plesk against a vulnerability found in earlier PHP versions.
  • The following entry in the panel.ini file now again allows Plesk screens to be shown in iframes (PPP-46101):

    [security]
    sameOriginOnly = false
    
  • Removing a subscription with one or more backups and then creating a subscription with the same name and creating a backup under the new subscription no longer results in Plesk reporting the size of the backup as double the real size. (PPP-45254)
  • The contents of the Extensions Catalog are now shown correctly when browsing Plesk using Internet Explorer. (PPP-45309)
  • Requesting the list of clients via XML API from a Plesk server with no created clients no longer results in the “Specified owner can not have sub objects” error in the response packet. (PPP-44859)
  • Creating a database or database user via Plesk UI under a subscription based on a service plan with Default Database Server set to “None” no longer results in the “Db_Table_Exception” error. (PPP-45315)
  • Uploading a new license key and specifying a non-English locale by setting up the “def_locale” parameter in KAPC now results in Plesk correctly using the specified locale instead of the English locale. (PPP-45480)
  • Accessing the Plesk login page via an IPv6 address no longer results in an error. (PPP-45236)
  • When a domain with no hosting is removed, the SSL/TLS certificate it is secured with is now removed as well. (PPP-45353)

Linux

  • On Debian 9 and Ubuntu 18 servers, the “Atomic Standard” and “Atomic Advanced” ModSecurity rulesets are again available.
  • On newly deployed Ubuntu 18 servers, connections to Plesk are now secured with TLS version 1.3. On Plesk Obsidian servers updated from an earlier Plesk version (including earlier Plesk Obsidian versions), you can secure connections to Plesk with TLS version 1.3 by running the plesk bin server_pref -u -ssl-protocols "TLSv1.2 TLSv1.3" command.
  • The plesk-git-http package is no longer removed when upgrading to Plesk Obsidian. (PPP-45301)
  • On CentOS 7 servers with the dnf package installed, upgrading to Plesk Obsidian no longer results in an error. (PI-604)
  • On CentOS 7 servers, Apache no longer fails to start after installing PHP from OS vendor via Plesk Installer. (PPP-45093)
  • Browsing “Tools & Settings” > “Database Servers” > “MariaDB/MySQL” no longer results in an error if one or more directories containing MySQL configuration files are empty. (PPP-45399)
  • Firewall rules are now correctly removed from the INPUT chain even if there are in excess of 400 rules already configured for different IP addresses. (PPP-45404)
  • Suspending a domain with proxy mode disabled and nginx caching enabled no longer results in an error. (PPP-44915)
  • Browsing a suspended domain with proxy mode disabled now correctly displays the “503 service temporarily unavailable” page. (PPP-45413)
  • Updating Plesk no longer results in the creation of a new phpMyAdmin database. (PPP-46039)
  • Running the plesk bin ipmanage --ip_list command no longer results in web server reconfiguration. (PPP-46053)
  • Updating hosting settings for a domain no longer results in the webmail configuration files being removed and then re-generated. (PPP-46055)

Windows

  • On Plesk servers with one or more remote Microsoft SQL servers servers configured, browsing the “Tools & Settings” > “Database Servers” page and its subpages no longer takes a long time to load. (PPP-44032)
  • Browsing “Tools & Settings” > “Updates and Upgrade” no longer results in an endless loading loop if an instance of Plesk Installer is already running on the server. (PPP-45051)
  • Plesk Installer no longer fails with an error if it is unable to remove one or more subfolders. (PI-605)
  • Failed Plesk upgrades no longer leave Plesk in a disabled state. (PPP-45065)
  • Some APS applications no longer fail due to inability to use ADO connections on Plesk servers. (PPP-45415)
  • Upgrading Plesk no longer fails if the path specified by the PRODUCT_ROOT_D variable uses one or more upper-case letters where lower-case letters should be, or vice versa (for example, specifying the drive letter as “c:" instead of “C:"). (PPP-45456)
  • Backing up a domain with custom error documents enabled no longer results in an error if the “error_docs” folder for the domain is removed. (PPP-44525)
  • Backing up a subscription no longer results in the “Element ‘vhost’: This element is not expected. Expected is ( vdir )” error. (PPP-46051)
  • The names of the files generated when Failed Requests Tracing is enabled for a domain are no longer garbled in the Plesk interface. (PPP-46117)

Third-Party Component Updates

Linux

  • Updated Horde to version 5.2.21.
  • Updated IMP to version 6.2.24.1.
  • Updated Ingo to version 3.2.16.
  • Updated Kronolith to version 4.2.27.
  • Updated Mnemo to version 4.2.14.
  • Updated Passwd to version 5.0.7.
  • Updated Pear to version 1.10.9.
  • Updated Turba to version 4.2.25.

Windows

  • Updated Microsoft Visual C++ 2017 Redistributable to version 14.16.27033.

Site Import 1.4.2

  • Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

Google PageSpeed Insights 2.1.3

  • Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

DigitalOcean DNS 1.1.4

  • Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

Ruby 1.3.9

  • Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

Node.js 1.3.6

  • Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

Git 1.1.3

  • On the domain creation page, the popover that appears when clicking the “automatically deployed” control (under “Enable Git support”) is now positioned correctly. (EXTGIT-82)
  • On the domain creation page, the icon next to the field used to specify the path to the directory to which the files from the repository are to be deployed (under “Enable Git support”) is now displayed correctly. (EXTGIT-93)

Docker 1.4.4

  • Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

Plesk Obsidian General Availability Update 2 (GA 18.0.20)

Linux

  • The contents of mailboxes on Plesk servers with Horde and Courier-IMAP 5 installed are now displayed correctly. (PPP-45268)
  • Plesk servers with ProFTPD 1.3.6 installed are no longer vulnerable to denial of service attacks. (PPP-45349)

Let’s Encrypt 2.8.4

  • Renewing a certificate issued via the Let’s Encrypt extension no longer results in an endless loading screen if the corresponding registration file is corrupted. (EXTLETSENC-552)
  • Issuing a certificate via the Let’s Encrypt extension no longer fails if a certificate for a domain with the same name had already been issued earlier. (EXTLETSENC-577)
  • Creating a customer without a subscription in Plesk with the Let’s Encrypt extension installed and the “secure-new-domain = on” option specified in the panel.ini file no longer results in an error. (EXTLETSENC-697)

Docker 1.4.3

  • The “X-Forwarded-Proto” (XFP) header is now correctly added to the nginx configuration file when proxy rules are configured in Plesk. (EXTDOCKER-75)
  • Trying to add another Plesk server with the Docker extension installed as a remote Docker node no longer fails with the “The Docker service is unavailable: Cannot enable tls” error. (EXTDOCKER-78)
  • Entering the equals sign (=) as a part of an environment variable in the Docker extension no longer results in an error. (EXTDOCKER-84)

Advisor 1.7.2

  • The Advisor extension no longer shows that HTTP/2 is disabled on the server when it is, in fact, enabled. (EXTADVISOR-362, EXTADVISOR-752)

Plesk Obsidian General Availability Update 1 (GA 18.0.20)

  • When the Dynamic List view is chosen, opening the drop-down menu next to a domain to remove that domain no longer results in the menu remaining expanded indefinitely. (PPP-44499)

Linux

  • Plesk no longer sends the Plesk administrator hourly cronjob failure notifications if one or more PHP extensions fails to load. (PPP-45265)

Windows

  • Trying to manage mail accounts for a domain no longer results in an error if the domain has one or more subdomains and SmarterMail 100 is used as the default mail server. (PPP-45072)

WordPress Toolkit 4.3.4

  • Internal security improvements.

PHP Composer 1.0.2

  • The extension can now detect Composer applications located outside the domain document root. (EXTPHPCOMP-71)
  • Removing a domain in Plesk while a PHP Composer long task related to that domain is running in the background no longer results in an error message being shown on every page in Plesk. (EXTPHPCOMP-77)

PHP updates

  • Updated PHP 7.3 to version 7.3.11.
  • Updated PHP 7.2 to version 7.2.24.
  • Updated PHP 7.1 to version 7.1.33.

WordPress Toolkit 4.3.3

  • Daily maintenance script will no longer put garbage messages in panel.log on Plesk Onyx 17.5. (EXTWPTOOLK-3773)

Advanced Monitoring 1.1.3

  • In Plesk for Windows, the extension now works again and no longer fails with the “Request failed with status code 500” error. (EXTPLESK-1385)

WordPress Toolkit 4.3.2

  • Smart Updates now use an new algorithm for analyzing plugin shortcodes, which should address most (if not all) false positives.
  • Improved support for Move Domains feature in Plesk Obsidian.
  • Smart Updates will warn user if a Smart Update procedure failed due to specific .htaccess customizations.
  • Smart Updates sitemap analysis was optimized to increase reliability.
  • Screenshot previews in the email notifications about Smart Update results are now displayed properly. (EXTWPTOOLK-3161)
  • Caching operations were optimized to address performance issues happening in certain cases with Plesk search and WordPress Toolkit site list. (EXTWPTOOLK-3567)
  • Smart Updates will now properly work if sitemap of the cloned website differs from the original due to meddling of certain plugins. (EXTWPTOOLK-3611)
  • Handling of nginx config files was changed to address the “Unable to reconfigure domain” error happening under certain circumstances. (EXTWPTOOLK-3626)
  • Sort control now works properly in the “Security Status” window. (EXTWPTOOLK-3609)
  • Smart Updates will not process unnecessary locations from XML sitemaps anymore. (EXTWPTOOLK-3610)
  • Smart Updates can now work with websites locally accessible only via domain aliases. (EXTWPTOOLK-3613)
  • Certain operations under certain conditions were failing with the “Event not scheduled” error. Scheduling certain events was certainly improved to handle this. (EXTWPTOOLK-3616)
  • Unsolicited jumping of input focus happening in some cases was removed from the “Clone” window. (EXTWPTOOLK-3633)

Let’s Encrypt 2.8.3

  • Introduced the allow-wildcard-certificates option (true by default) under the ext-letsencrypt section in the panel.ini file. If set to false, the option hides the feature of issuing wildcard SSL/TLS certificates in the interfaces of the Let’s Encrypt and SSL It! extensions.

    Note: For the same purpose, users could earlier use the acme-protocol-version setting with the acme-v01 value. If you have this configuration, we recommend that you start using allow-wildcard-certificates set to false because the ACMEv1 protocol will soon reach end of life.

  • The extension now consumes less server resources to issue SSL/TLS certificates.
  • Updated the list of trusted root certificates with those from Mozilla CA bundle.

Plesk Obsidian General Availability (GA 18.0.20)

  • Plesk administrators can now specify the desired weekdays and time range when Plesk auto-updates are installed.
  • Mail autodiscover can be now turned on and off for particular service plans.
  • Set “Comodo (free)” as the default ModSecurity rule set. On OSes where “Comodo (free)” is absent, the default rule set will be “OWASP (free)”.
  • Added pagination to the Dynamic List view mode.
  • The Plesk default password strength policy will be set to “Strong” starting from November 19th, 2019. See the details.
  • Improved the load speed of screenshots of websites’ landing pages in the Dynamic List view mode.
  • Returned to the three-digit versioning scheme (x.y.z), where an update is specified as a separate number, for example, Plesk 18.0.19 Update 2.
  • Backups upload to the Microsoft OneDrive storage no longer occasionally fails. (EXTPLESK-856, EXTPLESK-1147)
  • If subscriptions of several owners exceeded the allowed disk space, owners now receive their own separate email notifications about the resources overuse. (PPP-44528)
  • Fixed automatic logging in to Plesk: the success_redirect_url parameter now again accepts a relative URL path. (PPP-44681)
  • Plesk administrators can now again install APS applications even if the administrators do not have their own subscriptions. (PPP-44635)
  • The “Mailing Lists” is no longer shown if Mailman is not installed. (PPP-44524)
  • It is now again possible to set a system user’s password via an API-RPC request. (PPP-44614)
  • Users can now again restore specific objects (a subscription, a mailbox, and so on) from a backup if the backup size exceeds 4 GB. (PPP-44444)
  • An IP address in the SPF record is now updated when a public IP address of the sever is changed. (PPP-43552)
  • Webspaces are now sorted alphabetically in Backup Manager in Power User view when “All subscriptions” is selected (transparent webspaces mode). (PPP-43968)
  • Null MX records can now be created. (PPP-43763)

Linux

  • In Plesk on Ubuntu 18, sw-cp-server is now compiled with TLSv1.3. (PPP-44542)
  • If Plesk was installed without the mail server (MSMTP), the default SSL/TLS certificate can now be removed. (PPP-44652)
  • Plesk Obsidian now shows a correct update version and the last update date. (PPP-44316)
  • The Horde webmail client now again correctly shows email messages in plan text. (PPP-44776)
  • While updating to Plesk Obsidian, a misleading error message “WARNING: There are 1 mail accounts with passwords encrypted using a deprecated algorithm” is no longer shown because the corresponding bug PPP-43681 (about email address accounts, whose passwords were encrypted) has been already fixed. (PPP-44607)
  • Added pagination to the Tools & Settings > Services Management page: more than 25 services can now be displayed. (PPP-44565)
  • Kaspersky AntiVirus no longer sends error email notifications when a Kaspersky license is removed or terminated. (PPP-44620)
  • On CentOS 7, after Plesk update from Onyx to Obsidian, the Plesk interface no longer occasionally becomes unavailable with the “Server Error 500 PleskUtilException” error message. (PPP-44602)
  • In Plesk Obsidian on RedHat or CentOS 7, logs no longer show segmentation faults if a server has sessions with the “Too many authentication failures” errors. (PPP-44198)
  • Plesk Obsidian update no longer occasionally fails with segmentation faults. (PPP-44794)

Windows

  • Prepared online demos for Plesk Obsidian on Windows.
  • If the SmarterMail server is used, users can now back up and restore their mail via IMAP.
  • Special characters are now correctly processed within a Plesk administrator password during Plesk installation. (PPP-44348)
  • MSDNS no longer fails to create DNS records when a server IP address is added to Zone Transfers. (PPP-44852)
  • Backing up and restoration no longer occasionally fails with the “The system cannot find the file specified” error. (PPP-44804)
  • Significantly sped up the creation of subdomains. (PPP-44951)
  • Plesk upgrade no longer fails when run under a user with no write permissions for the Recycled Bin. (PI-600)

Third-Party Component Updates

  • Updated PHP 7.3 to version 7.3.10.
  • Updated PHP 7.2 to version 7.2.23.

Linux

  • Updated Courier-IMAP to versions 5.0.8.
  • Updated Roundcube to version 1.3.10.

Windows

  • Updated MailEnable to version 10.27.
  • Updated BIND to version 9.14.6.

DNSSEC 1.2.3

  • CentOS6/RHEL6/CloudLinux6 are not supported because these OSes contain the BIND package that the extension does not support.
  • DNSSEC is now available for add-on domains and subdomains. (EXTDNSSEC-61)
  • Allowed algorithms for key generation now have correct values, which makes it possible to sign DNS zones. (EXTDNSSEC-59)

Advanced Monitoring 1.1.2

  • Added the collecting service collectd (a service that harvest data for Advanced Monitoring) to the list of services in Tools & Settings > Services Management.
  • Synced locale languages supported by the extension.
  • Reboot of a Plesk server on Linux no longer stops the collecting service collectd. (EXTPLESK-1347)
  • On Ubuntu 18, the snap partitions monitoring is now irrevocably turned off. (EXTPLESK-1346)
  • On Linux, the extension no longer shows a false alarm that the Apache & php-fpm memory usage exceeds the threshold when there is in fact no web server overload. (EXTPLESK-1369)

Grafana 1.1.2

  • Synced locale languages supported by the extension.

SSL It! 1.1.2

  • The SSL/TLS Certificates button now opens the SSL It! screen when the new Dynamic List view mode is selected.
  • In Plesk for Linux, if Apache and nginx serve a website and HSTS is enabled for it, HSTS headers are no longer duplicated and Qualys SSL Labs correctly process the headers. (EXTSSLIT-462)
  • When a user manually reissues an SSL/TLS certificate, the extension now suggests securing all the previously secured components (subdomains, domain aliases, webmail, and so on) with the renewed SSL/TLS certificate. (EXTSSLIT-593)
  • When a subdomain is secured with a wildcard SSL/TLS certificate, the extension now correctly shows if subdomain’s components (domain aliases, webmail, the www subdomain) are secured or not secured. (EXTSSLIT-595)
  • The old SSL/TLS Certificates menu is now shown for wildcard subdomains. (EXTSSLIT-542)
  • Improved an error message shown when the SSL/TLS certificate issuing has failed. (EXTSSLIT-603)

Advisor 1.7.1

  • The extension no longer suggests turning on NTP time synchronizing on Red Hat Enterprise Linux 8 and CentOS 8 because the ntp package is not available anymore on these OSes.
  • The “Exception: PHP Notice: Undefined offset:1” error no longer occasionally appears in /var/log/plesk/panel.log in Plesk for Linux and %plesk_dir%\admin\logs\php_error.log in Plesk for Windows. (EXTADVISOR-750)

Plesk Migrator 2.17.8

  • Migrating from cPanel servers hosting a large number of domains using the Migrator GUI has been sped up considerably.
  • It is now possible to migrate from cPanel by hosting plan as well as by subscription or owner using the Migrator GUI. (PMT-4642)
  • It is now possible to migrate from cPanel even if the /var/cpanel/users directory contains one or more files or a directories with special symbols in the name (for example, “)”). (PMT-4660)
  • Transferring web content of a domain hosted on Parallels Pro Control Panel for Linux no longer fails if the domain has a subdomain and the subdomain does not have CGI enabled. (PMT-4661)
  • When migrating from Plesk 12.0 and later, additional users not assigned to any subscription are now migrated. (PMT-4658)

PHP Composer 1.0.1

  • Improved localization.
  • Installing or updating an application via PHP Composer now correctly uses the PHP version selected for the domain and not the system PHP. (EXTPHPCOMP-75)

Plesk Obsidian Ready To Market Update 3 (RTM 18.0.19.3)

  • Emails about resource overuse are no longer sent to Plesk users other than the subscription’s owner. (PPP-44526)
  • ModSecurity is now enabled on clean Plesk Obsidian installations. (PPP-44527)

Advanced Monitoring 1.1.1

  • The position of the mouse cursor is now being tracked across all panels on the tab.
  • The “Apache CPU usage” panel was renamed to “Apache & php-fpm usage”. (EXTPLESK-1157)
  • The Y axis on all panels now always starts at zero, which helps better put the changes in the graphs into context. (EXTPLESK-1158)
  • The “Load average” panel on the “CPU” tab now displays graphs for short-, mid-, and long-term load average instead of just short-term. (EXTPLESK-1277)
  • Panels on the “Disk” tab no longer display graphs for “phantom” partitions (such as /dev/ with 0% usage at all times). (EXTPLESK-1310)
  • Configuring an alert for a panel featuring multiple graphs (for example, “CPU - Total usage”) now results in the alert being triggered on any graph exceeding the threshold, not just the graph generated by the query “A”. (EXTPLESK-1320)

Grafana 1.1.1

  • In Plesk for Windows, Advanced Monitoring no longer fails to open with the “The grafana-simple-json-datasource plugin is not installed.” error. (EXTPLESK-1260)
  • Opening Grafana or the Advanced Monitoring extension no longer results in a 404 error if the user logged in to Plesk via HTTPS without specifying the 8443 port. (EXTPLESK-1325)

WordPress Toolkit 4.3.1

  • Cloning and Smart Updates now support websites with permalinks working on nginx.
  • WordPress Toolkit now spotlights 1 month free trial for Smart Updates to server administrators.
  • WordPress Toolkit link is now displayed on the Dashboard tab of the new Dynamic List in Plesk Obsidian.
  • Improved various interface texts.
  • Placeholders like [at] used by various plugins no longer trigger false positive alerts during Smart Update procedure. (EXTWPTOOLK-3550)
  • Smart Update now works for websites which URL was configured with www prefix. Additionally, links on the cloned website no longer redirect to the original website if it has www prefix in the URL. (EXTWPTOOLK-3584)
  • Smart Update controls now display proper information about licensing requirements in WordPress Toolkit SE. (EXTWPTOOLK-1462)
  • Screenshot separator has been given some growth hormone to make sure it reaches the bottom of the screenshot comparison block at all times. (EXTWPTOOLK-3492)
  • Smart Update screenshots were also given growth hormone to make sure they always reach the bottom of the screenshot comparison. (EXTWPTOOLK-3493)
  • Smart Update now resets the scroll position between different screens. (EXTWPTOOLK-3475)
  • Regular updates won’t be accidentally running instead of Smart Updates when Smart Updates are enabled (and expected) on a website. (EXTWPTOOLK-3462)

DigiCert SSL 1.8.0

  • The extension can now be backed up and restored.
  • Paid certificates can now be used to secure domains with internationalized domain names. (EXTPLESK-1241)

Amazon RDS 1.0.2

  • Opening the extension’s page in Plesk Obsidian no longer results in an error. (EXTPLESK-673)

Advisor 1.7

  • The Plesk Advisor extension’s page now loads significantly faster.
  • Plesk Advisor now recommends the Smart Updates feature.
  • Plesk Advisor now recommends the Backup to Cloud Pro to schedule automatic backups of clients’ websites to remote storage.
  • Plesk Advisor now recommends using Acronis Backup to schedule server backups to Acronis Cloud.
  • It is now possible to enable HTTP/2 support on Plesk Obsidian servers via Plesk Advisor. (EXTADVISOR-698)

Plesk Obsidian Ready To Market Update 2 (RTM 18.0.19.2)

  • It is now again possible to edit files with Windows line endings in Code Editor of File Manager, Panel.ini Editor, and PHP ĐĄomposer. (PPP-44495)

Plesk Obsidian Ready To Market Update 1 (RTM 18.0.19.1)

  • Updated the Plesk Lifecycle Policy.
  • New Plesk Obsidian features are now available for users in their native languages.
  • The PHP Composer extension is now shipped by default with Plesk.
  • The Advanced Monitoring extension is now shipped by default with Plesk.

Plesk Obsidian Ready To Market (RTM 18.0.19)

  • Introduced a number of new features and improvements for the Dynamic List view mode in Websites & Domains:
    • Extensions developers can now add tabs of their own extensions to domains’ cards.
    • Extensions developers can now add buttons of their own extensions to particular button groups on the Dashboard tab of domains’ cards.
    • Improved the layout of buttons and controls on domains’ cards.
    • Replaced old color icons with new grayscale ones.
    • Improved the collapse and expand mechanism.
  • Plesk administrators can now customize the mailbox quota notification email.
  • Mail autodiscover can be now turned on and off for the whole server or for particular domains.
  • Rolled back the changes made to Active List in the previous iterations to keep this familiar view mode for customers who do not want to use the new Dynamic list.
  • Improved how the preview of automatic email notifications shows the email subject.
  • Increased the default value of the PHP-FPM max_children setting to 10.
  • After updating Plesk Onyx to Plesk Obsidian, the following extensions will now be automatically installed: Repair Kit, SSL It!, PHP Composer, and Advanced Monitoring (replaces Server Health Monitor present in Plesk Onyx).
  • Improved error messages shown if an extension failed to be installed: the error messages now contain the name of the extension that faced installation issues.
  • Removed the Server Health Monitor component and replaced it with Advanced Monitoring.
  • When multiple files are opened in File Manager via Code Editor, Code Editor tabs now show correct content of the files. (PPP-43622)
  • Customers can now switch between their own subscriptions when they are on the WordPress Toolkit page without the “Warning: Possible phishing attempt detected
” error. (PPP-43913)
  • It is now possible to log in to Plesk using the LDAP Auth extension when the “Disable Plesk native authentication” checkbox is selected. (PPP-43128)
  • If the “Access to Application Catalog” permission is not selected for a customer’s subscription, Applications > All available applications no longer shows unavailable versions of an application ready for installation after any version of the application was uploaded. (PPP-43134)
  • Rotation of server local backups now works even if the server hostname length exceeds 47 characters. (PPP-44325)
  • Monthly resource usage reports sent by email now contain the necessary statistics because the are now generated on the last day of a month. (PPP-43563)
  • It is now possible to create a backup without a warning if a folder that contained a custom branding theme was removed. (PPP-43734)

Linux

  • Mail autodiscover now works for subdomains served only by Apache.
  • The pci_compliance_resolver utility no longer causes security warnings in browsers because the utility now uses up-to-date SSL protocols and cyphers.
  • Certain services (Plesk Autoinstaller, sw-cp-server, nginx, Apache, Postfix, ProFTPD, and Dovecot) can now use the server TLS cipher suite order instead of the client cipher suite order as it was before. On clean Plesk Obsidian installations, the server TLS cipher suite order is enabled by default. For updated installations, administrators can enable it manually for all server’s services (using the server_pref utility) or for a particular service (using the sslmng utility).
  • When the Webalizer or AWStats components are removed, the access_log.webstat file is also removed and webstatistics is no longer calculated. (PPP-24426)
  • WordPress Toolkit can now scan installations even if they have broken symlinks. (PPP-44063)
  • If a server that has Fail2ban and Plesk firewall installed is restarted, Fail2ban and Plesk firewall are now started in the right order: sequentially and without conflicts that could be earlier caused by the simultaneous editing of iptables. (PPP-43152)
  • If a mail server is secured with an SSL/TLS certificate from Let’s Encrypt and the Roundcube webmail client is used, emails can now be sent without issues. (PPP-44131)
  • If shortname authorization is enabled on the server and a mail account password is encrypted, the password can now be changed in webmail. (PPP-33293)
  • The plesk repair all -n command no longer reports false positive errors regarding incorrect permissions of the /etc/init.d/postfix file. (PPP-43564)
  • The pci_compliance_resolver utility can now be enabled for Dovecot and Courier LDAs. (PPP-36611)
  • If a service fails the Watchdog monitoring tests, the service will be now immediately restarted (without the 5-minute downtime as it was earlier). (PPP-41001)
  • After updating Plesk Onyx version 17.5 to Plesk Obsidian on Debian-based OSes, running the Plesk repair utility no longer shows misleading warnings. (PPP-36507)
  • An email with the empty FROM: <> field can no longer bypass the SpamAssassin filter. (PPP-43562)
  • On Ubuntu 16.04 and Debian 8, ModSecurity can now be again installed and switched on with the Atomic Standard rule set. (PPP-44268)
  • nginx now better validates its SSL configuration: if, for any reason, an SSL/TLS certificate is missing for a domain, Plesk now skips the SSL configuration for the domain. (PPP-44031)

Windows

  • Users’ Microsoft Outlook and Thunderbird mail clients can now be automatically configured based on entered emails.
  • A new REST API now manages SmarterMail 100 or later, which is why mail users in SmarterMail 100 or later can now be renamed.
  • Excluded a number of outdated, insecure, or not popular extensions and components from the recommended and full presets.
  • Backups created in Plesk Onyx 17.x can now be restored in Plesk Obsidian. (PPP-44246)
  • Improved an error message shown when a password sent to Plesk via an XML-RPC request does not meet the the OS password security policy (“Local Security Policy”). (PPP-43600)

Third-Party Component Updates

  • Updated PHP 7.3 to version 7.3.9.
  • Updated PHP 7.2 to version 7.2.22.
  • Updated PHP 7.1 to version 7.1.32.

Linux

Windows

  • Updated Node.js 8 to version 8.16.1.
  • Updated Node.js 10 to versions 10.16.3.

PHP Composer 1.0.0

  • The extension now detects the invalid composer.json file and shows a clear error message suggesting clicking the “Edit composer.json” button and correcting the composer.json syntax.
  • The “PHP Composer” icon is now shown on the “Dashboard” tab of a domain card in the Dynamic List view mode in Websites & Domains.
  • Added messages explaining what happens after update if no packages were initially specified in composer.json or they had been removed from it later. (EXTPHPCOMP-38)
  • Error messages now show relative paths to the both files: composer.json and composer.lock. (EXTPHPCOMP-42)
  • If the composer.json file is in the document root of an add-on domain, the “Go to the application folder” link now correctly opens File Manager. (EXTPHPCOMP-44)
  • The install and update operations no longer fail if the /.composer/plesk/ folder does not have the execute permission. (EXTPHPCOMP-51)
  • The extension now correctly detects a major update even if the Composer version specified in composer.json has an unusual format (for example, composer/composer": "2.0.x-dev"). (EXTPHPCOMP-55)
  • The extension now correctly detects dependencies added to composer.json not via the extension interface. (EXTPHPCOMP-57)
  • Added a hint that explains how to add paths to environment variables. (EXTPHPCOMP-61,EXTPHPCOMP-62)
  • New applications no longer inherit removed applications’ settings. (EXTPHPCOMP-63)
  • A warning about the need to refresh packages now disappears after the refresh was done. (EXTPHPCOMP-64)
  • The extension now shows a message about all installed and/or updated packages. (EXTPHPCOMP-52)
  • Misleading messages are no longer shown as errors in the log during the update or install operations. (EXTPHPCOMP-59)
  • The entry “Could not update composer.lock hash” (shown when the composer.lock file does not exist) is now marked in the log as info an not as an error. (EXTPHPCOMP-58)

Grafana 1.1.0

  • The extension’s page (Extensions > the “My Extensions” tab > Grafana > Open) is now opened in a new tab. (EXTPLESK-823)
  • In Plesk for Linux, the extension can now be accessed only from the localhost and can no longer be available from the Internet. (EXTPLESK-1084)
  • If the Grafana extension is installed in Plesk for Linux, the Plesk Premium Antivirus component no longer fails. (EXTPLESK-1134)
  • In Plesk for Linux, the “Fix installation” button can now fix the extension when it occasionally fails to be installed. (EXTPLESK-1192)

Advanced Monitoring 1.1.0

  • The resources usage now have the default preconfigured thresholds. Plesk administrators can use them or can customize the thresholds and turn them on and off for each particular resource usage.
  • Plesk interface now shows notifications when the resource usage exceeds its threshold and/or returns to its normal value. Plesk administrators can turn on and off these notifications.
  • In Plesk for Windows 2012 R2, the “Disk” and “Network” tabs now show the necessary information. (EXTPLESK-1139, EXTPLESK-1194)
  • In Plesk for Ubuntu, the extension now shows correct disks present in the file system. (EXTPLESK-1180)

Site Import 1.4.1

  • Mail Import now migrates the content of mailboxes to Plesk Obsidian for Linux. (PMT-4647)

Plesk Migrator 2.17.7

  • Migration now migrates the content of mailboxes to Plesk Obsidian for Linux. (PMT-4647)

Plesk Migrator 2.17.6

  • Security improvements.
  • Additional users with the rights to manage a single subscription but whose email address was created under a different subscription (for example, a user created under example.com with email user@example.net) are now migrated when the subscription they were created under is migrated. (PMT-4644)

Plesk Obsidian Release Candidate 4 Update 1 (RC4 18.0.18.1)

Third-Party Component Updates

Linux

  • Updated Dovecot and Pigeonhole to versions 2.3.7.2 and 0.5.7.2 respectively, which include a fix for a major security issue. We strongly recommend that you update Plesk.

Extensions Catalog 1.9.0

  • Purchase options (a currency, a country, and an extension ID) chosen by a user in the Extensions Catalog are now preserved in Plesk Online Store. When a user buys an extension and is redirected to Plesk Online Store, the user no longer needs to select the purchase options once again.
  • Introduced the “Deprecated” status for extensions. User who have already installed these extensions will be able to remove them and will not be able to install them anymore. Users who have not installed—will not see deprecated extensions in the Extensions Catalog.
  • The “My Extensions” tab now shows prices and buttons next to extensions the same way they are already shown in the Extensions Catalog.
  • Improved the Extensions Catalog interface when it is opened in Plesk Mobile Center: it is no longer necessary to swipe the screen to right or left to see extensions’ buttons and details. (EXTCATALOG-195)
  • When the Plesk main menu is minimized, quick access to extensions no longer highlights a part of the screen. (EXTCATALOG-234)

SSL It! 1.1.1

  • When SSL It! is installed or updated to version 1.1.1, the extension now detects SSL/TLS certificates previously issued via the DigiCert extension but absent from the current SSL It! configuration and then suggests editing the panel.ini file to see and manage the certificates in the SSL It! interface.
  • Updated the list of trusted root certificates with those from Mozilla CA bundle.
  • When a user tries to install the extension on Windows 2008, SSL It! now informs that this OS is not supported because Windows versions earlier than Windows 2012 do not support SNI. (EXTSSLIT-447)
  • No error now occurs when a customer is created without a subscription and the secure-new-domain setting in panel.ini is enabled (the extension no longer tries to secure the customer’s non-existent domain with an SSL/TLS certificate). (EXTSSLIT-533)

WordPress Toolkit 4.3.0

  • Smart Update feature has been dramatically redesigned, providing full transparency into the analysis process and streamlining overall user experience. Users can now clearly see what is being checked by Smart Updates and what issues are found on which pages. Full analysis summary with update forecast is now also available to users for making an educated decision about the update or for drilling down into issues found by the system.
  • Smart Update now analyzes sitemap to determine which pages to check. Users can create a custom sitemap file specifically for Smart Updates to define which pages should be analyzed (up to 30).
  • Smart Update will notify users about preexisting issues on the website even if the update process itself went smoothly.
  • Smart Update now checks for unexpected PHP errors, warnings, and notices on the website.
  • Smart Update now checks for presence of plugin shortcodes, which typically indicates broken plugins.
  • WordPress websites using really old PHP versions (5.4 and earlier) are now marked in the WordPress Toolkit UI, displaying a warning that WordPress Toolkit will soon stop supporting such websites. A prompt to change the PHP version is displayed for convenience, if users have the permission to manage PHP version on their website.
  • Smart Update toggle is now available as a separate switch on the website card, making sure the feature is easy to see and access.
  • Smart Update now gets VIP treatment from the screenshot making service, being finally able to request as many screenshots as needed.
  • Smart Update now detects the database limits before actually trying to clone the website for analysis.
  • Smart Update threshold settings were removed as a part of UX streamlining.
  • Updates screen was optimized, displaying current and available versions, and also hiding plugin & theme descriptions.
  • Smart Update screen displayed upon following the link in the notification email is now branding-neutral.
  • The algorithm of making website screenshots for Smart Updates was improved to better reflect the actual website look in certain cases. Finally, users can see the goddamned cactus succulent from the Twenty Seventeen theme in all its glory!
  • Smart Update failure no longer has a slim chance to accidentally remove the database of the source website under certain rare circumstances. (EXTWPTOOLK-3312)
  • Regular update is no longer stealthily performed instead of Smart Update if WordPress website has enabled password protection. (EXTWPTOOLK-3410)
  • Smart Update no longer returns weird error message mentioning website ID if 500 HTTP code is encountered during the Smart Update procedure. (EXTWPTOOLK-3234)
  • Smart Update now properly cleans up after itself if the procedure went awry. (EXTWPTOOLK-3313 and EXTWPTOOLK-3424)
  • Repeated opening and closing of the Updates window will no longer slow down the system (why would you do that anyway?). (EXTWPTOOLK-2669)
  • Improved handling of quantum entanglement in the code now allows WordPress Toolkit to identify more accurately whether a certain WordPress installation is broken or infected at any given moment of time. (EXTWPTOOLK-3330)
  • Screenshots can now be made for websites hosted on a domain without www. prefix if this prefix is present in the WordPress database as a part of the site URL. (EXTWPTOOLK-2799)
  • Smart Update will provide a clear explanation instead of a weird error when a website cannot be updated via Smart Update due to Maintenance Mode being enabled. (EXTWPTOOLK-3264)
  • Smart Update will provide a clear explanation instead of a weird error when a website cannot be updated via Smart Update due to password protection being used. (EXTWPTOOLK-3265)
  • Smart Update is now correctly handling the situation when someone tries to enable it on a multisite (spoiler: it doesn’t work and it never did). (EXTWPTOOLK-3378)
  • WordPress installations that were broken and fixed afterwards can now be updated without errors while they’re still detected as broken by WordPress Toolkit. (EXTWPTOOLK-3147)
  • If some of the items in a batch update were not updated successfully, WordPress Toolkit will now display a proper message, providing the necessary details. (EXTWPTOOLK-3151)
  • Sitemap is now properly cloned and copied with all necessary URL replacements during the corresponding procedure. (EXTWPTOOLK-3425)
  • WordPress Toolkit now verifies the MD5 checksum of the WordPress core package after downloading it. (EXTWPTOOLK-3270)
  • If the original WordPress installation on Apache only hosting had any URL structure enabled in “Permalink settings” (except “Plain”), the installation clone now works correctly and its links no longer redirect to the original. (EXTWPTOOLK-3484)

PHP Composer 0.9.2

  • Improved the indication and speed of the “Scan”, “Install”, and “Update” operations.
  • Warning messages and explanations how updates works now differ depending on the type of available updates (major, minor, patch, or secondary dependancies updates).
  • Operations in the extension’s interface and manual operations in the CLI are now automatically synced with each other.
  • Scaling a browser window no longer merges the Install and Update buttons into one dropdown menu. (EXTPHPCOMP-5)

Grafana 1.0.2

Plesk DNSSEC 1.2.2

  • The plesk-zone-checker package is not required anymore. (EXTDNSSEC-58)

PHP updates

  • Updated PHP 7.3 to version 7.3.9.
  • Updated PHP 7.2 to version 7.2.22.
  • Updated PHP 7.1 to version 7.1.32.

Panel.ini Editor 3.2.1

  • Added a number of descriptions of popular extensions’ and Plesk settings.

Advisor 1.6.1

  • Improved integration with Plesk Obsidian.

Plesk Obsidian Release Candidate 4 (RC4 18.0.18)

  • Plesk administrators and resellers can now move the main domain to a new subscription in the Plesk interface (Plesk administrators can do so also via the CLI).
  • Added the following Plesk notifications:
    • Plesk updates are available.
    • A Plesk update/hotfix has been installed.
    • A Plesk update has not been installed.
    • Web Application Firewall: a new rule set or new rules have been installed.
  • Introduced the new “Dynamic List” mode to view the “Websites & Domains” screen. This mode groups controls of each website in blocks we call cards (similar to those in WordPress Toolkit).
  • If SSL/TLS support for a website is turned off, the “Open website” button now opens the website via HTTP. Plesk administrators can also set up “Open website” to open websites always via HTTP (regardless of website’s SSL/TLS support) by adding the following lines to the panel.ini file:

    [domainManagement]
    openButtonForceHttp = 1
    
  • Introduced new icons of the main menu.
  • Improved the X-XSS-Protection response header of Plesk pages.
  • Updated the Plesk Installer interface. Now it is easier to install or upgrade to the latest version of Plesk Obsidian.
  • Running the plesk bin utilities without parameters now shows the help page.
  • Scheduled backups to Microsoft OneDrive no longer fail with the “504 Gateway Timeout” error message. (EXTPLESK-856)
  • Plesk administrator’s backups are now restored even if no available dedicated IP addresses exist. (PPP-43673)
  • It is now possible to log in to Plesk with an email address account, whose password was encrypted. (PPP-43681)
  • Customers can no longer be occasionally created as if they belong to other customers. (PPP-31797)
  • The plesk repair mail can no longer break all mail accounts on the server if one of the accounts has a password that contains an unsupported character. (PPP-43832)
  • The “Log In as Customer” link is no longer shown next to customers that do not have subscriptions. (PPP-43639)

Linux

  • Users’ Microsoft Outlook and Thunderbird mail clients can now be automatically configured based on entered emails.
  • Updated the list of extensions and components installed by default.
  • Improved deployment of Plesk Obsidian cloud images:
    • Significantly sped up the deployment (25 seconds now against 8 minutes earlier).
    • An actual deployment status is now shown. It is possible to see if the deployment finished successfully or with errors.
    • Plesk now installs available updates 30 minutes after deployment.
  • Fixed issues created by the bug fix PPPM-10715. You can now rename your domain or restore it from a backup—no issues with your mail for a domain will occur. (PPP-43460)
  • If a user tries to change virtual hosts location and SELinux is running in enforcing mode, the transvhosts.pl utility now exits with an error message. The message suggests disabling SELinux or setting it to permissive mode to avoid breaking hosted websites. (PPP-43217)
  • Updating the Atomic Standard ModSecurity rule set no longer hangs. (PPP-43620)
  • Removing the system PHP 7.2 component (which is optional since Plesk Onyx 17.9 Preview 11) no longer causes repetitive error messages from the hourly cron task: “find: ‘/etc/php/7.2’: No such file or directory”. (PPP-43824)

Third-Party Component Updates

  • Updated PHP 7.3 to version 7.3.8.
  • Updated PHP 7.2 to version 7.2.21.
  • Updated PHP 7.1 to version 7.1.31.

Linux

  • Updated nginx to version 1.16.1 (both for Plesk and customers’ websites).

Windows

  • Updated ASP.NET Core 2.2 to version 2.2.6.
  • Updated ASP.NET Core 2.1 to version 2.1.12.
  • Dropped support for ASP.NET Core 1.1.
  • Dropped support for ASP.NET Core 1.0.
  • Updated MariaDB to version 10.3.17 (both for the Plesk database and for customers’ websites.)
  • Updated MailEnable to version 10.25.

DigiCert SSL 1.7.0

  • The extension now informs when a paid SSL/TLS certificate is about to expire and makes it easier to renew it. Users no longer need to find the certificate they bought earlier: the “Renew” button opens Plesk Online Store where they can buy the same certificate.
  • Internal stability and security improvements.
  • SSL/TLS certificates can now be installed on IDN domains. (EXTPLESK-1207)
  • SSL/TLS certificates can now be issued if a company name contains the ampersand (&). (EXTPLESK-1211)

Plesk Mobile Center 1.13

  • Fixed the “Failed to load certificate for platform ios_manager_production” error.

SSL It! 1.1.0

  • The extension now shows a warning message when a paid SSL/TLS certificate from DigiCert is about to expire and suggests buying a new SSL/TLS certificate.
  • Updated the link to the documentation in the extension’s description.
  • Improved the layout of the extension’s screen that shows details about an installed SSL/TLS certificate in both Obsidian and Onyx color schemes.
  • Improved the UX and an error message when the DigiCert SSL extension was removed in the middle of ordering an SSL/TLS certificate. (EXTSSLIT-552)

Action Log 1.0.0

  • Initial release.

DigiCert SSL 1.6.2

  • Performance improvements. We strongly recommend that you update the extension.

Domain Connect 1.4.0

  • Users can now automatically configure mail DNS-records.
  • Users can now automatically configure DNS for subdomains.
  • Users can now use Domain Connect to verify their domains ownership for Bing Webmaster Tools.
  • The extension now supports SPFM records. This enables to update the existing SPF record with the rules from the SPFM record.

WordPress Toolkit 4.2.2

  • Integration with Website Overview in Plesk Obsidian was updated, making sure that users can still access WordPress Toolkit quickly on each website.
  • Tools block was moved to a separate column on the website card for increased visibility and easier access.
  • Smart Updates no longer fails to update websites that have issues with infinite redirects. (EXTWPTOOLK-3328)
  • IDNs (international domain names) are now properly displayed on the Smart Update comparison screen. (EXTWPTOOLK-3239)
  • Website screenshots no longer disappear for reasons unknown when user is opening the Smart Update comparison screen. (EXTWPTOOLK-3260)
  • Update of multiple websites should not fail to start anymore in certain cases. (EXTWPTOOLK-3284)
  • WordPress Toolkit now exhibits more patience when connecting remote websites via plugin, ensuring that websites hosted on slower servers can be properly connected without timeouts. (EXTWPTOOLK-3278)

Plesk Migrator 2.17.5

  • Adjusted Plesk Migrator to support the maximum length of FTP usernames in Plesk 17.8 and later (32 characters).

DigiCert SSL 1.6.1

  • Internal security improvements. We strongly recommend that you update the extension.

Plesk Obsidian Release Candidate 3 (RC3 18.0.17)

  • Users can now try Plesk Obsidian online demos.
  • Introduced new Plesk notifications, which are now shown in a separate pane. To see notifications, click the bell icon in the upper right corner of the screen. Here you can also manage the notifications’ settings. To do so, click the gear icon.

    At the moment, the notification pane shows only one notification type (when one of the parameters monitored by Server Health reached the “red” alert level). More notifications are on the way.

  • When Postfix is used, mail.<domain> can now be secured if an SSL/TLS certificate covers it.
  • It is now possible to create a secret key via the CLI or API without specifying the IP address the key will be linked to.
  • Updated Plesk banners (Plesk Welcome screen, Plesk initializing screen, and others) shown when the Obsidian color scheme is selected.
  • A Plesk custom logo and page title can now be installed via the CLI or API.
  • A Plesk edition is no longer shown on the Plesk logo and some other screens. Users can always see a Plesk edition in Tools & Settings > About Plesk (under “Plesk”).
  • Redesigned the website screen in Websites & Domains: removed the duplicated info and made the screen more laconic.
  • File Manager now switches to a correct website, when File Manager is opened via a direct URL. (PPP-41536)
  • Duplicate access controls are no longer shown when adding or updating a database user in Plesk that has remote configuration of database servers. (PPP-43181)
  • If a particular subscription does not have the “Setup of potentially insecure web scripting options that override provider’s policy” permission, a user can now change the subscription’s hosting settings. (PPP-42972)
  • Email aliases with the same name can now be created via the XML-RPC. (PPP-43256)

Linux

  • Mail users now receive email notifications when more than 95% of their mailbox disk space is occupied. The users can also see the information about the mailbox storage disk space, its usage, and limits in the Horde and Roundcube webmail clients.
  • On new Plesk servers, the Poppassd service on TCP port 106 no longer accepts external connections from the Internet.
  • If Postfix is used, an SSL/TLS certificate from Let’s Encrypt (and from other CAs whose certificate files contain the CSR part) can now secure mail for a domain. If you renamed your domain or restored it from a backup and now face issues with your mail for a domain, assign an SSL/TLS certificate to the mail once again. (PPPM-10715)
  • In File Manager, all files can no longer be renamed so that their names contain spaces at the beginning or end (for example, “file “ and “ file”). Previously, if the.htaccess file was renamed this way, a website could work incorrectly. (PPP-43006)
  • The phpMyAdmin interface is now again accessible via the URL /phpmyadmin. (PPP-42510)
  • Improved stability in PHP 7.3.7 and 7.2.20 by fixing the PHP-FPM segmentation faults in fpm_event_epoll_wait. (PPP-43093)
  • The “Maximum bandwidth usage (KB/s)” and “Connections limited to” options on the “Performance” tab of a service plan can no longer be changed if the Apache “bw” module is not enabled. (PPP-43011)

Windows

  • MariaDB is now used as a database server for customers’ websites on new installations of Plesk Obsidian. If you have upgraded to Plesk Obsidian, we strongly recommend that you switch from MySQL to MariaDB. To do so, go to Tools & Settings > Updates > select MariaDB under “MySQL server” and then click Continue. Existing MySQL databases will not be updated anymore even for security reasons, while MariaDB will be updated regularly.
  • Plesk administrators and customers can now choose in which mode IIS will run applications: the default 64-bit mode for new applications or optional 32-bit mode for old ones.
  • Plesk administrators can now change the location of the customers’ MySQL data directory in Plesk Reconfigurator.
  • Plesk updates of MySQL will no longer overwrite all custom my.ini settings with the default values: only the basedir and datadir settings will be now overwritten. (PPP-43013)

Third-Party Component Updates

  • PostgreSQL 10 is now supported.
  • Updated PHP 7.3 to version 7.3.7.
  • Updated PHP 7.2 to version 7.2.20.

Linux

  • Updated Roundcube to version 1.3.9.
  • Updated tar to version 1.32.
  • Updated ModSecurity to version 2.9.3.
  • Updated Phusion Passenger to version 6.0.2.

Windows

  • Updated MariaDB to version 10.3.16.

WordPress Toolkit 4.2.1

  • Users should now be able to perform Smart Update on websites that have a lot of pages. (EXTWPTOOLK-3283)

WordPress Toolkit 4.2.0

  • Users can now upload plugins and themes straight to their website when they open the plugin or theme installation dialog on the website card.
  • Website card now has a link to the corresponding domain in Plesk for easier navigation.
  • Smart Update speed was dramatically improved.
  • Screenshot comparison screens shown in Smart Update details were streamlined.
  • Updates screen was cleaned up and polished, eliminating various small UX issues.
  • Website card view was optimized, making the card a bit more compact.
  • WordPress Toolkit was finally shamed into regularly cleaning up wp-cli utility cache on a per-site basis.
  • The File Manager link on the website card is now more visible and prominent.
  • WordPress Toolkit now displays more details about the update process of WordPress core, plugins, and themes. This change also affects the Smart Update process, making it more transparent.
  • Sites can now be installed and cloned into non-empty directories (including directories with random .php files, mummified remains of ancient WordPress sites, and so on). Users will be warned and asked for confirmation if target directory is not empty.
  • The task responsible for checking and running automatic updates (instances-auto-update.php) was rescheduled to run between 1 AM and 6 AM randomly on each server to avoid causing power surges in datacenters.
  • Smart Updates: E-mail notifications about Smart Updates no longer include periods after HTML links (this could break certain links). (EXTWPTOOLK-1759)
  • Smart Updates: When users are launching Smart Update while the Smart Update license is expired, a proper message will be displayed in UI. (EXTWPTOOLK-2796)
  • Smart Updates: Confusing error message about needing a valid SSL/TLS certificate was unconfused. (EXTWPTOOLK-2599)
  • Smart Updates: The system now properly notifies users when Smart Update skips a website for some reason during mass update operation. (EXTWPTOOLK-2733)
  • Smart Updates: Select Page dropdown now properly displays full website URL of WordPress websites installed in a subdirectory. (EXTWPTOOLK-3224)
  • Smart Updates: Open in Plesk link no longer overlaps the Select Page dropdown in some cases. (EXTWPTOOLK-3203)
  • Remote websites with broken database connection are now correctly marked as broken in UI. (EXTWPTOOLK-2950)
  • CLI output for remote WordPress websites was made more consistent with the output shown for local WordPress websites. (EXTWPTOOLK-2921)
  • Clicking Help in Plesk will now take users to the right help page. (EXTWPTOOLK-3091)
  • Checking the security status under certain circumstances cannot destroy Plugins and Themes tabs in website cards anymore. (EXTWPTOOLK-2867)
  • Plugins can be added to sets via CLI without the TypeError error. (EXTWPTOOLK-3079)
  • When users were choosing to copy only the new database tables using Copy Data functionality, all tables were copied instead if one of the new tables didn’t have the table prefix. This despicable behavior was nipped in the bud. (EXTWPTOOLK-3123)
  • The URL of WordPress website installed on a wildcard subdomain is now displayed correctly. (EXTWPTOOLK-3086)
  • Scan functionality no longer can be broken by the potential data inconsistency mess left by WordPress websites installed via APS. (EXTWPTOOLK-3065)
  • Users cannot start the update process for a website that’s already being updated. (EXTWPTOOLK-3174)
  • Text placeholders are no longer displayed when looking for certain things in Plesk Search. (EXTWPTOOLK-3004)
  • Updating WordPress to a newer version on remote hosting with PHP 5.3 will now show a proper error prompt about PHP requirements. (EXTWPTOOLK-3190)

Plesk DNSSEC 1.2.1

  • If a subscription does not have the “DNS management” permission, the DNSSEC button is no longer shown in Websites & Domains > domains that belong to the subscription. (EXTDNSSEC-50)

Linux

  • If a Plesk server does not have the BIND DNS server component installed, DNSSEC is now installed and its screen shows instructions how to install BIND. (EXTDNSSEC-53)

Grafana 1.0.1

  • Improved stability during import of datasources and dashboards of other extensions to Grafana.
  • Grafana now works correctly in Plesk that has the Plesk Premium Antivirus component installed. (EXTPLESK-754)

Advanced Monitoring 1.0.1

  • If the grafana-server service was not running, users can now start it clicking a button on the Advanced Monitoring page.
  • If the Grafana extension was disabled, the Advanced Monitoring page now shows a clear error message that suggests enabling Grafana. (EXTPLESK-1001)
  • Megabytes and kilobytes are now used as units of measurement. (EXTPLESK-1005)
  • Installed Advanced Monitoring no longer prevents Plesk from logging out after inactivity time-out. (EXTPLESK-1014)
  • Advanced Monitoring now displays data in Plesk on DigitalOcean and Lightsail. (EXTPLESK-1007)
  • In Plesk on DigitalOcean and Lightsail, Advanced Monitoring no longer shows the 500 Internal Server Error on certain charts (for example, CPU). (EXTPLESK-1008)
  • When selected, “Advanced Monitoring” is now highlighted in the left navigation pane. (EXTPLESK-1008)
  • Advanced Monitoring now works correctly in Plesk that has the Plesk Premium Antivirus component installed. (EXTPLESK-754)

Repair Kit 1.2.0

  • Added a new feature “MySQL Process List” (Beta). Users can now see:

    • The list of processes being handled by the local MySQL server.
    • The MySQL process details: what queries are being processed and how much resources they consume.

    To try the new feature, go to Tools & Settings > MySQL Process List (Beta) (under “Assistance and Troubleshooting”).

  • Made a number of UX improvements.

Let’s Encrypt 2.8.2

  • The ‘rsa-key-size’ setting in the ‘panel.ini’ file now again sets an RSA key size. (EXTLETSENC-714)
  • The webmail client of an add-on domain is no longer changed to the client of the main domain (or even disabled if webmail was disabled for the main domain) when any of the following actions are done to the SSL/TLS certificate of the main domain: issuing, manual or automatic renewal, enabling “Keep websites secured”, or unassigning. (EXTLETSENC-603)

Plesk Migrator 2.17.4

  • When migrating to Plesk from the latest version of cPanel that has MySQL 5.7 installed, database users are now also migrated and the applications work correctly after the migration. (PMT-4627)

SSL It! 1.0.1

  • If SLL It! is available for a domain, the domain screen in Websites & Domains can no longer show the duplicate “SSL/TLS Certificates” link that leads to the old interface for managing SSL/TLS certificates. (EXTSSLIT-535)
  • TLS protocols and ciphers can now be again synced with Mozilla: a more stable configuration of protocols and ciphers is used at the moment. (EXTSSLIT-539)

PHP Composer 0.9.1

  • Initial release.

Let’s Encrypt 2.8.1

  • Securing Plesk with SSL/TLS certificates from Let’s Encrypt is now again available in Tools & Settings > SSL/TLS certificates. (EXTLETSENC-699)
  • It is now possible to issue wildcard SSL/TLS certificates from Let’s Encrypt if the BIND DNS server component is not installed. (EXTLETSENC-558)

Git 1.1.2

  • Fixed the look of the Git section on the “Add Domain” screen. (EXTGIT-85)
  • Pulling updates no longer fails with the “Call to a member function websiteOverviewUrl() on null” error. (EXTGIT-88)

Plesk Obsidian Release Candidate 2 (RC2 18.0.16)

  • Plesk administrators can now install the Advanced Monitoring and Grafana extensions on Plesk Obsidian.

    Advanced Monitoring is a revamped version of the Server Health Monitor component, which inherits all the component’s features: detailed reports on the server health, on system resources’ usage, and so on. However, Advanced Monitoring displays all server metrics as visually appealing graphs and dashboards by Grafana.

    It is possible because Advanced Monitoring works in tandem with Grafana. When you install Advanced Monitoring, Grafana is also automatically installed. If you are an experienced Grafana user, server metrics collected by Advanced Monitoring is not your single source of data. You can also integrate Grafana with other data sources of your choice.

    For more information, read the descriptions of the Advanced Monitoring and Grafana extensions in the Extensions Catalog.

  • Plesk users can now move an add-on domain to a new subscription in the Plesk interface (the add-domain will then become the main domain of the subscription).
  • Plesk Administrators can now move an add-on domain to a new subscription via the CLI running the following command:

    plesk bin site --move addon_domain.com -login target_login -passwd target_password
    
  • Added the event “Domain moved”, which is triggered when an add-on domain is moved to another existing or new subscription.
  • Plesk administrators can now change subjects of the email notification messages (the same way they did so for the messages’ texts).
  • Email notifications about automatic installation of system package updates can now be sent to a custom email address.
  • There are now no release tiers in Plesk Obsidian and later.
  • A Plesk mail server and webmail are now available via HTTPS by default: they are secured with the default SSL/TLS certificate that secures Plesk itself.
  • Revamped the look and feel of the main menu:

    • Introduced new icons.
    • Changed how the menu looks on various screen sizes
    • Changed hide and show effects and conditions on various screen sizes.
  • Made the search bar of the main menu more visible by moving the search bar to the top of the screen.
  • Improved the text of the message shown when a user tries to upgrade to Plesk Obsidian, while the installed Plesk license is not compatible with Plesk Obsidian.
  • In Web Admin and Web Pro editions, the information about availability of customers and resellers is now shown correctly in Plesk > Tools & Settings > License Management. (PPP-42195)
  • Protected directories for root locations can now be again created via XML-RPC. (PPP-42741)
  • After a user changes its email address in the Plesk account, all previously sent links to reset the account’s password now automatically expire. (PPP-42541)

Linux

  • Adding protected directories for root locations no longer breaks nginx. (PPP-42741)
  • Errors no longer occur after renaming databases’ tables via phpMyAdmin. (PPP-41491)

Windows

  • An additional FTP account that was created after a subscription was suspended can no longer access the suspended subscription’s home directory via FTP. (PPP-42247)

Third-Party Component Updates

  • Updated phpMyAdmin to version 4.9.0.1.

Linux

  • Updated Dovecot to version 2.3.6.
  • Updated nginx to version 1.16.0 (both for Plesk and customers’ websites).

Windows

  • Added support for Smartermail 100.0.

Ruby 1.3.8

  • Ruby 2.6 is now supported.
  • Ruby 2.5 is now supported.
  • Ruby 2.4.x was updated to version 2.4.6.
  • Ruby 2.3.x was updated to version 2.3.8.

Node.js 1.3.5

Linux

  • Added support for Node.js 12 (except CentOS 6, Debian 7.x, Ubuntu 12.x).
  • Added support for Node.js 10.
  • Updated Node.js 8.x to version 8.16.0.

Grafana 1.0.0

  • Initial release.

Advanced Monitoring 1.0.0

  • Initial release.

Advisor 1.6.0

  • Extension developers can now integrate their own extensions with Advisor by:
    • Adding recommendations to use their own extensions. For reference, use the source code of the Advisor Integration Example extension.
    • Adding ratings for these recommendations. The Plesk team updates the ratings promptly on demand without launching a new version of Advisor.
  • Removed using the Atomic Advanced rule set from the list of recommendations.
  • The extension is now hidden for all additional users. (EXTADVISOR-428)

Plesk Obsidian Release Candidate 1 Update 1 (RC1 18.0.15.1)

  • Protected directories for root locations can now be again created via XML-RPC. (PPP-42781)

Linux

  • Adding protected directories for root locations no longer breaks nginx. (PPP-42787)

WordPress Toolkit 4.1.1

  • Handling of wp-cli timeouts was improved to avoid putting innocent WordPress sites into quarantine.
  • WordPress Toolkit can now connect remote WordPress sites hosted using Bitnami WordPress images from Amazon Marketplace and other cloud marketplaces. (EXTWPTOOLK-3003)
  • Successful update of WordPress core from 5.2.1 to 5.2.2 no longer displays an error in WordPress Toolkit UI. (EXTWPTOOLK-3040)
  • WordPress Toolkit no longer slows down dramatically when connecting individual remote WordPress sites if their wp-config.php has read-only access permission. (EXTWPTOOLK-3007)

Plesk Migrator 2.17.2

  • The extension is now compatible with Plesk Obsidian.
  • Databases can now be migrated to target Plesk servers on Windows in which the “Chinese (Simplified, China)” language is set as the system locale. (PMT-4570)

Extensions Catalog 1.8.0

  • Extensions whose licenses were installed in Plesk are now automatically installed. Turn this behavior on or off in the panel.ini file by adding the following lines:

    [ext-catalog]  
    extensionAutoInstall = true/false
    

Docker 1.4.2

  • The extension now handles situations when the docker service is stopped to avoid logging extra errors.

Plesk Obsidian Release Candidate 1 (RC1 18.0.15)

  • We named the current build “Plesk Obsidian Release Candidate 1.0”. Our team worked hard to make this release stable and fixed 133 issues in addition to the ones listed in these Release Notes. Even better, should you have trouble with this build, Plesk support team will accept support requests for Plesk Obsidian Release Candidate 1.0.
  • The SSL It! extension in now installed by default.
  • The Repair Kit extension in now installed by default.
  • Running plesk bin init_conf --init no longer fails when the -state option is omitted and -country ES is used. (PPP-42336)
  • Improved UX when a user tries to remove a backup that is included in a server, reseller or customer level backup: Plesk shows the message that these backups cannot be removed and they are no longer hidden in the user’s interface. (PPP-41039)
  • Additional services displayed on Subscriptions > subscription > the “Account” tab > the “Additional services” tab now have descriptions. (PPP-38747)
  • When requesting an SSL/TLS certificate, organization names in Chinese are now shown correctly. (PPP-39069)
  • The warning “Restore reseller plan “Default Reseller” is no longer shown when restoring a full server backup of a Plesk server with the Web Pro license installed. (PPP-39289)
  • Custom buttons that has their own icons and files which names start with the dash character are now backed up without warnings. (PPP-39844)
  • Resellers can now sync subscriptions that were once unsynced. (PPP-40252)
  • Is now possible to hide Tools & Settings > PHP Settings in Restricted Mode. (PPP-41438)
  • Improved the error message shown if a backup created in FTP storage contains an invalid XML file dump-header. (PPP-38786)
  • A subdomain’s DNS record is now removed after the subdomain is removed after the BIND installation. (PPP-39828)
  • It is now possible to configure FTP storage that does not recognize the LIST -a command. (PPP-39434)
  • When a subscription has several add-on domains or subdomains, the subscription overview screen no longer shows the “There are 
 domains to show. Load all or switch to Classic List” bar. (PPP-40632)
  • A subscription can now be fully removed if a hard disk quota is not synced. (PPP-34711)
  • The plesk bin mail --info command now shows a correct value of a mailbox size if the mailbox size is the same as in the corresponding service plan. (PPP-40804)
  • The plesk bin server_pref -s command now shows the status of all options it can manage. (PPP-41887)
  • If a service plan has “Setup of potentially insecure web scripting options that override provider’s policy” disabled, changing a PHP handler in the service plan no longer causes repetitive warnings “There are settings that conflict with the server-wide security policy” to be shown. (PPP-31334)
  • Backup Manager is now opened fast if FTP storage is unavailable. (PPP-38660)
  • Website preview is now automatically disabled if it was turned on a domain which DNS service was disabled. (PPP-35142)
  • Creating a certificate signing request no longer adds the “www” prefix to a subdomain or a domain which preferred domain is set as “none” or without the the “www” prefix. (PPP-41548)
  • A DNS record that causes DNS inconsistency can now be removed. (PPP-39511)
  • The plesk bin mailserver --info white-list command now shows the full list of mail’s white-listed IP addresses. (PPP-39947)
  • Parts of a a multi-volume backup can now be again downloaded from FTP storage. (PPP-37275)
  • Subscriptions are now again locked if their mail settings were changed, while the “Ability to change mail settings” permission was not selected for the service plan subscriptions belong to. (PPP-41607)
  • It is no longer possible to suspend domains until the backup task is completed. (PPP-41034)

Linux

  • Plesk for Linux now support SNI for mail when Postfix version 3.4.0 and Dovecot are used together. There are a number of limitations that we plan to fix in the future releases:
    • SNI certificates cannot currently be backed up, restored, or migrated.
    • SAN certificates (including mail.*) are not served by additional names.
    • Domain aliases might have wrong certificates (default one, not from site) in some scenarios.
    • If the IMAP or SMTP server is replaced with one without SNI support, certificates are kept but can no longer be managed.
  • Plesk now ships with Postfix 3.4 on all supported Linux OSes except Debian 8 and CentOS/RHEL/CloudLinux 6.
  • In Plesk on CloudLinux, Node.js and Ruby applications now work when CageFS is enabled.
  • Plesk administrators can now specify the timeout for Apache health check on reload by using the apacheReloadTimeout setting (under the webserver section) in the panel.ini file. The default timeout is 40 seconds, the minimum one is 5 seconds.
  • The Mailman service is now automatically enabled after enabling mailing lists and rebooting the service. (PPP-40080)
  • If a subscription was created under a service plan with the disabled nginx proxy mode and the chosen “FPM Application served by nginx” PHP handler, applying a created add-on plan to the subscription no longer leads to incorrectly processed PHP files. (PPP-41201)
  • Enhanced reliability of removing subscriptions. (PPP-41164)
  • The text in the Watchdog component is now fully localized. (PPP-42128)
  • In Plesk behind NAT (for example, Plesk on Lightsail), public IP addresses can now be added or changed if the “BIND DNS server” component is not installed. (PPP-37155)
  • Plesk Onyx servers are no longer upgraded to Plesk Obsidian if the installed license does not support Plesk Obsidian. (PPP-42299)
  • Plesk administrators no longer receive hourly email notifications that the Kaspersky Anti-Virus license was updated. (PPP-41988)
  • The PHP-FPM service no longer crashes after the domain renaming. (PPP-42016)
  • The website preview URL is no longer automatically redirected to the main website URL if the www domain was set as preferred and “Permanent SEO-safe 301 redirect from HTTP to HTTPS” was enabled. (PPP-41588)
  • If “Permanent SEO-safe 301 redirect from HTTP to HTTPS” was enabled for a website that was set as the default one for an IP address, preview of this and other non-default websites on the IP address is no longer broken. (PPP-40807)
  • After removal of an SSL/TLS certificate, running the plesk repair db -n command no longer shows the warning that the cert_rep_id column does not have the 0 value. (PPP-39579)
  • The Dovecot LDA service no longer shows warnings that it cannot report statistics under popuser:popuser in Postfix. (PPP-41828)
  • If an external MySQL server is set as the default one for a domain and “Allow local connections only” is selected in Database Hosting Settings, the notification about forbidden connections to the database is shown when a user tries to install an application that require databases (for example, Joomla! or Drupal). (PPP-37081)
  • In Plesk behind NAT, selecting the “Send from the specified IP addresses” option with the internal IP address in Mail Server Settings no longer changes an external IP address of the mail.example.com DNS record to the internal one. (PPP-41868)
  • The message about unsupported architectures is now shown if a user tries to install Plesk on a server that has the ARM CPU architecture. (PPP-41222)
  • The plesk bin domain --show-web-server-settings example.com now also shows additional nginx directives. (PPP-40001)
  • Dist-upgrade from Debian 8 to Debian 9 no longer fails if the DNSSEC extension was installed. (PPP-38286)
  • An event handler with the “Update installed” parameter now again triggers when Plesk updates are installed. (PPP-40513)
  • No more errors regarding quotacheck_wrapper.sh on systems with XFS. (PPP-28299)

Windows

  • Removed legacy integration with Acronis True Image from code.
  • Reduced time necessary for opening the domain overview screen if a subscription has a large number of websites and databases (more than 150). The screen is now shown after 2 seconds compared with 10 seconds previously. (PPP-40479)
  • Customizations of DumpTempDir and DUMP_D are now kept after the plesk.msi package was upgraded. (PPP-41825)
  • The error “error when communicating with server” no longer occasionally appears during searching for text in emails in the Horde webmail. (PPP-33348)
  • Backing up of the subscription that has a large number of files no longer finishes with the warning. (PPP-39179)
  • DNS zones on a slave DNS server are now synced with those on the primary DNS server. (PPP-39990)
  • The website preview URL is no longer automatically redirected to the main website URL if the www domain was set as the preferred one and “Permanent SEO-safe 301 redirect from HTTP to HTTPS” was enabled. (PPP-42279)
  • Deleting a subscription with a mail account now deletes the mail account system users. (PPP-40082)
  • Additional read or write permissions are no longer occasionally applied incorrectly to the httpdocs folder. (PPP-42339)
  • When a mailbox password is changed to one that exceeds the allowed number of characters, a clear validation error message is now shown. (PPP-41211)
  • A database backup file can now be downloaded if the file name contains the space or the plus characters. (PPP-41984)
  • If files were not included in a backup (for example, because of the wrong permissions), the files will no longer be added to the backup index and they will be included in the next backup after their permissions were fixed. (PPP-41470)

Third-Party Component Updates

  • Updated PHP 7.3 to version 7.3.6.
  • Updated PHP 7.2 to version 7.2.19.
  • Updated PHP 7.1 to version 7.1.30.

Windows

  • Updated MySQL 5.7 to version 5.7.26.
  • Updated MySQL 5.6 to version 5.6.44.
  • Updated MySQL Connector/ODBC 5.3 to version 5.3.13.
  • Updated BIND to version 9.14.1.
  • Updated Horde to version 5.2.21.
  • Updated IMP, a Horde component, to version 6.2.23.
  • Updated Kronolith, a Horde component, to version 4.2.27.
  • Updated Nag, a Horde component, to version 4.2.24.

WordPress Toolkit 4.1.0

  • You can now connect remote WordPress installations to WordPress Toolkit and manage them without having SSH root access to the remote host. To access this feature, use the “Connect [Beta]” button on the WordPress website list and provide your WordPress administrator credentials. This feature is a part of the overall Remote Management functionality, so it’s available only for Server Administrators as a beta feature.
  • WordPress websites are now put into quarantine if WordPress Toolkit is not able to properly access certain important files. WordPress Toolkit could not manage such websites previously, since WordPress installation list froze if these websites were encountered. This should also address issues with connecting remote servers with such websites.
  • WordPress Toolkit now provides more information about broken websites to help users identify the website and troubleshoot the problem.
  • Remote Management functionality was improved and updated based on the user feedback.
  • Clone and Copy Data operations now handle absolute paths in WordPress database. (EXTWPTOOLK-2601)
  • Smart Update procedure is now more patient, so it has much less chance to fail because of a timeout. (EXTWPTOOLK-2723)
  • Smart Update purchase button is not available to end users anymore. Only server administrators can now purchase or upgrade Smart Update license, as intended. (EXTWPTOOLK-2730)
  • Smart Update procedure steps now communicate better with each other, so issues encountered by one step are now immediately displayed and do not leave the next steps hanging in the dark until the timeout. (EXTWPTOOLK-2734)
  • Rollback of security measures that modify wp-config.php file won’t have a chance of breaking the WordPress website anymore. (EXTWPTOOLK-2824)
  • There was a small chance that WordPress website could be accidentally deleted due to inconsistency of WordPress Toolkit database. It would be very painful, so this chance was extinguished. (EXTWPTOOLK-2686)
  • Remote Management feature now checks if PHP interpreter on remote server has all required PHP extensions before trying to connect the website. (EXTWPTOOLK-2677)
  • Remote Management feature now displays a proper error message if SSH key contents are not valid. (EXTWPTOOLK-2729)
  • Customers with multiple subscriptions can now install WordPress on one of them if another subscription does not have the “Database server selection” permission enabled. (EXTWPTOOLK-1940)
  • If you were constantly seeing the confusing “Unable to find the task responsible for the currently running update process. Try running the update again.” message when trying to run the updates, you can breathe a sigh of relief now, as we have identified and fixed the root cause of this annoying behavior. (EXTWPTOOLK-2694)
  • It’s now possible to clone WordPress located in a particular directory to a directory with the same name in a new subdomain. (EXTWPTOOLK-2906)
  • Users should no longer see the “Something went wrong” error when trying to select a domain during the cloning. (EXTWPTOOLK-2823)
  • WordPress Toolkit no longer tries to activate themes installed through a set. (EXTWPTOOLK-2621)
  • Major WordPress autoupdates no longer fail due to timeout. (EXTWPTOOLK-2925)
  • Customers won’t be seeing the empty “Plugin/theme set” menu during the WordPress installation if the “Allow customers to use sets when they install WordPress” global option is turned off. (EXTWPTOOLK-2692)
  • Server Administrators, on the other hand, will be seeing the proper contents of the “Plugin/theme set” menu during the WordPress installation if the “Allow customers to use sets when they install WordPress” global option is turned off. (EXTWPTOOLK-2693)
  • Users can now clone WordPress installations located in a subdirectory to the virtual folder root of their subscription. (EXTWPTOOLK-2939)

SSL It! 1.0.0

  • Introduced a number of options, which are now available on Websites & Domains > your domain > SSL/TLS Certificates. It is now possible to:
    • Enhance the security of your website’s visitors by setting up a permanent, SEO-safe 301 redirect from the insecure HTTP to the secure HTTPS version of the website. To do so, turn on “Redirect from http to https”.
    • (Plesk Obsidian) Enhance the security of webmail connections by setting up a permanent, SEO-safe 301 redirect from the insecure HTTP to the secure HTTPS webmail connections. To do so, turn on “Redirect from http to https”. The webmail protection will be then applied by default. On Plesk Obsidian for Windows, the redirect to HTTPS for webmail connections is enabled by default and no corresponding checkbox is shown in the interface.
    • (Plesk Onyx for Linux, Plesk Obsidian) Protect your website’s visitors by prohibiting web browsers from accessing the website via insecure HTTP connections. To do so, make sure that your website runs on HTTPS and is secured with an SSL/TLS certificate valid during the selected time period, and then turn on HSTS.
    • Ensure that each domain, subdomain, domain alias, and webmail belonging to the subscription is secured with a free valid certificate from Let’s Encrypt. To achieve this, SSL It! can reissue an existing Let’s Encrypt certificate or replace an invalid certificate (expired of self-signed) with a valid one from Let’s Encrypt. To get peace of mind by receiving this all-round protection, turn on the “Keep websites secured” option.
    • Get evaluation of your SSL configuration from SSL Labs, one of the most popular testing services. Go to the “Run SSL Labs Test” link to check how good the SSL protection of your website is, receive recommendations what can be improved, and follow them to get the highest possible score, A+. By improving your website rank in SSL Labs Test, you improve your website rank in Google.
    • Easily upgrade your certificate if it is about to expire or a more advanced certificate is available (OV or EV) by clicking the “Upgrade certificate” button.
    • (Plesk for Linux) OCSP Stapling can now be turned on and off for websites served by nginx with Apache or solely nginx.

      Note: OCSP Stapling may not work for certificates from certain vendors (for example, free certificates from DigiCert) if the complete trust chain is not in place. To check if your certificate supports OCSP stapling, run the SSL Labs test of your SSL configuration by going to Websites & Domains > your domain > SSL/TLS Certificates and clicking “Run SSL Labs Test” link.

  • (Plesk for Linux) It is now possible to enhance the security of connections encrypted with SSL/TLS certificates (website, mail, Plesk, and so on) by choosing the configuration of TLS protocols and ciphers (generated by Mozilla), which will be used by Plesk. Not to lag behind, synchronize with the Mozilla service once every few months by clicking “Sync Now”.
  • The domain screen in Websites & Domains now informs about the security status of a domain by showing a text message next to the SSL It! icon. The message can be “Domain not secured”, “Webmail not secured”, and others. Try to get the “Safe and sound!” message, which means all domain’s components are secured and TLS-related options are configured.
  • It is now possible to customize the list of SSL/TLS certificates available for order in SSL It! via the panel.ini file. To know which panel.ini settings to edit, install the Panel.ini Editor extension and see the description column of settings under the [ext-sslit] section.
  • Added descriptions of new SSL It! settings to Panel.ini Editor. Plesk administrators can use these settings to customize the appearance and configuration of SSL It!. (EXTSSLIT-295)
  • SSL It! can now automatically renew free certificates from Symantec. (EXTSSLIT-71)
  • If a certificate secures a domain plus a subdomain that is an alias for the domain (alias.example.com), the certificate is now correctly automatically renewed without excluding the alias SAN. (EXTSSLIT-513)
  • If the Plesk database contains a corrupted certificate, SSL It! no longer fails with the 500 Internal Server Error. (EXTSSLIT-445)
  • The webmail client of an add-on domain is no longer changed to the client of the main domain (or even disabled if webmail was disabled for the main domain) when any of the following actions are done to the SSL/TLS certificate of the main domain: issuing, manual or automatic renewal, enabling “Keep websites secured”, or unassigning. (EXTSSLIT-173)

Let’s Encrypt 2.8.0

  • ACMEv2 is now used by default. It makes issuing wildcard certificates also available by default with no need to additionally configure the extension to support ACMEv2.
  • If ACMEv2 is used, certificates that secure a domain plus webmail are now automatically renewed even if webmail is disabled for the domain.
  • If the Plesk database contains a corrupted certificate, the “Keep websites secured” option and the automatic renewal of certificates now work for all certificates except the corrupted one. (EXTLETSENC-681)
  • Access to Plesk Obsidian Preview via 443 port is now automatically secured with a free Let’s Encrypt after the Let’s Encrypt extension is installed (manually or automatically during Plesk installation). (EXTLETSENC-679)
  • If the Let’s Encrypt extension fails to issue or renew certificates, Let’s Encrypt challenge tokens no longer pile up and slow down the speed of backing up and restoration. The challenge tokens are now automatically deleted after a defined period of time. (EXTLETSENC-676)
  • The extension no longer suggests securing webmail if mail management functions are disabled in Plesk. (EXTLETSENC-674)
  • A corrupted certificate in the Plesk database no longer causes unclear error messages in the Let’s Encrypt interface. (EXTLETSENC-659)
  • Improved the error message shown when there is an attempt to issue a Let’s Encrypt certificate for a website that cannot pass HTTP challenge. (EXTLETSENC-653)
  • The Plesk mail server can now be secured with ECDSA certificates. (EXTLETSENC-650)
  • If debug logging was enabled and then the Let’s Encrypt extension was installed while SSL It! was not, excessive messages informing that SSL It! was not installed are no longer shown in logs. (EXTLETSENC-641)
  • ECDSA certificates no longer occasionally fail to be issued and installed. (EXTLETSENC-640)
  • ECDSA certificates can now be issued for IDN domains. (EXTLETSENC-636)
  • If a certificate secures a domain plus a subdomain that is an alias for the domain (alias.example.com), the certificate is now correctly automatically renewed without excluding the alias SAN. (EXTLETSENC-626)
  • The “Secure with an SSL/TLS Certificate” section is no longer shown when wildcard subdomains are created because Let’s Encrypt cannot secure them. (EXTLETSENC-612)
  • The “Keep websites secured” option no longer unnecessarily reissues certificates trying to secure SANs (subdomains, domain aliases, or webmail) that do not exist or cannot pass HTTP challenge. “Keep websites secured” now checks if there are available SANs that can be secured and only then issues a certificate to secure them. (EXTLETSENC-571)
  • A wildcard certificate issued for the main domain no longer occasionally fails to secure a subdomain of the domain. (EXTLETSENC-550)
  • Configured Docker Proxy Rules can no longer hinder the performance of the Let’s Encrypt extension. (EXTLETSENC-11)

DigiCert SSL 1.6.0

  • Fixed the extension’s meta information (the vendor website, Help and Support links).
  • Wildcard subdomains can no longer be selected on the extension’s main page because DigiCert cannot secure them. (EXTPLESK-869)
  • Digicert SSL is no longer shown for wildcard subdomains. (EXTPLESK-564)
  • Certificate orders for domains which names start with capital letters are now shown in the extension’s interface. (EXTPLESK-800)
  • If debug logging was enabled, the log no longer shows excessive messages about optional extensions (for example, SSL It!) not being installed. (EXTPLESK-632)

Plesk Mobile Center 1.10.0

  • Updated the Plesk Mobile Center extension to use Firebase Cloud Messaging notifications.

DigitalOcean DNS 1.1.3

  • Sync of DNS zones between DigitalOcean DNS and Plesk no longer occasionally fails with the “SOA records are not eligible for deletion” error. (EXTPLESK-894)

Plesk Obsidian Preview

  • Plesk 17.9 Preview receives the name of Plesk Obsidian Preview.
  • Plesk users can now move add-on domains between subscriptions in the Plesk interface.
  • File Manager can now search for files by content.
  • File Manager now supports uploading and extracting RAR, TAR, TAR.GZ, and TGZ archives.
  • It is now possible to select which NS record will be set as a primary name server in the Plesk interface. It can be done using SOA record, for DNS Template - SOA record template.
  • Plesk administrators can now turn off “Feedback reminder” email notifications in Tools & Settings > Notifications and by following the link at the bottom of the notification emails.
  • The Plesk UI was updated to modernize it, address several UX issues, and make it visually similar to plesk.com. We streamlined colors and font sizes, and aligned all elements to grid. Check it out!
  • Using the XML API operator with the operation node to get the list of users for a particular database no longer results in an error if one or more database users have access to all databases on the subscription. (PPP-41171)
  • The plesk bin extension CLI utility no longer leaks memory during execution. (PPP-41904)
  • Customers can now be suspended and activated without issue even if one or more subscriptions owned by the customer have a remote SQL database server configured and that database server is not available. (PPP-37491)
  • File Manager no longer displays files owned by a different subscription to users who log in to Plesk via a login link containing a session token. (PPP-41536)
  • Restricting access to Plesk to specific IP address in Tools & Settings > IP Access Restriction Management now works correctly even if the specified IP address had the white space character appended in front of it (for example, “ 192.0.2.1”). (PPP-41886)
  • When a user attempts to remove a domain in Plesk, a warning message is now shown with a list of all domains that would be removed (for example, including all subdomains belonging to the domain). (PPP-40177, PPP-42029)
  • The “Start the backup only if your server has the specified amount of free disk space (in megabytes)” field in Tools & Settings > Backup Manager > Backup Settings now accepts values greater than 99999 MB. (PPP-39394)
  • Creating backups in remote storage no longer randomly fails with the “The dump has content errors” error. (PPP-40519)
  • On newly installed Plesk servers, the “country” field in the Plesk database is set to “US” instead of NULL. (PPP-41779)
  • Changing the PHP version for a subscription based on a service plan with the “PHP version and handler management” permission disabled now correctly locks that subscription. (PPP-41480)
  • Users can now change both the status and the hosting type of a website via a single XML API request. (PPP-42014)
  • When requesting an SSL/TLS certificate, the contents of the “Organization name (company)” field are no longer mangled when the field is filled with Chinese characters. (PPP-39069)

Linux

  • Significantly reduced the disk space necessary for creating full server backups in remote storage. Now the space necessary for backing up two subscriptions or 2 volumes (for multivolume backups) is enough.
  • A subscription’s FTP user’s name is now correctly limited to 32 characters both when creating a subscription and when editing the FTP user’s properties. (PPP-41978)
  • On CentOS 7 x64 servers, the KAV service now correctly restarts and picks up up-to-date virus definitions after virus definitions are updated. (PPP-41813)
  • On CentOS 7 x64 servers with selinux and the Cgroups Manager extension installed and enabled, selinux and PAM errors were being logged during the execution of PHP scripts via the PHP-CGI handler. Plesk selinux policy has been updated to rectify this. (PPP-40800)
  • Running the plesk bin reconfigurator CLI utility now correctly updates SPF records in domains’ DNS zones in accordance with the mapping file. (PPP-39286)
  • Creating backups in remote storage no longer takes up extra disk space on the Plesk server. (PPP-40213)
  • Plesk installation no longer fails on Debian 9 x64 servers with absent gnupg packages. (PPP-41511)
  • Manually changing the value of the ‘fsPartnersPassword’ field in the ‘smb_settings’ table of the Plesk database no longer corrupts backups created in remote storage. (PPP-41108)
  • The KAV service no longer sends the Plesk administrator hourly notifications about updates. (PPP-41988)
  • On Debian 9 and Ubuntu 18 servers, creating a backup that contains one or more custom buttons with assigned icons no longer causes warnings, and user files with names starting with the ‘-‘ character are now correctly included in backups. (PPP-39844)
  • Changing the email address of a customer account no longer results in an error if the DNS server component is installed, but was not installed at the moment of the customer’s creation. (PPP-39779)

Windows

  • The Plesk database is now managed by MariaDB. Clean Plesk installations use MariaDB right from the start, while exising ones will be switched from MySQL to MariaDB during update to Plesk Obsidian Preview.
  • Customers preserves changes made to %plesk_dir%\Plesk\Databases\MySQL\my.ini even after Plesk updates or upgrades.
  • Plesk now prevents users from creating invalid DNS records that could cause the BIND service to crash. (PPP-41780)
  • Custom ‘DumpTempDir’ and ‘DUMP_D’ values specified in the Windows registry are no longer reset to default every time the ‘plesk.msi’ package is upgraded. (PPP-41825)
  • Changing the password of a customer account via the CLI no longer results in an error if the username contains international characters. (PPP-41711)
  • Users can now unpack archives using File Manager even on servers where cmd.exe is restricted by AppLocker. (PPP-39601)
  • Users can now change permissions on the httpdocs directory via File Manager on servers joined to an AD domain if one or more AD users were given permissions to the httpdocs directory. (PPP-41982)

Third-Party Component Updates

  • Updated PHP 7.3 to version 7.3.5.
  • Updated PHP 7.2 to version 7.2.18.
  • Updated PHP 7.1 to version 7.1.29.

Linux

  • Updated nginx to version 1.14.2.
  • Updated Dovecot to version 2.3.5.1.
  • Updated MariaDB to version 10.3.14.
  • Updated MariaDB Connector/C to version 3.0.9.
  • Updated MariaDB Connector/ODBC to version 3.0.8.

Windows

  • Updated Node.js 6 to version 6.17.1.
  • Updated Node.js 8 to version 8.15.1.
  • Updated Node.js 10 to versions 10.15.3.
  • Updated Git to version 2.21.0.
  • Updated the Plesk Perl package to version 5.28.1
  • Updated Microsoft ODBC Driver 17 for SQL Server to version 17.3.1.1.
  • Removed Microsoft ODBC Driver 13 for SQL Server from the default set of components.
  • ionCube Loader is now shipped with PHP 7.3.
  • Microsoft Drivers for PHP for SQL Server is now shipped with PHP 7.3.
  • php_sqlsrv_73_nts_x64 and php_pdo_sqlsrv_73_nts_x64 extensions are now shipped with PHP 7.3.
  • Updated Microsoft Drivers for PHP 7.1/7.2 for SQL Server to version 5.6.1.
  • Updated Microsoft Drivers for PHP 7.0 for SQL Server to version 5.3.
  • Updated Microsoft Drivers for PHP 5.4 for SQL Server to version 3.2.

WordPress Toolkit 4.0.1

  • WordPress Toolkit now displays a correct error message when users are trying to install WordPress 5.2 or update their WordPress to version 5.2 on a domain with PHP version older than PHP 5.6. (EXTWPTOOLK-2902)

DigitalOcean DNS 1.1.2

  • Sync of DNS zones between DigitalOcean DNS and Plesk no longer fails with the “name already exists” error. (EXTPLESK-832)

Domain Connect 1.3.1

  • If a domain cannot be resolved, this event is now logged as a warning in /var/log/plesk/panel.log (Plesk for Linux) and %plesk_dir%\admin\logs\php_error.log (Plesk for Windows). (EXTPLESK-619)
  • Domain Connect no longer suggests configuring DNS settings for a domain when the domain’s DNS hosting is configured in Plesk. (EXTPLESK-590)

Plesk Onyx 17.9 Preview 13

  • If a Plesk Installer process is launched when another one is still running, Plesk now gracefully stops the running process if it is possible. Then Plesk Installer is stopped without negative impact on the server.
  • Improved the design of email notifications sent to customers. The default look of the email notifications is now defined by the HTML template /usr/local/psa/admin/conf/email_notification_template.html.sample. To customize the default look, change the default HTML template or upload a custom one. If you upload the custom HTML template, name it /usr/local/psa/admin/conf/email_notification_template.html and keep the message body placeholder.
  • Plesk administrators can now preview email notifications sent to customers in Tools & Settings > Notifications by clicking the Preview button next to the desired event. This makes it easier to customize the default look of email notifications by previewing the result and making necessary adjustments before sending.
  • Increased the maximum length of database usernames. This improves migration because long database usernames migrated from the source can now be created in Plesk.

    New lengths vary depending on the database management system:

    • MariaDB version 10.0 and higher - 80 characters
    • PostgreSQL version 7.3 and higher - 61 characters
    • PostgreSQL versions lower than 7.3 - 31 characters
    • Microsoft SQL (all versions) - 128 characters
    • MySQL version 5.7.8 and higher - 32 characters
    • Percona version 5.7 and higher - 32 characters
    • Other database management systems - 16 characters
  • If the default domain of a subscription is selected for removal, the removal confirmation message now shows the list of all subscription’s domains that will be removed as well. This helps users not remove the default domain by mistake. (PPP-40177)
  • Full scheduled server backups can no longer be created instead of incremental server backups. (PPP-41247)
  • If the limit on outgoing email messages of an email account exceeds the server-wide limit on outgoing messages from a mailbox, the email account’s settings can now be changed by a customer. (PPP-41235)
  • IP addresses are now sorted correctly in Tools & Settings > IP Address Banning (Fail2Ban) > the “Banned IP Addresses” tab. (PPP-41361)
  • Full server backups stored in remote storage no longer fail to be restored with the “Unable to import file as dump: The file you are trying to upload is not a valid backup file” error when the server has an extension installed that contains non-UTF-8 characters in its settings. (PPP-41505)

Linux

  • Additional nginx directives configured in service plans are now correctly applied to subdomains belonging to subscriptions based on those service plans. (PPP-40605)
  • After the name of a domain’s protected directory /plesk-stat was changed, the domain’s web statistics can now be accessed. (PPP-41275)
  • After switching from the Dovecot IMAP/POP3 server to Courier, the “Maximum number of connections (IMAP, POP3, IMAP over SSL, or POP3 over SSL)” and “Maximum number of connections per IP address” server-wide mail settings keep the default Dovecot values (1024 and 10 respectively). (PPP-39435)
  • If a full server backup contains a customer, whose name contains German characters, the customers’ backup is now created correctly and can be opened without any issues. (PPP-41532)
  • When multiple long tasks are launched at the same time, they are now queued and processed correctly: each task is run and just once. (PPP-34433)
  • Removed the confusing “WARNING: For PHP 7 the module name in the line below need to be modified!” line from the /etc/apache2/plesk.conf.d/roundcube.htaccess.inc file. (PPP-41131)
  • The plesk bin extension utility no longer throws an error when used to register custom DNS backend. (PPP-39754)
  • Plesk can now be installed (including via Plesk Web Installer) on Debian 9 Minimal. (PPP-41511)
  • Plesk updates no longer fail when Plesk legitimate NFS share is used as DUMP_D. (PPP-41230)
  • After the upgrade to Plesk version 17.5 and later, the limit on simultaneous POP3/IMAP4 login processes for the Dovecot IMAP server is now set correctly. (PPP-39914)

Windows

  • Plesk administrators can now create domain backups using REST API. (EXTREST-91)
  • The plesk sbin statistics.exe --calculate-one --domain-name=example.com command again calculates disk usage of a domain mailbox. (PPP-41557)
  • Improved the error message shown if a broken custom security file was uploaded into the %plesk_dir%\etc\disksecurity folder. The error message now shows a path to the broken file. (PPP-40898)

Third-Party Component Updates

  • Updated PHP 7.3 to version 7.3.4.
  • Updated PHP 7.2 to version 7.2.17.
  • Updated PHP 7.1 to version 7.1.28.

WordPress Toolkit 4.0.0

  • Beta version of Remote Management functionality is now available. Go to the Servers tab and add any Linux-based remote server with WordPress sites to manage them from a single place. This functionality will stay free for a limited time during the Beta stage. A notification will be shown in advance regarding the switch from the free Beta stage to the Release stage that will require a separate license. Your feedback and input regarding this feature would be highly appreciated.
  • Smart Update procedure became more transparent, displaying specific steps and their progress. Now at least you’ll know which steps are taking so long!
  • Database server info was added to the Database tab of the WordPress site card.
  • Various links created by WordPress Toolkit on Websites & Domains screen are now directing users to the new UI.
  • Users can see the physical path of WordPress sites when cloning them or copying data from one site to another.
  • WordPress Toolkit is now much better prepared both physically and mentally for handling users who try to clone their WordPress site to a destination where another WordPress site already exists.
  • Removing a subdomain in Plesk will not remove WordPress installation anymore if this subdomain’s docroot was pointing to another domain with WordPress installed. This also covers the use of wildcard subdomains. (EXTWPTOOLK-2580)
  • WordPress Toolkit now properly notifies users why Smart Update could not be performed in certain cases. (EXTWPTOOLK-2573)
  • The description of Turn off pingbacks security measure now explains what will happen if pingbacks are turned off (spoiler: they stop working). (EXTWPTOOLK-2563)
  • The em dash punctuation mark is now correctly displayed in plugin and theme names. (EXTWPTOOLK-1990)

DigitalOcean DNS 1.1.1

  • Updated the authorization token necessary for the extension to operate correctly. If you used the extension earlier than version 1.1.1, you may face issues with existing domains activated in DigitalOcean DNS.

    How do I know if my domains were affected?

    • On the “Overview” tab of the extension, the domains are now marked as “Disabled” under “DigitalOcean DNS Zone”.
    • On the “DigitalOcean Authorization” tab of the extension, you see the “Invalid authorization token. Unable to authenticate you” error.

    How can I make my domains and extension operational again?

    Please do the following:

    1. Update the DigitalOcean DNS extension to version 1.1.1 (if it is not done yet).
    2. On the “DigitalOcean Authorization” tab of the extension, click Authorize.

    This will restore the domains and the extension to operation.

Panel.ini Editor 3.2.0

  • Plesk administrators can now edit descriptions of the Panel.ini Editor settings:

    • (Plesk 17.9 and higher) In Panel.ini Editor if they want these changes for personal use. Then the changes will be saved on the server only.
    • By creating pull requests with the changes to our GitHub repository to share these descriptions with other Panel.Ini Editor users. We regularly review pull requests and approve good ones. New released versions of Panel.Ini Editor will include these approved descriptions.
  • Improved a number of descriptions of SSL It! settings. (EXTPLESK-695)

Plesk Onyx 17.9 Preview 12

  • Plesk Administrators can now move add-on domains between subscriptions via the CLI by running the following command:

    plesk bin site --move addon_domain.com -webspace-name target_subscription.com
    
  • File Manager now has search: users can recursively search files and folders by names.
  • Plesk can now reconfigure the local MySQL server to actually allow remote connections from any host when the corresponding option is selected in Tools & Settings > Database Servers (under “Applications & Databases”).
  • Increased the maximum length of FTP usernames to 32 characters.
  • Improved the error message shown in Plesk CLI and API if a Plesk license could not be updated because the license server ka.plesk.com could not be accessed: the message now contains the KB article link to help troubleshoot the issue.
  • ModSecurity and Fail2Ban are now installed and enabled by default.
  • Added new event handlers and actions to Action Log about SSL/TLS certificates on domain/webmail/mail server/Plesk assigned or unassigned.
  • For Plesk administrators, SPF, DKIM, and DMARC are now enabled by default for incoming and outgoing emails.
  • It is now possible to add a DNS record that contains the <subdomain> placeholder to the DNS template. (PPP-33102)

Linux

  • Plesk can now be installed (including via Plesk Web Installer) on Minimal Ubuntu and Debian 9 Minimal. (PPP-40844, WI-388)
  • Logs now display the customized SPF explanation text instead of the default “5.7.1 Command rejected” error. (PPP-40884)
  • DKIM signing no longer uses the length tag in headers. (PPP-40448)
  • After upgrading from Plesk 12.0.18 on a Debian-based operating system, Plesk no longer has the /etc/sw-cp-server/conf.d/apsc.conf file and no longer listens to port 6308. (PPP-37560)

Windows

  • It is now possible to set up a MySQL data folder in a custom location using Plesk (all necessary permissions and adjustments will be configured automatically according to the custom path).
  • HTTP connections to webmail that is secured with an SSL/TLS certificate are now automatically redirected to HTTPS.

Third-Party Component Updates

  • Updated PHP 7.3 to version 7.3.3.
  • Updated PHP 7.2 to version 7.2.16.
  • Updated PHP 7.1 to version 7.1.27.

Linux

  • Updated Dovecot to version 2.3.4.1

Windows

  • Updated MySQL 5.6 to versions 5.6.43.
  • Added support for ASP.NET Core 2.2.2.
  • Dropped support for ASP.NET Core 2.0.
  • Updated ASP.NET Core 2.1 to version 2.1.8.
  • Updated ASP.NET Core 1.1 to version 1.1.11.
  • Updated ASP.NET Core 1.0 to version 1.0.14.

WordPress Toolkit 3.6.3

  • Cloning procedure now works correctly if the proc_close or proc_open PHP functions are disabled. (EXTWPTOOLK-2533)
  • WordPress Toolkit now shows a warning before cloning that the mysqlcheck utility has detected a database error, so cloning might not work correctly. Users who have not read this warning can continue the cloning procedure. (EXTWPTOOLK-2541)
  • The last remnants of upsell prompts for Maintenance Mode were eradicated from the old WordPress Toolkit UI. (EXTWPTOOLK-2540)

Export lists to CSV 1.1.1

  • Fixed compatibility issues with Plesk 17.9: the button for exporting lists to CSV is visible again and JavaScript errors were fixed. (EXTPLESK-603)

Domain Connect 1.3.0

  • The extension now adds the nameServers key to JSON returned to a domain’s third-party service. This helps the service provider identify that Plesk is the authoritative DNS provider for the domain.

WordPress Toolkit 3.6.0

  • Cloning UI was redesigned for improved responsiveness and consistency.
  • The UI for copying data (a.k.a. syncing) between installations was redesigned, also for improved responsiveness and consistency. As a side-effect, the procedure formerly known as Sync was renamed to Copy Data, so users should not be confused about what exactly is going on.
  • Users can now clone WordPress sites to arbitrary subdirectories on target domains.
  • Improved the reliability of screenshot generation for WordPress installations, Part II.
  • WordPress Toolkit no longer leaves various useless entries in the logs.
  • Improved the handling of broken plugins and themes, reducing the number of esoteric error and warning messages shown to users.
  • The “Install” button now has the focus by default on the WordPress installation form, so hitting “Enter” after opening the form should immediately launch the installation process.
  • Improved the performance of WordPress installation list if it has a lot of WordPress installations.
  • Improved WordPress installation list for viewing on mobile devices.
  • WordPress Toolkit database no longer becomes inconsistent when a subscription with two or more WordPress installations is removed. (EXTWPTOOLK-2250)
  • Smart Update on Windows servers now checks pages other than the main page. (EXTWPTOOLK-2189)
  • Resellers can finally access WordPress Toolkit via the corresponding link in the left navigation panel. (EXTWPTOOLK-1472)
  • Users who remove all WordPress installations on the last page in the list of installations are no longer forced to look with despair at the empty screen (unless it was the only page in the list, then yeah). (EXTWPTOOLK-1750)
  • Select the “All Updates checkbox” on the Updates screen is no longer confused about what it should select after several updates were already applied. (EXTWPTOOLK-2175)
  • Toolbar buttons above the list of WordPress installations no longer lose their titles after users minimize then maximize the left navigation panel. (EXTWPTOOLK-1394)
  • Server Administrator can now manage the “Disable unused scripting” security measure for WordPress installations on locked subscriptions not synchronized with a Service Plan. (EXTWPTOOLK-2178)
  • Disable unused scripting languages security measure can now be properly applied to WordPress installations on subdomains and additional domains. (EXTWPTOOLK-2323)
  • The username and email for WordPress administrator are properly updated in realtime during the WordPress installation procedure if you are changing the destination domain and it has a different owner. (EXTWPTOOLK-2396)
  • WordPress Toolkit now properly shows the theme screenshot if it is in the .jpg format (theme screenshots are displayed if WordPress is installed on a domain that does not resolve yet). (EXTWPTOOLK-1907)
  • Hotlink Protection And Additional Nginx Directives: Hotlink Protection security measure no longer overrides the additional nginx directives on a domain. (EXTWPTOOLK-2305)
  • Hotlink Protection And Mixed Case Domains: “Hotlink Protection” security measure now properly works for domains with mixed case names. (EXTWPTOOLK-2337)
  • Hotlink Protection And Expire Headers: Hotlink Protection security measure no longer disables Expire headers. (EXTWPTOOLK-2321)
  • Update tasks should no longer disappear with cryptic Unable to find the task responsible for the currently running update process message. (EXTWPTOOLK-2231)
  • WordPress Toolkit now properly cleans up its database when a subdomain with WordPress installation is removed in Plesk. (EXTWPTOOLK-2454)
  • “Block access to potentially sensitive files” security measure no longer prevents File Sharing feature in Plesk from working. (EXTWPTOOLK-2279)
  • Dramatically reduced the number of false positives for “Block access to potentially sensitive files” security measure. (EXTWPTOOLK-2247)
  • Clone procedure now correctly detects and properly modifies certain encoded URLs in the WordPress database. (EXTWPTOOLK-1789)
  • Cloned WordPress installations should no longer share their cache with the source installation (we know sharing is caring, but not this time). (EXTWPTOOLK-1773)
  • If WordPress Toolkit cannot change the database prefix for all tables when applying the “Database table prefix” security measure, it will properly roll back the changes to prevent website from being broken. (EXTWPTOOLK-2347)
  • When WordPress is installed in a subdomain, WordPress Toolkit no longer offers to install it in a subdirectory by default if the main domain already has WordPress installed. (EXTWPTOOLK-2252)
  • WordPress can now be installed via CLI into a path containing multiple directories. (EXTWPTOOLK-2260)
  • The error message displayed when users try to install WordPress on a domain without an available database now looks nicer. (EXTWPTOOLK-2440)

DigitalOcean DNS 1.1.0

  • Newly created domains are now automatically activated in DigitalOcean DNS.
  • In Plesk 17.9, the icons on the “DNS management” tab are now displayed correctly. (EXTPLESK-741)

Advisor 1.5.0

  • The “Switch to Up-To-Date PHP Versions” recommendation now considers PHP versions lower than 7.1 to be outdated.
  • Renamed Opsani to Imunify QuickPatch.
  • Updated the extension’s translations.
  • The Advisor’s page no longer hangs if a corrupted PHP handler exists. (EXTADVISOR-669)

Repair Kit 1.1.0

  • The extension now collects disk I/O data and shows it on the process list.
  • Added the “Exclude root”/”Exclude SYSTEM” filter on the process list, which hides system’s power user processes.
  • Improved the extension’s interface by fixing a number of UI/UX issues.
  • Added the notification shown if Repair Kit could not fix all detected issues and they must be fixed manually. (EXTPLESK-584)
  • If “Auto-update of resource usage” is turned on, the selected page is now kept after the process list was refreshed. (EXTPLESK-668)

Domain Traffic Monitor 1.3.1

  • The extension no longer fails to start with the following error: “Error: Internal error: Failed connect to localhost:8651; Connection refused”. (EXTPLESK-698)

Plesk Onyx 17.9 Preview 11

  • Plesk version 12.x can no longer be upgraded to Plesk 17.9. The minimum Plesk version for upgrading to Plesk 17.9 is now Plesk Onyx 17.0.
  • The system PHP component is no longer mandatory for Plesk. It is now possible:
    • To install Plesk without the system PHP component.
    • To install Horde without the system PHP component.
    • To remove the system PHP component after installation of or upgrade to Plesk 17.9.
    • To install and use custom PHP builds instead of the system PHP component.
  • PHP versions 5.6 and 7.0 are now marked as “outdated” in Plesk and Plesk Installer. These PHP versions were also removed from the default set of components in the stable Plesk release.
  • The “SSL/TLS support” and “Permanent SEO-safe 301 redirect from HTTP to HTTPS” options are now enabled by default for new and preset hosting plans and add-on plans as well as for new custom subscriptions. This helps users effortlessly enhance security and improve the Google rank of created websites.
  • Email settings shown on the “Configure Email Client” window (mail server username, incoming and outgoing mail servers, and supported incoming and outgoing mail protocols) can now be customized via the [mail] section settings in the panel.ini file.
  • Improved the error message shown if a Plesk license could not be updated because the license server ka.plesk.com could not be accessed: the message now contains the KB article link to help troubleshoot the issue.
  • Improved UX, names, and descriptions of ModSecurity rule sets. Now it is easier to distinguish between free and paid rule sets, and between Atomic rule sets bought from Plesk and Atomicorp. The description of the Atomic Standard rule set (former Atomic Basic ModSecurity) now contains the procedure how to upgrade the set to Atomic Advanced.
  • Made the name “Scheduled tasks” more conventional for Linux users by adding “(cron jobs)” to it. Scheduled tasks can now be found by the keywords “cron jobs” via search. (PPP-40473)
  • File sharing now works even if “Permanent SEO-safe 301 redirect from HTTP to HTTPS” is enabled for the domain that was selected in “Web Folder root URL”. (PPP-31256)
  • The plesk repair utility can now fix service plans with broken PHP handlers by disabling PHP support for the service plans. (PPP-35949)
  • Backup Manager no longer attempts to create a scheduled backup in FTP storage if the storage was disconnected. (PPP-39300)
  • If a user has two subscriptions and one of them has the “Database server selection” permission turned off, WordPress can now be installed on the second subscription without any issues. (PPP-39433)

Linux

  • Dropped support for Ubuntu 14.04.
  • By default, systemd now automatically restarts crashed Plesk services after 5 seconds.
  • The ImunifyAV extension is now shipped with Plesk.
  • To have HSTS implemented on webmail, added the pm_Hook_WebServer hook to Plesk Extensions SDK: the hook adds HSTS headers to webmail configuration files.
  • Added the support for TLSv1.3 (enabled by default) for customers’ websites that are served by nginx and accessed by HTTPS.
  • It is now possible to switch a domain’s PHP handler to a different PHP version even if nginx proxy mode or nginx itself are disabled. (PPP-37847)
  • In Plesk on CloudLinux, LVE now can limit how much resources (CPU, memory, disk I/O, and others) user processes executed via filemng exec can consume. (PPP-39782)
  • Increased the verbosity of the error message shown if the update of the Atomic rule set fails. (PPP-40492)
  • Domains and subscriptions can now be created without any issues after the Postfix postscreen service was enabled. (PPP-40288)
  • It is now possible to dist-upgrade to Debian 9 even if a custom MySQL server is installed. (PPP-40329)
  • The spam training process no longer consumes resources by creating files if the SpamAssassin spam filter is disabled. (PPP-38192)
  • Apache can now process virtual host configuration files that contain more than 1500 web users. (PPP-40575)
  • The dist-upgrade from Ubuntu 14.04 to Ubuntu 16.04 no longer fails to update MySQL 5.5 (trying the unsupported update of directly installing MySQL 5.7 over MySQL 5.5) because the dist-upgrade from Ubuntu 14.04 to Ubuntu 16.04 is no longer supported. (PPP-33523)

Windows

  • Fixed the website preview on external domain names for Plesk servers behind NAT. (PPP-40063)
  • The plesksrv service no longer creates zombie processes, which slowed down Plesk and could crash it. (PPP-39953)
  • It is now possible to get the list of available webmail clients for Plesk for Windows by running the mailserver.exe CLI utility. (PPP-40320)
  • Plesk Installer now forbids the use of the quotation marks character (“) in the Plesk administrator password. (PI-525)
  • Email accounts can now be created in SmarterMail without any issues because the message buffer size was increased to 16 MB. (PPP-39706)
  • Subdomains can now be created even if no PHP handlers are installed. (PPP-40417)

Third-Party Component Updates

  • Updated PHP 7.3 to version 7.3.2.
  • Updated PHP 7.2 to version 7.2.15.
  • Updated phpMyAdmin 4.8 to version 4.8.5, which includes fixes for major security issues.

Windows

  • Updated MySQL 5.7 to version 5.7.25, which includes fixes for a number of security issues.
  • Updated MySQL Connector/ODBC 5.3 to version 5.3.12.
  • Added support for Windows Server 2019.

WordPress Toolkit 3.5.6

  • WordPress Toolkit compatibility with Plesk 17.9 Preview releases was improved.
  • The limit on WordPress sites with Smart Update in a Service Plan is now correctly applied to each subscription instead of being shared between all subscriptions on this plan. Decommunization is important, comrades. (EXTWPTOOLK-2429)

Domain Traffic Monitor 1.3.0

  • Dropped support for Plesk 12.5.
  • Updated the backend Go compiler:
    • Updated its version to 1.11.5.
    • The Go backend is now compiled as a 64-bit executable file instead of 32-bit.
  • Changed to the three digit versioning scheme (x.y.z).
  • The status of hosts-traffic-monitor is now detected more precisely: the extension can no longer be falsely shown as running when vhosts-traffic-monitor is stopped. (EXTPLESK-720)

Amazon Route 53 2.7.2

  • The extension now applies the TTL value of the DNS zone (instead of a default value) to all its DNS records.

Let’s Encrypt 2.7.3

  • The “Keep your websites secured with free SSL/TLS certificates” option no longer occasionally incorrectly prolongs an issued SSL/TLS certificate.

Linux

  • Increased stability of issuing ECDSA certificates.

Amazon Toolkit 1.1.1

Windows

  • Amazon S3 Backup can now be configured after being installed from the Amazon Toolkit extension. (EXTPLESK-675)

Amazon Toolkit 1.1.0

  • Added Amazon S3 Backup to the Amazon Toolkit extension.

Amazon S3 Backup 1.3.0

  • Added the ability to configure the Amazon S3 Backup storage via the Amazon Toolkit extension.
  • Added the ability to resume failed uploads/downloads. (EXTPLESK-563)

Amazon Route 53 2.7.1

  • The extension can now sync DNS zones with a large number of DNS records (more than 100). (EXTPLESK-393)

DigiCert SSL 1.5.1

  • Internal security improvements. We highly recommend that you update the extension.

Let’s Encrypt 2.7.2

  • Improved the “Adding Your Own Subscription” screen: the “Secure the domain with Let’s Encrypt” section is now placed correctly. (EXTLETSENC-633)

Linux

  • In Plesk 17.8 and later, the extension now supports issuing ECDSA certificates. To have the extension issue certificates signed with ECDSA, add the following lines to the panel.ini file:

    [ext-letsencrypt]
    key-algorithm = ECDSA
    ecdsa-curve-name = prime256v1
    

Plesk Onyx 17.9 Preview 10

  • The Plesk administrator can now bypass the two-factor authentication by Google Authenticator by running the plesk login -support command, which generates a one-time login link for logging in to Plesk.
  • Sped up removing backups from FTP and remote cloud storage. The total time of backup removal is now more than 4 times faster (9 seconds against 43 seconds earlier).
  • If the “PHP version and handler management” permission is selected in a service plan, a subscription under this service plan is no longer locked for sync after changing the domain’s PHP version. (PPP-39395)
  • If the default domain of a subscription is selected for removal, the removal confirmation message now shows the list of all subscription’s domains that will be removed as well. This helps users not remove the default domain by mistake. (PPP-28784)

Linux

  • Users can now gracefully stop Plesk Installer by running plesk installer stop. This command stops Plesk Installer only when it is safe to do so and with no negative impact on the server. You can also stop Plesk Installer by running the plesk installer stop --terminate. This command stops Plesk Installer at once but it can have negative impact to the server.
  • Webmail clients now use modern PHP 7.3 shipped with Plesk. We update PHP within 2 business days, which allows us to promptly fix security issues.
    • Webmail clients on existing domains will be automatically switched to use plesk-php73 fastcgi.
    • Webmail clients on newly created domains will use plesk-php73 fastcgi right from the start.
    • The Horde and Roundcube components in Plesk Autoinstaller now require the plesk-php-7.3 component.
  • Incremental multivolume backups can now be again restored. (PPP-36269)
  • After restoring a number of domains from a backups, SSL/TLS certificates securing these domains are now restored and no issues with the Apache config file occur. (PPP-39613)
  • On Ubuntu 16.04, the apt-get update and apt-get upgrade commands can now be executed without any issues if the sasl2-bin package is installed. (PPP-39711)
  • Web statistics is now calculated once a day. (PPP-40074)
  • On Debian 9, sw-engine-kv no longer slows down the server reboot. (PPP-38825)
  • The plesk repair fs utility no longer shows false positive detection of incorrect ownership of subdomains’ directories. (PPP-35591)

Windows

  • An SSL/TLS certificate that secures a subdomain is no longer unassigned after restoring the subdomain from a backup. (PPP-38372)

Third-Party Component Updates

  • Updated PHP 7.3 to version 7.3.1.
  • Updated PHP 7.2 to version 7.2.14.
  • Updated PHP 7.1 to version 7.1.26.
  • Updated PHP 5.6 to version 5.6.40.

Linux

  • Updated libcurl to version 7.63.0.

Windows

  • Updated BIND to version 9.12.3.

WordPress Toolkit 3.5.5

  • Improved the reliability of screenshot generation for WordPress instances.

Plesk Onyx 17.9 Preview 9

  • The Plesk administrator can now change passwords of customers, resellers, and additional users by automatically sending them an email with a password reset link.
  • During the holiday season, users can select the Christmas theme in Skins and Color Schemes.
  • The Plesk login pages (https://<...>:8443) are no longer indexed by crawlers.
  • Improved error messages shown when sync of subscriptions with the corresponding service plans fails. (PPP-39627)
  • Backups created before the change of the Plesk administrator GUID are now rotated. (PPP-38837)
  • Custom home directories can now be created when adding an additional FTP account. (PPP-16280)
  • It is no longer possible to create an NS record without a corresponding A record via the CLI. (PPP-39509)

Linux

  • If a mail client is used, emails are now sent and the Sent folder is now created without any issues. (PPP-39376)
  • Improved the error message shown if the psa.conf file cannot be parsed. The message now shows the complete path /etc/psa/psa.conf and the invalid line. (PPP-36385)
  • On Debian 9.5, the plesk-dovecot and plesk-courierimap jails now work correctly in Fail2Ban. (PPP-37682)

Windows

  • Starting with MailEnable version 10.20, users can secure mail for a domain with individual SSL/TLS certificates. It is particularly useful for those, who use Apple Mail to access mail on Plesk for Windows. They can now access mail via SSL/TLS connection and without the warning that the SSL/TLS certificate securing the mail server cannot be verified.
  • Websites with enabled SSL/TLS support can now be reconfigured without any issues. (PPP-39580)
  • A VPS license can now be installed on a QEMU KVM server without any issues. (PPP-39785)
  • Logs that contain comments are now displayed correctly in the Plesk interface. (PPP-39532)
  • The web statistics generation can no longer fail with the error “The system cannot find the file specified. (Error code 2)”. (PPP-39648)
  • Subscriptions can now be created even if IIS already has an application pool with the same domain name. (PPP-39617)

Third-Party Component Updates

  • Updated phpMyAdmin to version 4.8.4, which includes fixes for multiple security issues. We highly recommend that you update Plesk. However, note that phpMyAdmin 4.8.4 cannot execute stored procedures.
  • Updated PHP 7.3 to version 7.3.0.
  • Updated PHP 7.2 to version 7.2.13.
  • Updated PHP 7.1 to version 7.1.25.
  • Updated PHP 7.0 to version 7.0.33.
  • Updated PHP 5.6 to version 5.6.39.

Linux

Windows

  • Web Deploy 4.0 is now shipped with Plesk.
  • Updated MailEnable to version 10.20.
  • Updated libcurl to version 7.62.0.

Plesk Onyx 17.9 Preview 8

  • Users can now add nested routes using the extensions SDK.
  • PHP 7.3 RC is now shipped with Plesk.
  • APS catalog is no longer empty if libcurl version 7.61 or later is installed on the server. (PPP-39356)
  • Encrypted files are now opened correctly in File Manager. (PPP-36641)
  • Incremental multivolume backups can now be again restored. (PPP-39144)
  • Improved the web users’ description by adding the following: “If scripting is enabled, web users can access all files of a subscription.”. (PPP-39080)
  • The Perl or Python components enabled for a hosting plan no longer stops sync of subscriptions with the hosting plan. (PPP-39073)
  • Failure in the OptimizeStatistics task of Daily Maintenance Task no longer stops execution of subsequent tasks. (PPP-39142)

Linux

  • Backups restoration no longer fails if the directory for temporary backup files and /usr/local/psa/ are located on different drives. (PPP-39061)
  • The clear error message is now shown when backup process fails because the backup upload to FTP storage was interrupted. (PPP-39301)
  • The command plesk installer --install-component base --reinstall-patch now installs microupdates only if Plesk packages are up to date. (PI-496)
  • On CentOS7, users are now protected from starting named.service by mistake, which breaks DNS configuration. The service named start|restart commands do not now start named.service, and the service named status command logs the warning to use named-chroot.service instead. (PPP-37339)
  • Plesk installation no longer occasionally hangs on certain environments (for example, OpenVZ). (PPP-38528)
  • Successful Watchdog security scan no longer occasionally finishes with a misleading “Scanning process was interrupted” error message. (PPP-39222)
  • The PHP-FPM service from OS vendor is now disabled on clean Plesk installation if no PHP-FPM pools are configured. (PPP-38714)
  • Scheduled tasks with the “Fetch a URL” type no longer treat returned 2xx or 3xx HTTP status codes as errors and do not send email notifications each time the task is executed. (PPP-39206)
  • Configured additional Apache directives for HTTP no longer disappear from Apache configuration after “Permanent SEO-safe 301 redirect from HTTP to HTTPS” was enabled. (PPP-38364)
  • Installation of a license for Advanced ModSecurity Rules by Atomicorp no longer overwrites installed Atomic Secured Linux license. (PPP-35935)

Windows

  • PHP extensions designed for WordPress hosting (sodium, exif, and fileinfo) are now precompiled into PHP engines shipped with Plesk.
  • Plesk installation no longer fails if the administrator password contains certain special and non-Latin characters. (PI-463)

Third-Party Component Updates

  • Updated PHP 7.2 to version 7.2.12.
  • Updated PHP 7.1 to version 7.1.24.

Linux

  • Updated Roundcube to version 1.3.8.
  • Updated libcurl to version 7.61 in Plesk Installer.
  • Updated OpenSSL to version 1.1.1.

Windows

  • Updated MailEnable to version 10.19.

Plesk Onyx 17.9 Preview 7

  • Users can now create email addresses for subdomains.
  • Users can now remove the Plesk mail service for a domain or choose not to create it when a domain is created. This is useful when using a remote mail service - mail to domains hosted in Plesk will no longer be delivered locally.
  • The SEO Toolkit extension is now installed by default with Plesk.
  • Multiple stability improvements in restart of PHP-FPM services.
  • Improved the “Change Your Password” screen: password strength is now checked on the fly, plus users can now create a strong password with one click using the “Generate” button.
  • The names of new Plesk editions (for example, “Plesk WordPress Edition”) are now shown correctly in Plesk and on its login page.
  • The webmail client of an addon domain is no longer changed to the client of the main domain when an SSL/TLS certificate is issued for the main domain. (PPP-38950)
  • It is now possible to remove MX DNS records via the CLI. (PPP-38994)
  • It is now possible to add DNS records that contain the underscore character (_). (PPP-37846)
  • It is now possible to change the owner of the additional user account via the CLI. (PPP-38599)
  • If the Webalizer or AWStats component calculated a main domain’s statistics and then the component was removed, a subdomain or an addon domain can now be created without errors. (PPP-38706)
  • If Plesk is opened in Firefox, the “Learn about secure hosting setting” link is now opened (the link is shown on the “Hosting Parameters” tab when creating hosting plans). (PPP-36238)
  • Scheduled tasks created by extensions are now run as the psaadm user. (PPP-34285)
  • The daily maintenance script is now run as the psaadm user. (PPP-38199)

Linux

  • The Plesk administrator can now select the type of Apache restart (graceful or normal) in “Tools & Settings” > “Apache Web Server” (under “General Settings”).
  • PHP-FPM for PHP versions 7.1 and 7.2 no longer occasionally hangs during its reload or restart.
  • Added the Comodo Free ModSecurity rule set, which provides a starter version of the Comodo ModSecurity rules.
  • Updated Fail2ban to version 0.10.3.1. Fail2ban now protects against attackers with IPv6 addresses.
  • Dropped support for the Plesk VPN component.
  • Plesk Migrator no longer fails if the source server has customized SSH config and allows only new secure MACs. (PPP-36076)
  • Improved performance of the postconf utility shipped with Plesk. (PPP-38498)
  • The “IP addresses were anonymized” message is no longer shown when IP addresses anonymization is not selected and server settings are applied for the first time. (PPP-38705)

Windows

  • The plesk repair --repair-webspace-security -webspace-name example.com command now repairs permissions for the httpdocs folder. (PPP-37376)
  • The statistics.exe utility is now located in the %plesk_cli% folder. (PPP-35824)
  • Running the pleskbackup utility no longer occasionally deletes already created backups. (PPP-37161)
  • Advanced permissions are no longer occasionally displayed incorrectly in File Manager. (PPP-35402)

Third-Party Component Updates

  • Updated PHP 7.2 to version 7.2.11.
  • Updated PHP 7.1 to version 7.1.23.

Linux

  • Updated Phusion Passenger to version 5.3.5, which includes fixes for certain security issues.

Windows

  • Updated SpamAssassin to version 3.4.2.
  • Updated libcurl to version 7.60 in Plesk Installer.

Plesk Onyx 17.9 Preview 6

  • Added REST API landing page to Tools & Settings, from which users can:
    • Read the REST API guide.
    • Visit the REST API reference and playground.
    • See the Swagger scheme and an example of a REST API call using curl.
  • Now the MySQL fork (MariaDB or Percona) actually installed on the server is shown in the Plesk interface.
  • Mail users and additional users can now specify an external email address, which will be used to reset the password if they lose access to the primary email address.
  • For security reasons, the “Upload Extension” button is now hidden in the Plesk interface by default. To install extensions from a file, use the extension utility or make the button visible by editing the panel.ini file.
  • A custom “Unsupported Browser” page is now shown if Plesk is opened in an outdated browser that is no longer supported.
  • Reduced the disk space necessary for restoring particular objects from backups stored in remote storage.
    Now only the backup of the object being restored is imported to the server storage (before this change, the whole server backup was imported).
  • Backup Manager no longer attempts to create a scheduled backup in a remote storage if the storage was disconnected or if the corresponding extension was removed. (PPP-37294)
  • Dropbox Backup no longer shows an error when backups created more than 30 days ago are stored in Dropbox. (EXTPLESK-463)
  • Iframes opened by custom buttons are now correctly resized to fit the contents of the HTML file. (PPP-38388)
  • Joomla! instances on subscriptions with PHP 7.0.x can now be updated. (PPP-38503)
  • Wrong breadcrumbs (for example, Home > Extensions > WordPress) are no longer displayed to customers. (PPP-36068)
  • The size of a MySQL database is now calculated correctly even if the database name contains the hyphen character (-). (PPP-35684)

Linux

  • On Debian 9 and Ubuntu 18, the OWASP ModSecurity rule set is now selected by default. The Atomic ModSecurity rule sets (both free and paid) are not shown any more because they are not supported by these operating systems.
  • The PageSpeed module is now precompiled with nginx.
  • Added support for managing IP addresses via Netplan.
  • Users can now again create, edit, and publish websites with Web Presence Builder. (PPP-38382)
  • If the configured Sieve rules copies an email with a PDF attachment to another mailbox on the same server, the PDF file is no longer corrupted. (PPP-36408)
  • Plesk Update Manager can now be completely disabled. (PPP-38272)
  • psa-pc-remote no longer fails with a segfault. (PPP-33599)
  • The Wdcollect service is now stopped correctly. It is no longer killed instead of being stopped and the system reboot time is not increased by 90 seconds. (PPP-36948)
  • Postfix local now reports an error when Dovecot experiences issues delivering emails. (PPP-36108)
  • Auto-reply no longer fails with an error if the response frequency is reached. (PPP-36512)
  • Deferred emails are now visible in the Plesk interface. (PPP-37117)
  • An IP address added to Plesk via the CLI is now shown right away. (PPP-35951)

Windows

  • Additional Expires headers can now be configured in the IIS settings.
  • If the %plesk_dir%\admin\repository\registry.xml file is corrupted, Plesk now continues working and shows a clear error message instead of crashing with an HTTP Error 500.0. (PPP-37309)
  • Domain statistics and traffic usage are still calculated even if statistics_collector.exe finishes with errors. (PPP-37435)
  • An external mail server configured for a domain now correctly handles mail even if SmarterMail version 14.3 and later is used. (PPP-26788)
  • Plesk is now initialized correctly. (PPP-38267)

Third-Party Component Updates

  • Updated PHP 7.2 to version 7.2.10.
  • Updated PHP 7.1 to version 7.1.22.
  • Updated PHP 7.0 to version 7.0.32.
  • Updated PHP 5.6 to version 5.6.38.
  • Updated phpMyAdmin to version 4.8.3.

Linux

  • Updated Dovecot and Pigeonhole to versions 2.3.2 and 0.5.2 respectively.

Windows

  • Updated MySQL 5.7 to version 5.7.23.

Plesk Onyx 17.9 Preview 5

  • Users can now access Plesk by https://<host-name-or-IP> without specifying the TCP port 8443. On new instances with Plesk 17.9 Preview 5 and later, this feature is available by default. On instances upgraded from earlier Plesk versions, the feature is enabled by running the following command: plesk bin admin --enable-access-domain.
  • Added an ability to apply SOA settings changes to all existing domains. The Plesk administrator can now choose the email address of a person responsible for the domain’s DNS zone (RNAME email address), which will be applied to all domains in Plesk. Additionally, the Plesk administrator can prohibit changing the RNAME email address on a per domain basis.
  • Users can now access the REST API auto-generated reference and execute API calls by browsing https://<host-name-or-IP>/api/v2/.
  • Users can now execute CLI utilities via the REST API interface by using a new REST API endpoint /cli.
  • Cleaned up APS catalog leaving only most popular and important applications.
  • Backups which size is more than 20 GB can now be restored from Microsoft OneDrive Backup storage. (EXTPLESK-448)
  • Improved an error message in Plesk Installer. (PI-472)
  • Backups stored on the server are now rotated if backups were configured to be stored in “Both server storage and Google Drive at My Drive/mybackups”. (PPP-37283)
  • The “Define IP Addresses Mapping” screen no longer appears during restoration of the domain which IP address does not match that configured for outgoing mail. (PPP-35576)

Linux

  • PHP extensions designed for WordPress hosting are now precompiled into PHP engines shipped with Plesk.
  • Website’s statistics (“Web” in the “Usage by services” pie chart) is now shown correctly: the web_users folder is not calculated twice. (PPP-36183)
  • Auto-reply mail handler now correctly processes incoming messages without final multipart boundary. (PPP-37667)
  • Plesk no longer removes the MySQL root user and log rotation is performed correctly. (PPP-37427)
  • Calling the mchk utility no longer disables the usage of short mail account names in Postfix. (PPP-30487)
  • Supscriptions’ owners can no longer see the Postfix mail queue. (PPP-36711)
  • When restoring a subscription with scheduled tasks from a backup, users no longer see the warning “usr/bin/bash: Cannot open: File exists”. (PPP-37007)
  • Backing up is no longer terminated when the sw-engine process is restarted (for example, when packages are updated). (PPP-37337)
  • The OK button now works on the “Define IP Addresses Mapping” screen if Plesk is opened in Internet Explorer 11. (PPP-37723)
  • statistics_collector on domains with a large number of files (around 1000000 files on 2-3 domains) now consumes a correct amount of memory because statistics_collector no longer stores the list of checked inodes for each domain. (PPP-37742)

Windows

  • Improved chances of successful data recovery after the server crash.
  • Plesk 17.5 with installed ODBC driver version 3.51.30 32-bit can now be upgraded to Plesk 17.8 without errors. (PPP-36554)
  • interface_async_executor.exe processes no longer hinder Plesk work. Now they do not hang if one of them hangs and hung processes are closed. (PPP-36536)
  • 32-bit and 64-bit MySQL ODBC connectors now work correctly, when they are both installed on Plesk. (PPP-35368)

Third-Party Component Updates

  • Updated PHP 7.2 to version 7.2.9.
  • Updated PHP 7.1 to version 7.1.21.

Windows

  • Added support for ASP.NET Core 2.1.

Plesk Onyx 17.9 Preview 4

  • The Plesk administrator can now allow or forbid customers and resellers to store backups in a specific remote cloud storage. To enable this feature, purchase Cloud Pro and install the corresponding cloud storage extension.
  • It is now possible to manage Plesk extensions via REST API. Here is what you can do:
    • Get the list of installed extensions.
    • Get detailed information about an installed extension.
    • Install an extension (by code or by URL).
    • Enable or disable an installed extension.
    • Uninstall an installed extension.
  • It is now possible to define what features and controls both the main administrator and additional administrators can access using Restricted Mode (known before as Custom View). Unlike Custom View, Restricted Mode applies both in Service Provider view and Power User View. Restricted Mode can be applied during the creation of additional administrator accounts, and can also be applied to all Plesk administrators via the following CLI command: # plesk bin poweruser –off -simple true -lock true.
  • The Domain Connect extension is now installed by default with Plesk.
  • The Domain Connect extension can now connect Office 365 to Plesk. (PPP-37436)
  • Plesk can now store backups in Google Team Drives via the Google Drive Backup extension. (PPP-36528)
  • If users scheduled incremental backups with a weekly full backup, a full backup is now created after 6 incremental backups instead of 7. (PPP-35904)

Linux

  • Emails received from senders with long names (when the “From” field takes several lines) no longer cause a DMARC error ending up in /opt/psa/handlers/spool by mistake. (PPP-32806)
  • PHP-FPM settings configured in panel.ini no longer replace the link of the Help button (marked with ? character) with a wrong link. (PPP-35857)
  • Now if qmail is installed, the auto-reply forwarding works correctly: the auto-reply message is sent to the sender and the original email is sent to the specified mail address. (PPP-36511)
  • Now when upgrading Plesk 17.5 with installed qmail to Plesk 17.8, no error mentioning master.cf appears. (PPP-37373)
  • php_settings -u now updates PHP settings without errors. (PPP-28164)
  • When the “Anonymize IP addresses during log rotation and collecting of web statistics” option is enabled, the administrator no longer receives daily error notifications if no logs for rotation exist. (PPP-37612)

Windows

  • Additional HTTP headers can now be configured in IIS settings.
  • Dropped support for Windows 2008 R2.
  • MailEnable Professional and Enterprise can now be secured with SSL/TLS certificates. (PPP-36740)
  • In Plesk on Portuguese, files’ permissions can now be changed in File Manager. (PPP-36405)
  • TXT records longer than 255 characters can now be added. (PPP-36838)

Third-Party Component Updates

  • Updated PHP 7.2 to version 7.2.8.
  • Updated PHP 7.1 to version 7.1.20.
  • Updated PHP 7.0 to version 7.0.31.
  • Updated PHP 5.6 to version 5.6.37.

Windows

  • Updated libcurl to version 7.61.

Plesk Onyx 17.9 Preview 3

  • As a part of GDPR compliance changes: added the “Force daily log rotation for all domains” option in Tools & Settings > Server Settings and as the corresponding CLI command.
  • As a part of GDPR compliance changes: added the ability to set the email of the administrator responsible for a DNS zone to “SOA Records Template”.
  • Added the ability to store scheduled backups of subscriptions in remote cloud storage as a premium feature. You can purchase it in the Plesk Online Store. The purchase of the feature unlocks the ability to use all cloud storages.
  • Plesk no longer fails to back up a subscription to remote storage if the subscription was created under a hosting plan without the selected “Backup and restoration of subscription data using remote storage” option. (PPP-37009)
  • Customers can now discard the “Subscribe to our newsletters” pop-up message by clicking “No, thanks”.(PPP-37057)
  • Actions initiated by pmmcli_daemon are now logged properly with details. (PPP-37160)
  • Plesk no longer assigns an outdated PHP version to created domains. (PPP-35860)
  • Scheduled tasks no longer show the misleading tooltip “Run a command” implying that clicking the scheduled task will run it. (PPP-35936)
  • Restoring a full server backup no longer results in warnings if specific configuration lines were added to the [php] section of the panel.ini file prior to the creation of the backup. (PPP-36132)
  • Users now can submit file names containing the hyphen (-) character when configuring custom index files. (PPP-37315)

Linux

  • Security improvements.
  • As a part of GDPR compliance changes: removed the ServerAdmin directive from Apache configuration. To remove the ServerAdmin directive from the configuration files of existing domains, run the plesk sbin httpdmng --reconfigure-all command.
  • As a part of GDPR compliance changes: improved IP address anonymization by removing IP addresses from web statistics.
  • In case of decreasing a maximum number of log files in log rotation settings, excessive logs are now removed immediately.(PPP-37016)
  • The PostgreSQL database no longer fails to be restored from a backup if the database has objects owned by any database user. (PPP-36922)
  • Plesk no longer creates backups with the warning if they contained empty archives and the “Do not compress backup files” option is selected in the server backup settings. (PPP-29832)
  • Excessive notifications regarding missed service command from KAV update are no longer sent. (PPP-36395)
  • Creating a scheduled task in Plesk and configuring the time it must be run in cron format no longer results in an error when a decimal number is used. (PPP-34022)
  • Incoming email messages that fail to pass DMARC authentication are no longer indefinitely stored in the /opt/psa/handlers/spool/ directory. (PPP-32807)
  • Filters in Roundcube now work correctly if the specified destination folder’s name is in Russian. (PPP-30445)
  • PHP Settings are no longer reverted to default ones if they were applied via the CLI, and then the subscription was customized. (PPP-34306)
  • Fixed the website preview on external domain names for Plesk servers behind NAT. (PPP-36151)
  • Now, after clicking “Check for Updates” (in Tools & Settings > System Updates), the correct date and time of the latest update check is displayed even if no updates were available. (PPP-30352)
  • The “Anonymize IP addresses during log rotation” checkbox no longer remains selected if IP anonymization was not actually enabled due to backend errors. (PPP-36813)

Windows

  • The php-cgi.exe process is no longer terminated with the 0xc0000409 exception. (PPP-36404)

Third-Party Component Updates

Linux

  • Added support for MariaDB versions 10.2 and 10.3.

Windows

  • Updated 7zip to version 18.05.
  • Updated MySQL Connector/ODBC to version 5.3.10.
  • Updated Plesk SQL Server to version 5.7.22.
  • Updated MySQL to version 5.7.22.
  • Microsoft ODBC Driver 17 for SQL Server is now shipped with Plesk.
  • Updated the Plesk Perl package to version 5.26.2.
  • Added support for the SQLSRV driver for PHP 7.1 and 7.2.
  • Removed duplicates of %plesk_dir%\bin utilities from %plesk_dir%\admin\bin. If you have integrations configured with these utilities, please use now %plesk_dir%\bin.