Change Log for Plesk Onyx

Learn how to install Plesk updates

Legend:

new feature

functionality improved

issue resolved

pay attention

New Relic 1.3.2

15 May 2024

Added a warning that the extension’s INFRASTRUCTURE cannot be installed in Plesk on Ubuntu 24.

VirusTotal Website Check 1.4.2

7 May 2024

The “PHP Deprecated Construction: Creation of dynamic property Modules_WebsiteVirusCheck_PleskDomain” error no longer appears in /var/log/plesk/panel.log in Plesk for Linux and in %plesk_dir%\admin\logs\php_error.log in Plesk for Windows. (EXTPLESK-5512)

Diskspace Usage Viewer 2.0.10

5 April 2024

Internal improvements.

SEO Toolkit 1.1.20

14 March 2024

Fixed the loading of the “Add keywords” page in multiple languages. (XOVI-10049)

Support SSH Access 1.0.9

21 February 2024

Internal improvements.

Support SSH Access 1.0.8

20 February 2024

Internal improvements.

Google PageSpeed Insights 2.1.14

28 November 2023

Internal improvements.

Google Workspace 1.1.4

17 August 2023

(Plesk) Google Workspace v1.1.4 will be the last Google Workspace update that supports Plesk versions older than Plesk 18.0.50. To continue receiving Google Workspace updates with bugfixes and new features, please update your Plesk installation to version 18.0.50 or higher.

Support SSH Access 1.0.7

16 August 2023

Internal improvements.

SEO Toolkit 1.1.18

11 August 2023

Internal improvements.
Fixed data loading in Log File Analyzer.

Google PageSpeed Insights 2.1.13

20 July 2023

Internal improvements.

Plesk Migrator 2.24.1

10 July 2023

Internal improvements.
The extension now correctly gathers the list of chroot directories to migrate. (PMT-5178)

Site Import 1.6.9

28 June 2023

Mail import from IDN domains no longer fails with an encoding error in the configuration step. (PMT-5177)

Site Import 1.6.8

8 June 2023

Internal improvements.

Site Import 1.6.7

29 May 2023

Internal improvements.

Panel.ini Editor 3.2.7

25 May 2023

Minor internal improvements.

Google PageSpeed Insights 2.1.2

25 May 2023

Fixed the broken links used to download the extension’s packages. (EXTPLESK-4598)

Site Import 1.6.6

19 May 2023

Internal improvements.

Google PageSpeed Insights 2.1.11

24 April 2023

Fixed the visualisation of statistics on a domain’s report page. (EXTPLESK-1432)

Plesk Email Security 1.3.9

19 April 2023

Fixed broken links to KB articles in Plesk and its documentation.

Site Import 1.6.5

18 April 2023

Moved the “Website Importing” button from the “Install Application” drawer to the domain card. Also, the button is now shown in domain overview.

Grafana 1.3.7

20 March 2023

Updated Grafana to version 8.5.21 to fix multiple security issues.

Site Import 1.6.4

9 March 2023

Internal improvements.

Dropbox Backup 4.2.3

21 February 2023

Internal improvements.

Plesk Migrator 2.24.0

20 February 2023

Internal improvements.

Dropbox Backup 4.2.2

17 February 2023

Internal improvements.

Extensions Catalog 1.16.3

16 February 2023

Internal improvements.

Site Import 1.6.3

15 February 2023

Internal improvements.

Plesk Email Security 1.3.6

9 February 2023

Internal improvements.

Scheduled Backups List 1.0.1

2 February 2023

The extension no longer crashes with a PHP fatal error while opening. (EXTPLESK-4326)

Extensions Catalog 1.15.6

30 January 2023

The “Buy” button is no longer shown on the Google Workspace extension overview page. (EXTCATALOG-614)
The Extension Catalog UI is no longer completely broken in Plesk 18.0.42 and earlier. (EXTCATALOG-618)

Site Import 1.6.2

27 January 2023

Internal improvements.

Plesk Onyx 17.5, 17.8 mod_proxy update

27 January 2023

Linux

Updated Apache mod_proxy to fix the issue where Apache did not start after an update of httpd to 2.4.6-98 on RHEL 7/CentOS 7/CloudLinux 7. (PPP-59844)

Plesk Migrator 2.23.1

27 January 2023

Internal improvements.

Plesk Email Security 1.3.5

27 January 2023

Internal improvements.

Google PageSpeed Insights 2.1.9

23 January 2023

Internal improvements.

Google PageSpeed Insights 2.1.10

23 January 2023

Internal improvements.

Amazon Route 53 2.8.2

19 January 2023

The extension no longer produces PHP error messages regarding AWS. (EXTPLESK-4242)

Panel.ini Editor 3.2.6

5 January 2023

Minor internal improvements.

Plesk Migrator 2.23.0

12 December 2022

Migration no longer fails to authenticate some Microsoft SQL servers. (PMT-5064)

Amazon S3 Backup 1.4.4

29 November 2022

Fixed the “PHP Fatal error: Access level to Aws\Api\Parser\RestXmlParser::$parser must be protected” error, which made it impossible to configure remote storage. (EXTPLESK-4123)

Plesk Email Security 1.3.4

28 October 2022

Linux

Internal improvements.

LDAP Auth 2.1.3

18 October 2022

Fixed AD authentication via SSL:TLS. (EXTPLESK-3999)

Plesk Migrator 2.22.4

14 October 2022

Running the apt update command on a Plesk server with both the Plesk Migrator and Site Import extensions installed no longer results in a large number of unnecessary warning messages. (PMT-4794)

Plesk Migrator 2.22.3

6 October 2022

Migration of MySQL/MariaDB databases from Windows servers no longer fails. (PMT-5056)

Plesk Migrator 2.22.2

30 September 2022

Migration of MySQL/MariaDB databases from DirectAdmin servers or custom panel Linux servers no longer fails with the “Permission denied” error. (PMT-5055)

Site Import 1.6.1

20 September 2022

Site import no longer fails with the “Character set ‘utf8mb4’ is not a compiled character set” error when migrating from outdated MySQL/MariaDB servers. (PMT-5050)

Plesk Migrator 2.22.1

20 September 2022

Migration no longer fails with the “Character set ‘utf8mb4’ is not a compiled character set” error when migrating from outdated MySQL/MariaDB servers. (PMT-5050)

Site Import 1.6.0

29 August 2022

Website content is no longer corrupted during migration when UTFmb4 characters are used. (PMT-5047)

Linux

The extension can now be installed on Plesk servers running on Red Hat Enterprise Linux 9.

Plesk Migrator 2.22.0

29 August 2022

Website content is no longer corrupted during migration when UTFmb4 characters are used. (PMT-5047)

Linux

The extension can now be installed on Plesk servers running on Red Hat Enterprise Linux 9.

Extensions Catalog 1.16.0

17 June 2022

Fixed the issue where manual update to an unstable version would result in an error. Only stable versions are now available for update. (EXTCATALOG-621)

Plesk Migrator 2.21.8

23 May 2022

Updated translations.

Plesk Email Security 1.3.3

13 May 2022

Linux

The extension can now install and use Amavis in Plesk on Red Hat Enterprise Linux 8. (EXTPLESK-3420)

Extensions Catalog 1.15.5

11 April 2022

Internal improvements.

Site Import 1.5.7

29 March 2022

Internal improvements.

Plesk Migrator 2.21.7

29 March 2022

Internal improvements.

Google PageSpeed Insights 2.1.7

16 March 2022

Updated the cacert.pem file to the latest version provided by Mozilla.
The “PHP warning for non-compound name Exception” error is no longer shown in panel.log after the extension was installed and a subscription was created. (EXTCERT-3255)

Plesk Email Security 1.3.2

11 March 2022

Linux

To significantly reduce CPU load, optimised the script that updates statistics. (EXTCERT-3760)

Plesk Email Security 1.3.1

3 March 2022

Linux

Fixed the location detection of the spam folder during its automatic cleanup. (EXTCERT-3727)

Site Import 1.5.6

1 March 2022

The “Mail importing” tool is now located on the “Mail” tab.

Nextcloud 1.6.2

23 February 2022

Linux

Changed the way how the ownership of Nextcloud installations is detected. The installations are now mapped to the permission rights of the domains (not users’ IDs as it was before). (EXTPLESK-3352)

Plesk Migrator 2.21.5

21 February 2022

The extension can now be installed in Plesk on Debian 11.
The extension can now connect to source servers that have old versions of OpenSSH even if the servers do not provide correct information on key hashing algorithms. (PMT-5008)

Joomla! Toolkit 2.4.6

14 February 2022

We have created the current extension’s “maintenance only” fork for Plesk versions 17.0.17-18.0.40 and labeled it version 2.4.6. We do not plan to update the fork unless any essential security fixes are necessary. We will introduce major changes updating only the master branch for Plesk Obsidian 18.0.41 and later.

Extensions Catalog 1.15.3

9 February 2022

Internal improvements.

Panel.ini Editor 3.2.5

24 January 2022

Minor internal improvements.

Extensions Catalog 1.15.2

20 January 2022

Even if the Extensions Catalog fails to update its endpoint, the search function remains available.
Internal improvements.
Removing an extension now automatically redirects to the “My Extensions” tab. (EXTCATALOG-589)

Repair Kit 1.2.4

18 January 2022

We have created the current extension’s “maintenance only” fork for Plesk versions 17.0.17-18.0.38 and labeled it version 1.2.4. We do not plan to update the fork unless any essential security fixes are necessary. We will introduce major changes updating only the master branch for Plesk Obsidian 18.0.38 and later.

Plesk Migrator 2.21.4

17 January 2022

The extension can now correctly resync email messages from cPanel. (PMT-5000)
Migration from servers with customized SSH MACs now works. (PMT-4361)
Plesk in Restricted Mode no longer shows the “Migration & Transfer Manager” button in “Tools & Settings”. (PMT-5001)

Note: To have this bugfix come into effect, update your Plesk to the upcoming version 18.0.41.

Plesk Email Security 1.3.0

11 January 2022

Linux

Added automatic cleanup of spam emails. You can set up how often Plesk deletes them (for example, every 30 days) in the server-wide settings. (EXTCERT-3652)
Various internal improvements.

Plesk Mobile Center 1.18

30 December 2021

The extension no longer shows incorrect memory usage values in Plesk 18.0.40 and later. (PMBL-614)

Extension Catalog 1.15.1

28 December 2021

Internal improvements.

Ruby 1.3.14

20 December 2021

We have created the current extension’s “maintenance only” fork for Plesk version 18.0.35 and earlier and labeled it version 1.3.14. We do not plan to update the fork unless any essential security fixes are necessary. We will introduce major changes updating only the master branch for Plesk Obsidian 18.0.36 and later.

Extension Catalog 1.15.0

14 December 2021

Reduced feed size by excluding description markdown and changelog.
The context promos window on the Mail tab now shows the correct number of offers for the Plesk Premium Email extension. (EXTCATALOG-581)

Site Import 1.5.5

3 December 2021

Updated the translations.

Domain Traffic Monitor 1.3.4

30 November 2021

Internal improvements.

Plesk Mobile Center 1.17

29 November 2021

Internal improvements.

Plesk Migrator 2.21.3

29 November 2021

Migrator no longer fails to copy the content and system files of domains that have mixed case names. (PMT-4963)

Extension Catalog 1.14.3

22 November 2021

Improved how the Extension Catalog shows the country of tax residence to private customers with VAT.

Extension Catalog 1.14.2

12 November 2021

Improved the interface of the extension management page.

Docker 1.4.9

3 November 2021

We have created the current extension’s “maintenance only” fork for Plesk versions 17.0.17-18.0.21 and labeled it version 1.4.9. We do not plan to update the fork unless any essential security fixes are necessary. We will introduce major changes updating only the master branch for Plesk Obsidian 18.0.22 and later.

Extension Catalog 1.14.1

1 November 2021

Internal improvements.

SEO Toolkit 1.1.16

28 October 2021

Fixed a regression bug in the “Active List” output.

SEO Toolkit 1.1.15

26 October 2021

Fixed performance issues on the “Websites & Domains” page.

Site Import 1.5.4

15 October 2021

The extension installation no longer breaks Plesk Onyx 17.0 and 17.5. We have spotted this bug in Site Import version 1.5.3. (PMT-4984)

SEO Toolkit 1.1.14

12 October 2021

Fixed several performance issues.
Fixed “500 TypeError” on the start page.

Domain Connect 1.4.3

11 October 2021

Security improvements.

Domain Connect 1.4.2

8 October 2021

Users can now automatically configure DNS records for domains without hosting. (EXTPLESK-2993)
Updated supported DNS templates.
The extension can now determine without authentication if it supports a particular DNS template.
The extension can no longer crash while configuring DNS records. (EXTPLESK-2602)

Plesk Email Security 1.2.1

6 October 2021

Linux

Added support for CloudLinux OS.
Updated virus signatures to better detect viruses.

Note: The virus signature update can take several minutes. Please wait until it is finished and do not interrupt the update.

Site Import 1.5.3

28 September 2021

Removed the “Import website” section shown by mistake at the bottom of domains’ pages (for example, “PHP Settings” or “Web Hosting Access”) after the extension update version 1.5.2. (PMT-4981)

Site Import 1.5.2

23 September 2021

It is now possible to create a website by importing one from another hosting server.

Plesk Email Security 1.2.0

13 September 2021

Linux

Added support for AlmaLinux OS.
Fixed mailbox location detection for the move action. (EXTCERT-3467)

Dropbox Backup 4.2.0

9 September 2021

The extension now uses short-lived access tokens for authorization.

From September 30, 2021, backing up to Dropbox becomes unavailable because Dropbox changes its authorization method. To keep your data backed up to Dropbox after September, click “Log out” and then configure the Dropbox storage again. We recommend that you do that before the end of September.

Dropbox Backup 4.1.3

9 September 2021

We have created the current extension’s “maintenance only” fork for Plesk Onyx 17.5 and earlier and labeled it version 4.1.3. We do not plan to update the fork. We will introduce changes updating only the master branch for Plesk Onyx 17.8 and Plesk Obsidian. See these changes starting with the extension’s version 4.2.0.

Extension Catalog 1.14.0

6 September 2021

The Extension Catalog is adapted for PAYG licensing model. After purchasing an extension with PAYG licensing, the Plesk administrator can adjust the limits with the “Adjust” button.
The most popular category no longer includes the installed extensions.
Minor internal improvements.
The Extension Catalog no longer shows the wrong price for the eCommerce Toolkit extension. (EXTCATALOG-525)
HTTP error no longer occurs if an admin email is empty. (EXTCATALOG-541)

Node.js 1.4.1

23 August 2021

We have created the current extension’s “maintenance only” fork for Plesk version 18.0.35 and earlier and labeled it version 1.4.1. We do not plan to update the fork unless any essential security fixes are necessary. We will introduce major changes updating only the master branch for Plesk Obsidian 18.0.36 and later.

Google Authenticator 1.4.5

18 August 2021

We have created the current extension’s “maintenance only” fork for Plesk version 18.0.35 and earlier and labeled it version xxx. We do not plan to update the fork unless any essential security fixes are necessary. We will introduce major changes updating only the master branch for Plesk Obsidian 18.0.36 and later.

Joomla! Toolkit 2.4.5

17 August 2021

Added version checks to prevent unwanted major upgrades to Joomla! 4 and installation errors if the wrong package is downloaded. Joomla! 4 is not supported yet; we are adding full support for the new major version in the next update.

Site Import 1.5.1

27 July 2021

When migrating mail via IMAP between Plesk for Windows servers, mail in subfolders is now being correctly copied over to the destination server. (PMT-4943)

Plesk Migrator 2.21.2

27 July 2021

When migrating mail via IMAP between Plesk for Windows servers, mail in subfolders is now being correctly copied over to the destination server. (PMT-4943)
Plesk Migrator no longer incorrectly reports errors during post-check after migrating one or more DNS records containing long text fields. (PMT-4952)
Migrating a subscription with the mail service disabled no longer results in the mail service being enabled on the destination server. (PMT-4870)
Migration no longer fails when migrating one or more plans with leading and/or trailing whitespace characters in the name. (PMT-2776)
Migrating from Debian 10 servers no longer fails with the “Source server OS is not supported” error. (PMT-4974)

Panel.ini Editor 3.2.4

16 July 2021

Minor internal improvements.

Docker 1.4.8

23 June 2021

Closing error messages displayed by the Docker extension no longer takes the user to the Plesk home page. (EXTDOCKER-126)

Extension Catalog 1.13.10

21 June 2021

The Extension Catalog no longer occasionally shows incorrect radio buttons with prices instead of the “Get if free” button next to the extension that is free and does not have the “Multiple offers” licensing model. (EXTCATALOG-511)
The search function in the Extension Catalog can now process search queries that contain spaces and special characters (!,@,#, and so on). (EXTCATALOG-493)

Site Import 1.5.0

18 June 2021

Connection to a website via FTP on some modern operating systems and Plesk versions no longer fails. (PMT-4874)
Now all valid secret keys are taken into account when importing websites. Previously, some valid secret keys could be considered corrupted or missing, which resulted in the “PleskAPIInvalidSecretKeyException : key is not found” error. (PMT-4903)
Changed the way a WordPress website’s URL is updated when importing so that it no longer works incorrectly in some edge cases. (PMT-4869)
Mail migration from a source server now tries to switch to a supported TLS protocol before failing in case of an “UNSUPPORTED_PROTOCOL” or “WRONG_SSL_VERSION SSL” error. (PMT-4873)
The extension no longer corrupts the names of folders that contain non-ASCII characters during import. (PMT-4958)

Plesk Migrator 2.21.1

18 June 2021

Migration post-check no longer reports an issue if the HTTP response code changed from 200 on the source server to 301 on the target server due to the “Permanent SEO-safe 301 redirect from HTTP to HTTPS” option being enabled by default on Plesk Obsidian.
Migrating From Plesk Obsidian for Linux 18.0.36 no longer results in the “Failed to create the remote configuration dump on the target server. Not all settings may be migrated.” error during pre-check, which could lead to some settings not being transferred during migration. (PMT-4957)
Migrating from Confixx with a recent Perl version installed no longer fails with the “Failed to perform action: Fetch data from source Confixx” error. (PMT-4960)
The value of the ‘Permanent SEO-safe 301 redirect from HTTP to HTTPS’ option is now transferred over correctly when migrating from cPanel to Plesk Obsidian. (PMT-4611)
Migrating a domain with an APS application installed on the domain root with the “HTTPS” option enabled no longer results in misleading cautions during post-check. (PMT-4913)
CLI migration to a Plesk for Linux server with MariaDB 10.5 installed no longer fails with the “Service ‘mysql’ is not started on target Plesk server” error. (PMT-4935)
Plesk Migrator can now correctly decrypt passwords if the PLESK_BACKUP_PASSWORD environment variable is set on the source server. (PMT-4953)
The extension no longer corrupts the names of mail folders that contain non-ASCII characters during migration. (PMT-4958)
Replaced the missing warning.png and ok.png icons. (PMT-4933)

Amazon Route 53 2.8.1

17 June 2021

The extension now correctly syncs domains` DNS records if the total number of records exceeds 100. (EXTPLESK-2698)
The extension now syncs a public zone instead of a private one for a domain with two hosted zones in AWS. (EXTPLESK-2359)

Keychain for API Secret Keys 1.1.1

12 May 2021

The extension interface now shows key IDs instead of key values. To reflect this change, we also renamed the “Key” tab to “Key ID”. (EXTPLESK-2334)

Nextcloud 1.6.1

12 May 2021

Linux

Revised how the latest version is determined. (EXTCERT-3412)

Advisor 1.8.5

30 April 2021

The extension will no longer receive feature updates in Plesk Onyx 17.8. We will continue fixing critical security issues for the Advisor extension in Plesk Onyx 17.8 until it reaches end of life. We strongly recommend updating to Plesk Obsidian for the best Plesk and Advisor extension experience.

Plesk Migrator 2.21.0

13 April 2021

It is now possible to migrate Plesk servers with remote databases.
It is now possible to migrate Plesk 12.5 servers that have WordPress websites. (PMT-4921)
The extension can no longer migrate additional users to a wrong subscription that belongs to the same owner. (PMT-4759)
Migration via the CLI no longer fails if a service or add-on plan to be migrated has no subscriptions. (PMT-4888)
It is now again possible to migrate subscriptions that belong to one hosting plan. (PMT-4915)
Migration no longer fails if the dump import was finished with the error code 152. (PMT-4909)

Linux

It is now possible to migrate servers on AlmaLinux OS.
It is now again possible to migrate cPanel servers with Perl version 5.21.3 and later installed. (PMT-4911)
The extension no longer migrates settings specified on the “Performance” tab of a hosting plan. Such migration caused an error because the “Performance” tab of hosting plans was removed in Plesk Obsidian. (PMT-4827)
If nginx is turned off on the source server, migration no longer resets PHP handlers. (PMT-4861)
The extension no longer limits the user name length of password-protected directories to 20 characters. (PMT-4893)
The extension now correctly detects the remoteip Apache module. (PMT-4914)

Git 1.2.3

13 April 2021

Creating a repository no longer fails in Plesk with Git version 2.29.2 and later. (EXTGIT-126)

Windows

In Plesk for Windows, creating a repository for a domain no longer fails if the system user password of the subscription the domain belongs to contains special characters. (EXTGIT-131)

Microsoft Azure DNS 1.1.0

7 April 2021

The extension now shows a warning if a custom backend script is not properly configured and offers to configure it if necessary.
Added a link to the extension to the left navigation pane in Power User mode.
Updated links to the documentation.
Improved an error message shown in the panel.log if the extension has incorrect credentials specified. (EXTPLESK-543)
The extension now correctly syncs DNS records of domains whose names contain uppercase characters. (EXTPLESK-1317)
The extension now correctly syncs TXT records that have the same hostname. (EXTPLESK-1319)

Plesk Email Security 1.1.12

6 April 2021

Linux

Renamed the terms “blacklist” and “whitelist” to blocklist and allowlist.
Added the hostname value to an error message shown if an invalid hostname is detected.
Improved the description hint for allowlist/blocklist. (EXTCERT-3349)
Improved the custom SpamAssassin configuration to make sure that the auto-whitelist plugin is loaded. (EXTCERT-3293)

SSL It! 1.7.10

5 April 2021

The SSL It! extension will no longer receive feature updates in Plesk Onyx 17.8. We are delivering critical security fixes for the SSL It! extension in Plesk Onyx 17.8 until Plesk Onyx reaches end of life. We strongly recommend that you update to Plesk Obsidian for the best Plesk and SSL It! experience.

Sectigo SSL 1.2.2

5 April 2021

Customers now receive more detailed information about Sectigo organization validation process.
The Sectigo SSL extension will no longer receive feature updates in Plesk Onyx 17.8. We are delivering critical security fixes for the Sectigo SSL extension in Plesk Onyx 17.8 until Plesk Onyx reaches end of life. We strongly recommend that you update to Plesk Obsidian for the best Plesk and Sectigo SSL extension experience.

Git 1.2.2

5 April 2021

If a customer’s subscription has the Git management permission denied, the customer no longer sees the “Permission denied: the user does not have the manage permission” error instead of Plesk pages. We spotted this bug in the extension version 1.2.1. (EXTGIT-133)

Let’s Encrypt 2.12.8

1 April 2021

The Let’s Encrypt extension will no longer receive feature updates in Plesk Onyx 17.8. We are delivering critical security fixes for the Let’s Encrypt extension in Plesk Onyx 17.8 until Plesk Onyx reaches end of life. We strongly recommend that you update to Plesk Obsidian for the best Plesk and Let’s Encrypt extension experience.

DigiCert SSL 1.9.7

1 April 2021

The DigiCert SSL extension will no longer receive feature updates in Plesk Onyx 17.8. We are delivering critical security fixes for the DigiCert SSL extension in Plesk Onyx 17.8 until Plesk Onyx reaches end of life. We strongly recommend that you update to Plesk Obsidian for the best Plesk and DigiCert extension experience.

Git 1.2.1

30 March 2021

Added a detailed error message shown if the extension cannot perform git push because git-auto-push was configured for an add-on domain moved to another subscription. (EXTGIT-123)

G Suite 1.0.4

26 March 2021

Temporarily disabled creating new and transferring external G Suite subscriptions due to maintenance work.

SSL It! 1.7.9

17 March 2021

The extension now correctly processes certificates with more than one domain name in CN. (EXTSSLIT-1396)
The extension no longer incorrectly automatically resets the wildcard certificate assigned to a subdomain to “None”. (EXTSSLIT-1084)
Paid certificate orders will no longer disappear if users try to issue another certificate in a second browser tab opened before. (EXTSSLIT-1419)

DigiCert SSL 1.9.6

17 March 2021

Wildcard certificates from Digicert now secure webmail on domains. This improvement comes into effect as soon as the SSL It! extension version 1.7.9 is released.

DigitalOcean DNS 1.2.6

15 March 2021

DigitalOcean DNS extension will no longer receive feature updates on Plesk Onyx 17.8. Critical security fixes for DigitalOcean DNS extension on Plesk Onyx 17.8 will continue to be delivered until Plesk Onyx 17.8 reaches end-of-life. We strongly recommend updating to Plesk Obsidian for the best Plesk and DigitalOcean DNS extension experience.

DigiCert SSL 1.9.5

11 March 2021

The extension now shows correct statuses of www and wildcard components when wildcard certificate is installed. (EXTPLESK-2097)
The extension now validates domain correctly while a certificate is being issued. (EXTPLESK-2361)

DigitalOcean DNS 1.2.4

26 February 2021

Exceeding 200 domains no longer blocks the extension functioning and does not lead to the API rate limit issue. (EXTPLESK-2450)

Amazon RDS 1.0.3

26 February 2021

All Amazon regions are now present in the extension. (EXTPLESK-2446)
Changing the Plesk administrator’s interface language can no longer break the extension interface. (EXTPLESK-990)

SSL It! 1.7.8

20 February 2021

Security improvements
The extension can now secure the www subdomains of domain aliases with wildcard SSL/TLS certificates. (EXTSSLIT-1370)
The extension now saves issued valid SSL/TLS certificates in the extension storage even if the certificate installation failed for some reason. The extension can try installing the SSL/TLS certificates from the storage later. (EXTSSLIT-1378)
The “Keep secured” task now writes entries with correct domain names to panel.log. (EXTSSLIT-1373)

G Suite 1.0.3

17 February 2021

If the extension does not support a user’s G Suite subscription plan, the transfer of the subscription now changes the user plan to the the most suitable supported plan (G Suite Basic, G Suite Business, or G Suite Enterprise).

Advisor 1.8.4

16 February 2021

Added the recommendation to use the Virusdie extension.

DigitalOcean DNS 1.2.3

8 February 2021

The extension again correctly syncs Plesk NS records for vanity and branded nameservers with the DigitalOcean DNS service. (EXTPLESK-2403)

Joomla! Toolkit 2.4.4

4 February 2021

Added support for PHP 8.

Site Import 1.4.7

1 February 2021

Migration can no longer fail with the “PleskAPIInvalidSecretKeyException” error. (PMT-4890)

SEO Toolkit 1.1.13

1 February 2021

Log Analyzer can no longer get stuck in an infinite loop being constantly loaded. (XOVI-3738)
Resolved Side Audit issues that happened during the quick check. (XOVI-3049)
Fixed value formatting in Rank Tracker on the Position Trend chart.
Fixed PHP notifications in log files. (XOVI-3635)

Sectigo SSL 1.1.0

1 February 2021

Extended the list of certificates available for purchase by adding the following ones:
- PositiveSSL EV (EV certificate)
- InstantSSL (OV certificate)
- InstantSSL Wildcard (wildcard OV certificate)

SSL It! 1.7.7

29 January 2021

Added the certificate products coming in the next Sectigo SSL release to the default list.
Resetting the list of certificate products to the default value via the CLI no longer fails. (EXTSSLIT-1369)

Repair Kit 1.2.3

27 January 2021

If iotop is absent from the server on which Plesk is being installed, this no longer stops installation of Repair Kit and correspondingly installation of Plesk. (EXTPLESK-1827)
Fixed the output of the plesk ext repair-kit --help command. (EXTPLESK-1703)
Repair Kit now actually fixes the database inconsistencies. (EXTPLESK-1570)
Fixed the incorrect use of the term. Repair Kit in Power User view now shows the term “webspace” instead of “subscription”. (EXTPLESK-816)

Plesk Email Security 1.1.11

27 January 2021

Linux

Added an option to change the number of concurrent Amavis processes to the server settings. The default number is 10. Adjust it according to the server activity, available resources, and your MySQL configuration. If the number is too low, then not all emails can be processed directly on a busy server. If the number is too high, then a high load may occur on the MySQL database.

Note: A change of the number restarts Amavis and Postfix.
Added the forced expiry check call (the --force-expire option) to the daily Bayes train cron. The call forces the database sync and the expiry run.
Added a check for Sieve rules containing the “X-Spam-Flag” keyword to avoid conflicts with the rule necessary for the extension.

Plesk Migrator 2.20.3

25 January 2021

Added MySQL 8 support.

Plesk Onyx 17.8.11 Update 95

25 January 2021

Internal and security improvements.

Plesk Onyx 17.5.3 Update 98

25 January 2021

Internal and security improvements.

Microsoft Azure DNS 1.0.3

21 January 2021

Significantly improved the extension’s performance.

DigiCert SSL 1.9.4

21 January 2021

The extension now shows correct statuses of the organization validation steps. (EXTPLESK-2343)

Sectigo SSL 1.0.1

20 January 2021

Minor internal improvements.

Amazon S3 Backup 1.4.3

20 January 2021

After configuring the Amazon S3 Backup extension via the CLI, it is no longer shown as not configured in the Plesk interface. (PPPM-13332)

SSL It! 1.7.6

18 January 2021

Temporarily disabled the session resumption option. (EXTSSLIT-1351)
If a domain is without hosting and the mail service is disabled, the extension interface now shows the link to configure the mail settings to secure webmail with a certificate. (EXTSSLIT-1232)

DigitalOcean DNS 1.2.2

18 January 2021

DNS records of Plesk domains can now be resynced with DigitalOcean DNS.
Significantly improved the extension’s performance.
The DigitalOcean DNS extension now shows a warning if some DNS records were not synced. (EXTPLESK-1852)

Sectigo SSL 1.0.0

15 January 2021

Initial release. The extension gives the ability to buy SSL/TLS certificates from Sectigo in the SSL It! extension. At the moment, the following certificates are available for purchase:
- PositiveSSL (DV certificate)
- PositiveSSL Wildcard (wildcard DV certificate)

Plesk Migrator 2.20.2

30 December 2020

Improved processing of encrypted data in backups.
Plesk Migrator no longer tries to migrate content of disabled mail accounts. (PMT-4756)
Plesk Migrator no longer tries to migrate hidden Plesk extensions. (PMT-4790)
Customers’ and resellers’ login names that contain digits are now shown in the Plesk Migrator interface. (PMT-4791)
Improved mail migration stability. (PMT-4865)

Linux

Plesk Migrator can now migrate databases whose tables have the ROW_FORMAT=FIXED option. (PMT-4814)
Migration no longer fails when the HTTPD_VHOSTS_D variable contains capital letters. (PMT-4863)

Windows

ODBC DSN connections are no longer false positively marked as “failed” after migration. (PMT-4824)

Advisor 1.8.3

24 December 2020

The extension now suggests NTP time synchronization only on those OSes that support it. (EXTADVISOR-858)

Repair Kit 1.2.2

18 December 2020

After the password of the Plesk database server was changed via the API, opening Tools & Settings > MySQL Process List (Beta) no longer shows an HTTP error 500. (EXTPLESK-1331)
The interface of “Diagnose & Repair” in “Tools & Settings” can now show check results that contain a large number of detected issues. (EXTPLESK-1707)
Sorting by columns now works in “MySQL Process List (Beta)” in “Tools & Settings”. (EXTPLESK-1702)
Improved the tooltip text shown for “Process List” in the left navigation pane. (EXTPLESK-1871)

Linux

“MySQL Process List (Beta)” in “Tools & Settings” now correctly calculates the total RAM usage. (EXTPLESK-1854)

Windows

If Plesk on Windows Server 2016 is opened with Internet Explorer 11, “MySQL Process List (Beta)” in “Tools & Settings” no longer shows an empty screen. (EXTPLESK-1657)

Diskspace Usage Viewer 2.0.9

17 December 2020

Linux

Tightened restrictions for deleting files from the Plesk system directories.

WordPress Toolkit 4.10.5

16 December 2020

Security improvements.

Docker 1.4.7

15 December 2020

Linux

After the extension’s installation on CloudLinux 8, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8, the extension’s interface is now available. (EXTDOCKER-114)
The extension’s installation can no longer fail in Plesk with the “ERR [panel] Task is not responding: id=666, pid=3435, type=ext-catalog-install” error. (EXTDOCKER-113)

Domain Connect 1.4.1

11 December 2020

Security improvements.

Google PageSpeed Insights 2.1.6

4 December 2020

Improved statistics handling to avoid too many log entries.
Updated the cacert.pem file to the latest version provided by Mozilla.
Fixed handling of the response from the new API version in the scheduled task.

Plesk Onyx 17.8.11 Update 94

1 December 2020

Security improvements.

Plesk Onyx 17.5.3 Update 97

1 December 2020

Security improvements.
Improved the stability of daily tasks. (PPPM-12506)

Plesk Onyx 17.0.17 Update 86

1 December 2020

Security improvements.

SSL It! 1.7.4

1 December 2020

Accessing the SSL It! page for a domain no longer results in a 500 error if the product that was used to secure the domain has since been disabled in the SSL It! product list. (EXTSSLIT-1287)

DigiCert SSL 1.9.3

27 November 2020

Customers can now choose methods of domain control validation (DCV).
Customers now receive more detailed information about DigiCert organization validation process.
Customers now see a suggestion to turn off a 301 redirect from HTTP to HTTPS to pass DCV while a certificate is being issued.

Let’s Encrypt 2.12.3

24 November 2020

The extension no longer sends repetitive email notifications about usage of the deprecated API protocol. (EXTLETSENC-945, EXTLETSENC-946)

Plesk Email Security 1.1.10

24 November 2020

Linux

Limited socket bind to the loopback interface (local IPv4 address). (EXTCERT-3226)

SSL It! 1.7.3

23 November 2020

The extension no longer sends repetitive email notifications about usage of the deprecated API protocol. (EXTSSLIT-1263)
The extension can no longer incorrectly treat DigiCert Wildcard OV certificates as DV ones. (EXTSSLIT-1173)

Plesk Onyx 17.8.11 Update 93

19 November 2020

Windows

Fixed the issue with memory leak on servers with a lot of domains (more than 1,000). (PPPM-11677)

Diskspace Usage Viewer 2.0.8

19 November 2020

Linux

The extension now calculates the block size instead of the apparent size. (EXTCERT-3206).

Node.js 1.4.0

16 November 2020

Removed a non-existent Plesk class from the extension. The extension is no longer occasionally broken with the “Class ‘CommonPanel_Validate_FileSharing_FolderName’ not found” error. (EXTNODEJS-128)

My Start Page 1.1.1

12 November 2020

The absolute URL is now used for redirect to avoid redirect errors.

Git 1.2.0

11 November 2020

Security improvement.

Plesk Onyx 17.8.11 Update 92

9 November 2020

Linux

Fixed sw-engine segfaults on Ubuntu 18.04. (PPPM-10653)

Plesk Email Security 1.1.9

9 November 2020

Linux

Completely revised the statistics functionality to speed up the calculation to avoid timeouts or blank pages. (EXTCERT-3157)
Reverted the hostname in the Amavis configuration file to localhost and enabled httpd_can_network_connect_db policy for SELinux. If you still encounter database connection issues, then disable enforcing mode in SELinux. (EXTCERT-3178)
Fixed the saving process of custom settings if an email address contains the & (ampersand) character. (EXTCERT-3177)

DigiCert SSL 1.9.2

3 November 2020

Internal improvements.

Site Import 1.4.6

2 November 2020

Mail migration from Yahoo servers no longer fails. (PMT-4860)

Plesk Email Security 1.1.8

2 November 2020

Linux

Improved an error message for the config checker. (EXTCERT-3138)
Score entries in exponential notation are now handled properly. (EXTCERT-3147)
To avoid false-positive spam detection, 0 spam score is now forced for the deprecated DNS_FROM_AHBL_RHSBL check. (EXTCERT-3168)
Fixed a database connection issue with SELinux in enforcing mode. (EXTCERT-3139)
Fixed the symbolic link creation in the SpamAssassin installation process. (EXTCERT-3157)

Plesk Migrator 2.20.1

28 October 2020

Migration from DirectAdmin no longer occasionally fails to be started. (PMT-4848)
Migration from cPanel to Plesk on CentOS 8 now preserves group and other permissions. (PMT-4840)
Migration to a remote Microsoft SQL server no longer fails with the “AttributeError: ‘NoneType” error. (PMT-4852)
Improved the interface error reporting when config.ini does not contain mandatory parameters. (PMT-4856, PMT-4857)

Plesk Mobile Center 1.3.0

27 October 2020

Install the latest version of the Plesk Mobile application in Apple Store and Google Play.

Added iOS 14 support.
Added Android 11 support.
Added FaceID support.
Domains can now be sorted by name.
Push notifications are now enabled by default.

SSL It! 1.7.2

27 October 2020

The “Keep secured” feature enabled for the www subdomain (www.example.com) now actually secures the subdomain and the message shown next to it informs that a valid certificate will be later automatically issued and installed. (EXTSSLIT-1222)
Improved detection of the website security status shown in Websites & Domains. The status now reflects the fact that the www subdomain can be or can be not secured depending on the actual configuration (enabled “Keep secured”, “HSTS”, and so on). (EXTSSLIT-1192)

SSL It! 1.7.1

20 October 2020

After a certificate purchase in Plesk Online Store, the certificate order is now automatically reloaded in SSL It!.
If the DigiCert SSL extension is installed, the SSL It! extension can now be installed without any errors. (EXTSSLIT-1211)
SSL It! now generates the list of the recommended extensions dynamically based on the extensions actually available in the Extensions Catalog. If SSL It! cannot show any recommended extensions (for example, they are blocked), SSL It! will show the corresponding message. (EXTSSLIT-1205)
Improved an error message shown when the “Keep Plesk secured” feature ran earlier than Plesk was initialized. (EXTSSLIT-1209)

Let’s Encrypt 2.12.2

16 October 2020

Translated the Let’s Encrypt description shown in the SSL It! extension. (EXTLETSENC-932)

DigiCert SSL 1.9.1

16 October 2020

SSL/TLS certificates from DigiCert issued for a domain (for example, example.com) now also secure the www subdomain (www.example.com) automatically.
The extension no longer supports the legacy DigiCert API. To issue SSL/TLS certificates from DigiCert, users need to install the SSL It! extension.
Translated the DigiCert description shown in the SSL It! extension. (EXTPLESK-2094)
SSL/TLS certificates from DigiCert do not support SAN. Fixed the incorrect description that said otherwise. (EXTPLESK-2047)

Plesk Migrator 2.20.0

14 October 2020

External IDs of customers, resellers, and subscriptions can now be migrated in the extension’s interface. Previously, it was possible to migrate external IDs only via the CLI.
It is now possible to install the extension in Plesk on CloudLinux that has LVE Manager installed. (PMT-3777, PMT-4832)
If the source DirectAdmin server has MySQL 5.7 or later, the extension now migrates database users without any errors. (PMT-4746)
Mail migration from DirectAdmin now works for accounts not owned by the administrator. (PMT-4816)
Migration of Microsoft SQL 2019 databases no longer fails with the “Access is denied” error. (PMT-4817)
Email messages migrated twice are no longer displayed as source code. (PMT-4820)
In Plesk for Windows, permissions of FTP users are now completely migrated. (PMT-4821)

WordPress Toolkit 4.10.4

13 October 2020

Added notification prompt about updating to Plesk Obsidian.

SSL It! 1.7.0

13 October 2020

Added the “Keep Secured” feature for Plesk (Tools & Settings > SSL/TLS Certificates (under “Security”)). The feature is enabled by default and automatically secures Plesk with an SSL/TLS certificate from Let’s Encrypt.
Users that purchased SSL/TLS certificates are now automatically redirected from Plesk Online Store back to the SSL It! page.
Added the ability to cherry pick the exact components (mail, webmail, and/or the “www” subdomain) for which users can enable “Keep Secured”.
If a website is not secured with a valid SSL/TLS, Plesk UI notifications inform the website owner about it and suggest securing the website with a valid certificate on the SSL It! page.

Repair Kit 1.2.1

12 October 2020

Introduced timeouts for the plesk repair operations. If an operation takes longer than expected, the extension’s interface is unlocked and ready for new tasks. This improvement solves the issue when the extension’s interface hung because of a failed operation.

By default, the extension has preconfigured timeout values. They are specified by the aspectTimeout settings in panel.ini, for example:
```
[ext-repair-kit]
aspectTimeoutMail = 30 minutes
```
The “MySQL Process List (Beta)” button in Tools & Settings > Process List (under “Assistance and Troubleshooting”) now opens the MySQL process list instead of showing the “Request failed with status code 500” error. (EXTPLESK-2075)
If the extension does not work because the /var/log/plesk directory has the incorrect permissions, the extension now shows a clear error message, which may help users to fix the issue. (EXTPLESK-2082)
The extension now correctly runs the plesk repair utility with custom parameters instead of showing the “t.map is not a function” error. (EXTPLESK-1298)
The extension now shows the overall CPU usage correctly. (EXTPLESK-2076)

Let’s Encrypt 2.12.1

8 October 2020

The Let’s Encrypt extension installed without the SSL It! extension cannot automatically renew SSL/TLS certificates that secure mail. The extension now shows the corresponding message and suggests installing SSL It!. (EXTLETSENC-884)

Extension Catalog 1.13.3

8 October 2020

Minor internal improvements.

Extension Catalog 1.13.1

5 October 2020

If the Extensions Catalog does not show prices for certain items for any reason, users will be redirected to Plesk Online Store to buy these items.

Plesk Email Security 1.1.7

2 October 2020

Linux

Fixed and improved the statistics calculation. (EXTCERT-3099)
Optimised the update task for the statistics calculation to avoid database timeout locks on servers with high mail traffic. (EXTCERT-3065)
Resolved conflicts of user-specific spam rules with webmail filters. (EXTCERT-3095)
The custom folder list is now loaded correctly for email addresses with capital letters. (EXTCERT-3128)
Removed a PHP notice from the config checker. (EXTCERT-3122)

Extension Catalog 1.13.0

29 September 2020

The Plesk administrator and additional administrators can now purchase extensions without leaving the Extensions Catalog.
A purchased extension is now automatically installed and the extension’s license key is now automatically received.

Plesk Onyx 17.8.11 Update 91

28 September 2020

Third-Party Component Updates

Linux

Updated Horde to version 5.2.23, which includes a fix for a major security issue.

We strongly recommend that you update Plesk.

Plesk Onyx 17.5.3 Update 96

28 September 2020

Third-Party Component Updates

Linux

Updated Horde to version 5.2.23, which includes a fix for a major security issue.

We strongly recommend that you update Plesk.

Panel.ini Editor 3.2.3

24 September 2020

Minor internal improvements.

Let’s Encrypt 2.12.0

17 September 2020

The extension now supports a new chain of trust based on ISRG Root. Before January 11, 2021, the old IdenTrust root remains the default one, while the new ISRG Root is an alternative one. After January 11, 2021, the extension will issue SSL/TLS certificates based on the new ISRG Root, while the old IdenTrust root will become an alternative one.

To have the extension issue SSL/TLS certificates based on the alternative root (which is ISRG Root before January 11, 2021, and IdenTrust after this date), add the following lines to panel.ini:
```
[ext-letsencrypt]
use-alternate-root = true
```
Improved an error message shown when the “Keep secured” task fails if the email address of a domain owner is missing. (EXTLETSENC-887)

Plesk Email Security 1.1.6

17 September 2020

Linux

Added the “Install” button to the Amavis service infobox. Users can now trigger the installation manually from the interface.
A new Amavis package is installed automatically on CentOS servers in an update from version 1.1.5.
Improved how custom email folders are loaded for the user-specific selection list. (EXTCERT-3092)
Improved ClamAV installation handling required for Ubuntu 20.04.

WordPress Toolkit 4.10.2

16 September 2020

WordPress installations accessible via several domains with the same docroot can now be updated properly. (EXTWPTOOLK-5566)

DigiCert SSL 1.9.0

11 September 2020

The DigiCert SSL extension now supports DigiCert APIv2.
The DigiCert SSL extension UI has been integrated with the SSL It! extension. From now on, please issue SSL/TLS certificates via SSL It! The DigiCert standalone UI can be used to finish orders placed via the legacy DigiCert API. The DigiCert standalone UI does not support DigiCert APIv2 and will be removed in the future.
By default, SSL It! only shows a small subset of all available SSL/TLS certificates. To see more certificates, go to “Extensions” > “My Extensions” > “SSL It!” and click “Configure”.
Ordering a secure site wildcard certificate from Symantec for a wildcard subdomain (for example, “*.example.com”) no longer fails. (EXTPLESK-1600)
Ordering a RapidSSL certificate no longer fails when the certificate’s owner country is set to “United Kingdom of Great Britain and Northern Ireland”. (EXTPLESK-1695)
Starting to order a certificate for a subscription and then renaming it before finishing the order will no longer result in failures. (EXTPLESK-1634)
Fixed several translation issues.

WordPress Toolkit 4.10.0

10 September 2020

Site administrators can now back up and restore individual WordPress sites using the brand new ‘Back Up / Restore’ functionality exclusive to WordPress Toolkit. Site backup files are included in subscription backups by default, so site administrators can use Plesk Backup Manager functionality like scheduled backups or backing up to cloud for further processing. Note: this feature isn’t available on Plesk 17.8 Onyx for Windows.
Updated and improved multiple text messages shown in the product.
Security improvements.
Updating WordPress to version 5.5.1 does not trigger wp-cli errors anymore. (EXTWPTOOLK-5490)
Additional user accounts no longer blow up WordPress Toolkit (figuratively speaking), when accessing Plugins or Themes tabs. (EXTWPTOOLK-5219)
Server administrators now can access default plugin and theme sets on cloned Plesk installations. (EXTWPTOOLK-3132)
“Change default database table prefix” security measure does not fail anymore if database table has a period in its name. (EXTWPTOOLK-5376)
WordPress Toolkit no longer fails to remove one of several WordPress sites if another site under the same user account was broken in a quite specific way that we’d better not explain here for brevity’s sake. (EXTWPTOOLK-5486)
“Update Site URL” control now works properly in List view. (EXTWPTOOLK-5037)

SSL It! 1.6.0

9 September 2020

In Plesk for Windows, domains with the “Forwarding” hosting type can now be secured via SSL It!.
The extension now supports the latest Mozilla preset in Plesk Obsidian. Also improved the UX and fixed a number of issues that the new preset can cause. (EXTSSLIT-541)

Note: The “modern” preset is not supported on CentOS 8.
Added the new “Session resumption” settings: session_timeout and session_cache improve the security and also increase the load speed of a website by speeding up the TLS handshake.
Improved the SSL It! interface when the website status is “Security can be improved”. Now it should be easier for users to understand which settings to turn on to get the the “Safe and sound!” status.
The “Keep websites secured” feature no longer substitutes a custom email in an SSL/TLS certificate with one that belongs to the website owner. (EXTSSLIT-531)
Checkboxes are now again shown in the extension’s interface opened in Safari. (EXTSSLIT-1080)
If an issue occurred, the executed “Keep websites secured” task no longer substitutes the error message that explains the cause of the issue with an unrelated error message. (EXTSSLIT-1052)
The extension’s interface now works for a domain when the list of SSL/TLS certificates offered by SSL It! is empty and the domain has an alias. (EXTSSLIT-1047)
A subdomain secured with a wildcard SSL/TLS certificate is no longer wrongly shown as “Not secured” if the certificate was assigned to the main domain. (EXTSSLIT-669)

Plesk Onyx 17.8.11 Update 90

7 September 2020

Security improvements.

Windows

Updating to Plesk Obsidian no longer fails with the “Operation did not complete successfully because the file contains a virus or potentially unwanted software” error. (PPPM-12266)

Plesk Email Security 1.1.5

7 September 2020

Linux

Fixed Amavis installation issues on newer CentOS systems. (EXTCERT-3078)

DigiCert SSL 1.8.4

7 September 2020

Fixed the issue where icons for DigiCert products were not shown in “SSL\TLS Certificates”. (EXTPLESK-2034)

WordPress Toolkit 4.9.2

25 August 2020

It is now possible again to change database setting via the CLI for existing WordPress sites. (EXTWPTOOLK-5384)

Plesk Email Security 1.1.4

18 August 2020

Linux

Now the component will not be configured during update if the components’s installation has not been completed by a user. (EXTCERT-3048)

PHP Updates

17 August 2020

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.21.
Updated PHP 7.2 to version 7.2.33.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.33.

Plesk Email Security 1.1.3

14 August 2020

Linux

Changed the ordering of the ClamAV removal call in the installation process. (EXTCERT-3031)
Fixed the wrong spam filter behaviour when the server-wide action was set to “Move spam to the Spam folder”, while the individual mailbox action was set to “Mark spam messages…”. (EXTCERT-3044)

DigiCert SSL 1.8.3

12 August 2020

Improved the overall performance of the Digicert SSL extension as a plugin of the SSL It! extension. (EXTPLESK-2017)

SSL It! 1.5.3

11 August 2020

Sped up the load time of Plesk pages if the extension is installed. (EXTSSLIT-1068)

Joomla! Toolkit 2.4.3

11 August 2020

Added the administrator login button to the domain overview page - the button is only displayed if the credentials are provided.
Improved the bulk process result message if errors occur during the long task process.
Batch Update (Core&Extensions) - The update process does not stop if an extension update fails. (EXTCERT-3034)
Fixed the backup limit set to 0 (not unlimited) and the error message if the limit is reached. (EXTCERT-3026)
Fixed the backend link in the row view - if auto-login is possible, the direct administrator link is displayed.

WordPress Toolkit 4.9.1

5 August 2020

WordPress Toolkit version and build number is now displayed on top of the “WordPress Toolkit Settings” screen.
CLI utility for the Update Site URL feature was added. It can be accessed through the plesk ext wp-toolkit --update-site-url command.
CLI utility for managing various wp-config.php settings was added. It can be accessed through the plesk ext wp-toolkit --wp-config command.
Security measure “Block access to potentially sensitive files” now also blocks public access to .ini files. This change is not applied automatically: to enforce it, reapply the measure on required websites.
Installing a WordPress site via WPT CLI will no longer display unnecessary and overwhelming information in a background task window inside Plesk UI. (EXTWPTOOLK-5217)
Jetpack plugin is now installed without PHP errors on Plesk for Windows. (EXTWPTOOLK-5259)

SSL It! 1.5.2

5 August 2020

Email notifications about failed renewal of wildcard certificates on domains with the external DNS service are now sent according to the notification settings. (EXTSSLIT-1056)

Plesk Onyx 17.0.17 Update 85

3 August 2020

Security improvements.

Plesk Onyx 17.8.11 Update 89

27 July 2020

Security improvements.

Plesk Onyx 17.5.3 Update 95

27 July 2020

Security improvements.

PHP Updates

27 July 2020

Plesk Onyx 17.8.11

Linux

Argon2 usage in PHP 7.2 and 7.3 no longer causes errors in PHP applications (for example, 503 HTTP errors during attempts to log in to TYPO3 and Nextcloud). (PPP-49780)

Plesk Onyx 17.5.3

Linux

Argon2 usage in PHP 7.2 and 7.3 no longer causes errors in PHP applications (for example, 503 HTTP errors during attempts to log in to TYPO3 and Nextcloud). (PPP-49780)

WordPress Toolkit 4.9.0

23 July 2020

Server Administrators can now use Service Plans to limit the number of WordPress sites that customers can install and manage in WordPress Toolkit.
“Global Settings” screen now has the option to define the default database table name prefix for new WordPress installations.
It’s now possible again to log in to WordPress installations after changing the access password in WordPress Toolkit and not refreshing the installation info via “Refresh” button or other means. (EXTWPTOOLK-5156)
Security measures are no longer applied to detached websites. (EXTWPTOOLK-5107)
Redundant backslashes in non-English email notifications from bug EXTWPTOOLK-4699 have returned from the dead and were quickly sent back packing. (EXTWPTOOLK-5042)
Websites can now be properly cloned if their scheduled task created to replace native wp-cron has no description. (EXTWPTOOLK-5033)
Update version of manually uploaded plugins and themes is now detected correctly. (EXTWPTOOLK-4966)
WordPress Toolkit working in Lite mode now correctly accepts update settings specified by users in wp-config.php file. (EXTWPTOOLK-682)

Plesk Migrator 2.19.6

23 July 2020

The extension can now migrate large mailboxes (more than 2 GB) to SmarterMail at a time.
Migration now works if the source server has freshly installed cPanel of the latest version. (PMT-4795)

Advisor 1.8.2

23 July 2020

Added the recommendation to install the Imunify360 extension.

SSL It! 1.5.1

21 July 2020

No error now occurs when the “keep-secured” scheduled task tries to renew a certificate uploaded manually to a domain. (EXTSSLIT-1036)

SSL It! 1.5.0

17 July 2020

The list of secured components on a domain’s SSL It! page was rearranged. Absence of a non-wildcard certificate and a certificate that secures mail is no longer displayed as an error at the top of “Secured Components”.
If panel.ini contains invalid values of SSL It! settings, a domain’s SSL It! page no longer fails to be opened with a 500 HTTP error. (EXTSSLIT-959)
A certificate can now be issued for a domain that is used to access Plesk (the “Customizing Plesk URL” feature). (EXTSSLIT-962)
IDN domain aliases can now be automatically renewed. (EXTSSLIT-978)

Windows

If SmarterMail is selected as a webmail client, webmail can now be secured.
When SmarterMail is selected as a webmail client, renewal of a Let’s Encrypt certificate that secures webmail no longer resets the webmail status to “Not secured”. (EXTSSLIT-886)

DigiCert SSL 1.8.2

17 July 2020

Users can specify “The United Kingdom (UK)” in contact information while issuing a certificate. (EXTPLESK-1695)

PHP Updates

14 July 2020

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.20.
Updated PHP 7.2 to version 7.2.32.
Introduced PHP updates are the last ones for Debian 8 “Jessie”. See Plesk EOL Policy for details.

Linux

Updated the following PHP components shipped with Plesk:
- ionCube to version 10.4.0.
- Redis to version 5.3.0.
- xdebug to version 2.9.6.
- Imagick to version 3.4.4.
- PEAR components: Pear to version 1.10.12, Archive_Tar to version 1.4.9, Console_Getopt to version 1.4.3, and XML_Util to version 1.4.5.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.32.
Introduced PHP updates are the last ones for Debian 8 “Jessie”. See Plesk EOL Policy for details.

Linux

Updated the following PHP components shipped with Plesk:
- ionCube to version 10.4.0.
- Redis to version 5.3.0.
- xdebug to version 2.9.6.
- Imagick to version 3.4.4.
- PEAR components: Pear to version 1.10.12, Archive_Tar to version 1.4.9, Console_Getopt to version 1.4.3, and XML_Util to version 1.4.5.

Plesk Mobile Center 1.14

14 July 2020

The extension now uses a new Apple Push Notification service certificate.

Let’s Encrypt 2.11.0

9 July 2020

Sped up the remove-expired-tokens.php task. Expired tokens are now removed faster from the acme-challenge directory on servers with a large number of domains. (EXTLETSENC-845)
A certificate can now be issued for a domain that is used to access Plesk (the “Customizing Plesk URL” feature). (EXTLETSENC-874)
The server setting of panel.ini is now removed as deprecated. (EXTLETSENC-879)

G Suite 1.0.2

30 June 2020

The extension is now compliant with the new Google customer account transfer procedure.
If a password contains the & symbol, a G-Suite subscription can now be activated. (EXTPLESK-1961)
When a trial period ends, seats are now counted correctly. (EXTPLESK-1959, EXTPLESK-1890, EXTPLESK-1920)
G Suite licenses are now displayed correctly in the customer account after verification. (EXTPLESK-1921)

WordPress Toolkit 4.8.4

29 June 2020

Update of certain plugins & themes will not mark WordPress sites as broken if there were JSON decoding errors. (EXTWPTOOLK-4736)
Trying to update a commercial plugin or theme that requires a license will not cause JSON decoding errors anymore. (EXTWPTOOLK-5048)
Password protection can be enabled on websites that have a double quote character in the site title. (EXTWPTOOLK-5086)
Permalinks no longer can be broken under certain circumstances when plugins or themes are updated. (EXTWPTOOLK-5118)
Permalinks no longer can be broken under certain circumstances when a theme is activated. (EXTWPTOOLK-5119)

Plesk Onyx 17.0.17 Update 84

22 June 2020

Third-Party Component Updates

Linux

Updated RoundCube to version 1.2.10.

Windows

Updated MySQL 5.6 to version 5.6.48, which includes a fix for a number of security issues.

We strongly recommend that you update Plesk.

Panel.ini Editor 3.2.2

19 June 2020

Added a number of descriptions of the Let’s Encrypt extension’s settings.

Let’s Encrypt 2.10.2

19 June 2020

Panel.ini Editor now shows all necessary Let’s Encrypt settings. (EXTLETSENC-648)
After a Plesk daily task was executed, the “PHP Fatal error: Modules_Letsencrypt_CustomInfo” error no longer appears in the logs. (EXTLETSENC-861)

PHP Updates

17 June 2020

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.19.

Let’s Encrypt 2.10.1

16 June 2020

Windows

The extension can now issue an SSL/TLS certificate to secure the server hostname if no domain with this hostname and no default website exist in Plesk. (EXTLETSENC-855)
The extension no longer fails to issue SSL/TLS certificates if the common challenge directory support is enabled and the plesk binary path is absent from the IIS process environment. (EXTLETSENC-854)

WordPress Toolkit 4.8.3

9 June 2020

Windows

IIS web server configs are no longer erroneously applied to all domains in a subscription with shared IIS application pool if at least one of these domains had WordPress installed. (EXTWPTOOLK-5044)

Plesk Onyx 17.5.3 Update 94

8 June 2020

Third-Party Component Updates

Linux

Updated RoundCube to version 1.2.10.

Windows

Updated MySQL 5.6 to version 5.6.48, which includes a fix for a number of security issues.

We strongly recommend that you update Plesk.

SSL It! 1.4.1

5 June 2020

If a domain has a subdomain with the SSL support disabled, the SSL It! domain page no longer fails to be opened with a 500 HTTP error. (EXTSSLIT-955)
If domains have the SSL support disabled, only SSL/TLS certificates from Let’s Encrypt can now be selected to secure the domains’ webmail. Previously it was possible to select SSL/TLS certificates from DigiCert but they cannot secure webmail of the domains without the SSL support. (EXTSSLIT-952)
Domains are now again can be secured when they are created (when the “Secure the domain with Let’s Encrypt” option is selected). (EXTSSLIT-953)
When a domain was secured with an SSL/TLS certificate and then the SSL support for the domain was disabled, the “Websites & Domains” page for the domain is now opened without any issues. (EXTSSLIT-954)

G Suite 1.0.1

5 June 2020

Internal security improvements.

SSL It! 1.4.0

4 June 2020

In Plesk for Windows, significantly decreased a number of cases when the extension cannot issue a Let’s Encrypt certificate because the HTTP-01 challenge cannot be passed. To achieve this, we made the common challenge directory support turned on by default. This features has been already introduced in Plesk for Linux for quite some time. Now it works for Windows as well.

Note: If necessary, you can turn off the common challenge directory support via the CLI. However, we recommend that you always keep the support on.
The extension can now secure webmail on domains without web hosting.
The CLI can now manage wildcard certificates issue and turning on and off HSTS. To see details, use the plesk ext sslit –help command.
Added cache to store domains’ security status. In certain cases, it speeds up the loading of the extension’s domain screen.
Redesigned the extension’s icons to make them more in tune with the Plesk Obsidian style.
For non-Let’s Encrypt certificates, added the “Suggest renewing” indicator on a domain card. The indicator means that an SSL/TLS certificate is about to expire and the extension cannot renew it automatically. We suggest that users renew the certificate manually in due time.
When a domain is secured with a custom SSL/TLS certificate, the domain’s security status is now identified correctly. (EXTSSLIT-784)
When a domain has only its www alias secured (for example, only www.example.com is secured but not example.com), the “Domain with the “www” prefix` option” is no longer marked as not secured. (EXTSSLIT-802)
Significantly sped up Plesk search on servers that have a large number of subscriptions (more than 100) and the extension installed. (EXTSSLIT-806)
Cleaned up the code executed after a user clicks to issue or renew an SSL/TLS certificate. The extenion no longer shows the “Get it free” button instead of “Renew” and the “No CA plugins available” message by mistake. (EXTSSLIT-832)

WordPress Toolkit 4.8.2

2 June 2020

Corrected mistakes in English locale.
Additional fix was added for the issue previously addressed in WPT 4.8.1: Apache rewrite rules are no longer erroneously applied to all domains in a subscription if at least one of these subscriptions had WordPress installed. (EXTWPTOOLK-5017)

DigitalOcean DNS 1.2.1

1 June 2020

Synced locale languages supported by the extension.

WordPress Toolkit 4.8.1

1 June 2020

Under certain circumstances, Apache rewrite rules could stop working with enabled hotlink protection, block authors scan, or bot protection security measures. (EXTWPTOOLK-5009)

Plesk Onyx 17.8.11 Update 88

1 June 2020

Third-Party Component Updates

Linux

Updated RoundCube to version 1.3.11.

Windows

Updated MySQL 5.7 to version 5.7.30, which includes a fix for a number of security issues.
Updated MySQL 5.6 to version 5.6.48, which includes a fix for a number of security issues.

We strongly recommend that you update Plesk.

WordPress Toolkit 4.8.0

29 May 2020

Server administrators can now define default WordPress installation language in the global WordPress Toolkit settings.
CLI command for enabling and disabling Smart Updates on a site was added. Run plesk ext wp-toolkit --smart-update to access it.
Plugins and themes that require a license for automatic update will now cause a proper error message when users try to update them via WordPress Toolkit without a license.
Backup / Restore links now always lead to the corresponding subscription’s Backup Manager screen. (EXTWPTOOLK-1582)
Smart Updates can now update plugins and themes uploaded manually to WordPress Toolkit if their updates were also manually uploaded to WPT. (EXTWPTOOLK-4080)
WordPress Toolkit buttons are now properly displayed in Action List if Plesk is in restricted mode. (EXTWPTOOLK-4596)
German translation for multisites was corrected. (EXTWPTOOLK-4627)
Certain manually uploaded plugins with incorrect plugin slugs no longer display a broken Changelog link. (EXTWPTOOLK-4662)
It is no longer possible to disable native wp-cron on WordPress sites that use disabled or absent PHP handler. (EXTWPTOOLK-4799)

Let’s Encrypt 2.10.0

28 May 2020

Automatic renewal of Let’s Encrypt certificates no longer fails when a domain has a large number of secured subdomains (more than 200). (EXTLETSENC-644)
Challenge token files (which are created after certificates failed to be renewed or issued) are now deleted after 3 months. The extension’s folders are no longer cluttered. (EXTLETSENC-676)
In Plesk for Windows with Bind, wildcard challenge DNS records are now added automatically to the DNS zone of a domain that you try to secure with a wildcard certificate. (EXTLETSENC-813)

Let’s Encrypt 2.9.1

28 May 2020

We have created the current extension’s “maintenance only” fork for Plesk Onyx 17.5 and earlier and labeled it version 2.9.1. We do not plan to update the fork unless any essential security fixes are necessary. We will introduce major changes updating only the master branch for Plesk Onyx 17.8 and Plesk Obsidian. See these changes starting with the extension’s version 2.10.0.
Internal security improvements.

Plesk Onyx 17.8.11 Update 87

25 May 2020

Security improvements.

Third-Party Component Updates

Updated Horde to version 5.2.22.

Plesk Onyx 17.5.3 Update 93

25 May 2020

Security improvements.

Third-Party Component Updates

Updated Horde to version 5.2.22.

Plesk Onyx 17.0.17 Update 83

25 May 2020

Third-Party Component Updates

Updated Horde to version 5.2.22.

Amazon Route 53 2.8.0

20 May 2020

It is now possible to have white-label or vanity name server with Amazon Route 53. To configure them, users need to select the “Manage NS and SOA records” checkbox and then follow step 7 and further in the Amazon Route 53 guide.

The feature described above was introduced by the extension’s user. We express our gratitude and welcome the contribution of Amazon Route 53 users into further development of the extension.
Added the warning message shown after users click the “Sync All Zones” button. The warning explains that Plesk will overwrite all DNS records in Route53 with those in Plesk and will remove those DNS records from Route53 that do not exist in Plesk.
The extension can now handle 2048-bit DKIM keys. (EXTPLESK-286)

PHP Updates

18 May 2020

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.18.
Updated PHP 7.2 to version 7.2.31.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.31.

Plesk Onyx 17.8.11 Update 86

12 May 2020

Linux

It is now possible to migrate multiple subscriptions when qmail is an MTA on the target server. (PPPM-11901)

WordPress Toolkit 4.7.4

12 May 2020

Updated the hint for “Disable wp-cron” feature in accordance with official WordPress documentation.

Domain Traffic Monitor 1.3.2

6 May 2020

vhosts-traffic-monitor now restarts successfully when the worker process is dead but the pidfile exists. (EXTPLESK-1235)

WordPress Toolkit 4.7.3

30 April 2020

Fine-tuned Jetpack license checks to avoid clogging up the log files.
Update of WordPress Toolkit extension no longer fails under certain specific conditions with “Value is not allowed. Allowed one numeric value and ‘*’” error. (EXTWPTOOLK-4798)

WordPress Toolkit 4.7.2

29 April 2020

A bunch of new default WordPress site names was added. Also, some of the gloomier old names were changed to more positive ones for the sake of cheering people up a bit.
Updated the destination of Changelog links on the Updates screen. (EXTWPTOOLK-4733)
It’s now possible to properly disable wp-cron.php if scheduled tasks with missing PHP handlers are present on the server. (EXTWPTOOLK-4764)

Plesk Onyx 17.0.17 Update

28 April 2020

Plesk now supports CentOS 7.8. (PPPM-11893)

Plesk Onyx 17.5.3 Update

28 April 2020

Plesk now supports CentOS 7.8. (PPPM-11893)

Plesk Onyx 17.8.11 Update

28 April 2020

Plesk now supports CentOS 7.8. (PPPM-11893)

DigitalOcean DNS 1.2.0

28 April 2020

It is now possible to authorize the extension using DigitalOcean API tokens as well as OAuth 2.
NS records for vanity DNS servers (“ns1.yourdomain.com” instead of “ns1.digitalocean.com”) are now correctly synchronized from Plesk to DigitalOcean.
Changes made to the TTL values of DNS zones in Plesk are now correctly synchronized to DigitalOcean. (EXTPLESK-1677)
CAA records created in Plesk are now correctly synchronized to DigitalOcean.(EXTPLESK-1745)

SSL It! 1.3.2

23 April 2020

Managing a domain’s SSL/TLS certificates using Internet Explorer no longer results in a blank page. (EXTSSLIT-822)

WordPress Toolkit 4.7.1

22 April 2020

Made nginx caching great again (well, now you can enable and disable it again). (EXTWPTOOLK-4746)

Plesk Onyx 17.0.17 Update 82

21 April 2020

Third-Party Component Updates

Linux

Updated ProFTPD to version 1.3.6c.

Plesk Onyx 17.5.3 Update 92

21 April 2020

Third-Party Component Updates

Linux

Updated ProFTPD to version 1.3.6c.

Plesk Onyx 17.8.11 Update 85

21 April 2020

Third-Party Component Updates

Linux

Updated ProFTPD to version 1.3.6c.

PHP Updates

20 April 2020

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.17.
Updated PHP 7.2 to version 7.2.30.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.30.

WordPress Toolkit 4.7.0

17 April 2020

WordPress Toolkit now can update paid plugins & themes, if these updates are available in the WordPress admin area. Note that certain plugins and themes do not support automatic updates, but display notifications about update availability anyway. This particulal scenario isn’t fully supported yet.
WordPress administrators now have the option to disable the execution of wp-cron.php via default WordPress mechanism. Enabling this option will automatically create a regular scheduled task in Plesk, which means users can manually adjust the frequency of wp-cron.php task execution on a per-site basis.
“Updates” window now displays Changelog links for plugins and themes.
It’s now possible to filter WordPress sites in the “Installations” list by their labels.
Reduced the number of screenshot creation timeouts.
Exterminated redundant backslashes in non-English email notifications. (EXTWPTOOLK-4699)
Remote WordPress sites connected via plugin can now be properly updated again. (EXTWPTOOLK-4622)
WordPress Toolkit now works again on Windows 2012 R2, if access to Plesk via port 443 is enabled. (EXTWPTOOLK-4166)
Creation time of restore points is not updated anymore if data copy or update procedure is carried out without creating a new restore point. (EXTWPTOOLK-4115)
Updates for manually uploaded plugins and themes will now be visible in the interface if they become available in WordPress admin area. (EXTWPTOOLK-1785)

SSL It! 1.3.1

16 April 2020

On CentOS 6 servers, automatic renewal of SSL/TLS certificates issued via the Let’s Encrypt extension no longer fails. (EXTSSLIT-821)

Advisor 1.8.1

16 April 2020

Adjusted the logic for the “Plesk Email Security” recommendation.

Advisor 1.8

15 April 2020

Plesk Advisor now recommends installing the Plesk Email Security extension.

SSL It! 1.3.0

10 April 2020

Changed the way how you customize the list of SSL/TLS certificates offered by SSL It!:
- You can now do so in the extension’s interface and via the CLI.
- The previous way of customization (via panel.ini) is no longer available. The corresponding panel.ini setting filteredProducts is now deprecated. If you used customization via panel.ini, use the CLI commands instead.
- Already done customizations continue working after the extension’s update.
The extension now uses the same CA bundle that comes with Plesk.
In Plesk Obsidian, the SSL It! security indicator on a domain card works significantly faster, which makes a difference for servers with a large number of domains.
Removed the additional check of SSL/TLS certificates implemented because of the Let’s Encrypt bug. The check is no longer relevant.
Issue of an SSL/TLS certificate no longer fails with the “Domain alias not found by id=…” error if the corresponding certificate order had had an associated domain alias that was then deleted while the order was pending. (EXTSSLIT-677)
A 500 HTTP error no longer occasionally occurs when users try to access the “SSL/TLS Certificates” screen of certain subscriptions. (EXTSSLIT-678)
The extension now correctly displays the security status of domains secured with SSL/TLS certificates from DigiCert if the domains’s names are mixed-case. (EXTSSLIT-745)
The extension now correctly displays the security status of a domain secured with a wildcard SSL/TLS certificate if the certificate was previously assigned to another domain. (EXTSSLIT-769)
The extension now correctly detects the “Keep websites secured” option state for domains created under a service plan that had both the SSL It! and WordPress Toolkit services selected. (EXTSSLIT-754)

Site Import 1.4.4

8 April 2020

Mail importing now works if the target server is remote SmarterMail 100. (PMT-4764)
Improved stability of mail importing if the target server is remote SmarterMail 100. (PMT-4765)

Plesk Email Security 1.0.4

6 April 2020

Revised rDNS check (EXTCERT-2841)
0 spam score is now allowed. (EXTCERT-2844)
Added the inet_acl option to the Amavis configuration file (EXTCERT-2813)
The ClamAV service is now stopped/started if the antivirus is disabled/enabled in the interface. (EXTCERT-2836)
User preferences from the Plesk SpamAssassin component are now imported only if the corresponding option is enabled in the settings. (EXTCERT-2806)
Added smtp_tls_security_level = none for internal communication for the Postfix configuration. (EXTCERT-2837)
Increased a number of concurrent processes to 5 to process more emails concurrently. (EXTCERT-2838)
The “TypeError: Cannot read property ‘remove’ of null” error is no longer shown. (EXTCERT-2819)
Quarantine no longer shows an error if quarantined emails are malformed. (EXTCERT-2843)
The Bayes Filter signatures dump is now downloaded to the correct path and Bayes Filter is now enabled by default. (EXTCERT-2818)

SEO Toolkit 1.1.9

3 April 2020

Fixed issues related to a number of available keywords in Rank Tracker.
Other internal fixes.

Git 1.1.4

3 April 2020

Linux

In Git version 2.16.0 and later, it is now possible to clone a remote Git repository even if it uses a non-standard SSH port. (EXTGIT-106)
When the git-helper utility is executed, the utility name is now shown. (EXTGIT-107)

Plesk Migrator 2.19.2

2 April 2020

Migration now works if the source or target server is remote SmarterMail 100. (PMT-4754)
Improved stability of migration if the target server is remote SmarterMail 100. (PMT-4760)
If the protected directory name contains the dot (.) character, the name of the protected directory user is no longer changed during migration. (PMT-3317)

Plesk Onyx 17.8.11 Update 84

31 March 2020

As a part of GDPR compliance changes: added the cookie information banner shown the first time users log in to Plesk. Users can now also set their cookie preferences in Plesk (using the corresponding button on the banner or going to Tools & Settings > Cookies in Plesk (under “Plesk”)).

Linux

DMARC checks no longer occasionally result in segmentation faults caused by some emails. (PPPM-10548)

Advisor 1.7.6

30 March 2020

Fixed the issue with incorrect links in the “Secure Websites With SSL/TLS Certificates” recommendation. (EXTADVISOR-808)

Advisor 1.7.5

27 March 2020

The free Comodo rule set became the default one in Advisor. On OSes where the Comodo rule set is not available, the free OWASP rule set became the default one.
Clicking the “Upgrade” button now opens the SSL It! extension’s screen. (EXTADVISOR-801, EXTADVISOR-802)
Fixed an invalid domain link provided by the “Secure Websites With SSL/TLS Certificates” recommendation. (EXTADVISOR-768)
If ModSecurity is turned off, the “Configure ModSecurity & Fail2ban” recommendation can be now applied without PHP warnings in logs. (EXTADVISOR-772)
After Fail2ban was disabled in panel.ini and then the “Configure ModSecurity & Fail2ban” recommendation was applied, the “pm_Exception: Could not enable jails” error is no longer shown. (EXTADVISOR-789)
Fixed license-related issues during ModSecurity and Fail2ban activation. (EXTADVISOR-798)
If Advisor could not enable ModSecurity with the Comodo rule set, ModSecurity is now enabled with the free OWASP rule set as the default one. (EXTADVISOR-803)
Unnecessary “PHP Deprecated Construction” error messages are no longer written to panel.log during Advisor installation. (EXTADVISOR-689)

Let’s Encrypt 2.9.0

26 March 2020

After Plesk was initialised, the extension now tries to automatically secure Plesk with an SSL/TLS certificate from Let’s Encrypt.
The extension now uses POST requests instead of GET requests in accordance with the Let’s Encrypt decision.
Removed the additional check of SSL/TLS certificates implemented because of the Let’s Encrypt bug. The check is no longer relevant.
If the DNS server is disabled, error messages are no longer shown in panel.log after wildcard SSL/TLS certificates were issued. (EXTLETSENC-707)
In Plesk for Linux, the “Exception: PHP Warning: array_filter” error messages are no longer reported when issuing wildcard SSL/TLS certificates. (EXTLETSENC-720)
A clear error message is now shown when users try to issue wildcard SSL/TLS certificates but the corresponding feature is disabled. (EXTLETSENC-741)
Auto-renew of SSL/TLS certificates no longer fails after a secured domain or subdomain was renamed. (EXTLETSENC-768)
Decreased the possibility of rare issues when IDN domains could not be secured with SSL/TLS certificates from Let’s Encrypt. (EXTLETSENC-573)

PHP Updates

24 March 2020

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.16.
Updated PHP 7.2 to version 7.2.29.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.29.

Docker 1.4.6

19 March 2020

The extension can now be installed on CentOS 8/RHEL 8. (EXTDOCKER-98)
After being installed on CentOS 8/RHEL 8, Docker Remote Node Management no longer shows an unclear error message. (EXTDOCKER-87)
It is now possible to specify environment variables whose names contain the period character (“.”). (EXTDOCKER-99)

Plesk Migrator 2.19.1

18 March 2020

If a database that is being migrated already exists on the target server but not registered in Plesk, the database is no longer overwritten with one from the source server. Plesk now detects such issues, does not migrate the database, and shows a warning message. (PMT-4723)
Migration from cPanel no longer fails if a password of the source database server is enclosed in single quotes. (PMT-4751)

Syslog Watch 1.2.1

17 March 2020

Logs are now automatically updated when the “Automatically append log content” option is enabled. (EXTPLESK-390)

WordPress Toolkit 4.6.0

12 March 2020

WordPress administrators can now automatically update their website URL in the WordPress database and wp-config.php file based on the actual current URL. This procedure is particularly useful after migrating a website from a different location like your local workstation. The Update Site URL feature is available in the “hamburger” (context drop-down menu) on a WordPress site card.
CLI utility for the Clone feature was added. It can be accessed through the plesk ext wp-toolkit --clone command.
CLI utility for the Data Copy feature was added. It can be accessed through the plesk ext wp-toolkit --copy-data command.
Remote sites with modified meta tag generators can now be properly connected to WordPress Toolkit, and their WordPress version is now properly detected. (EXTWPTOOLK-4468)
It is now possible to install WordPress via CLI if the document root path is specified as / or \. (EXTWPTOOLK-4457)
WordPress administrators are no longer forced to reapply security measures due to automatic WordPress core updates flagging the site as insecure. (EXTWPTOOLK-4127)
WordPress Toolkit now works on Internet Explorer 11 because what is dead may never die. (EXTWPTOOLK-4392)
Smart Updates of WordPress Core no longer fail with the “Exception: Warning: Failed to fetch checksums. Please cleanup files manually” error. (EXTWPTOOLK-4195)
Interactive elements and text in the headers of the sliding screens are now much more visible even when a customized color scheme is used. (EXTWPTOOLK-3612)
Additional services added to Plesk by WordPress Toolkit are now shown properly on Plesk Obsidian. (EXTWPTOOLK-3408)
Scan operation is no longer stuck if a website with a root symlink is found. (EXTWPTOOLK-3096)
Updates check task no longer fails if a domain with a WordPress site was changed from physical hosting to something else. To tell you the truth, it has been working properly for several years, we simply didn’t know for sure when exactly this bug was fixed. Well, better late than never! (EXTWPTOOLK-1042)

Plesk Migrator 2.19.0

11 March 2020

The extension can now migrate mail if the source mail server is SmarterMail 100.
The extension can now be installed in Plesk on CentOS 8.
After migrating mail, actual dates when emails were received are no longer changed to the date of migration on certain mail clients (for example Apple Mail). (PMT-4559)

Plesk Onyx 17.0.17 Update 81

10 March 2020

Third-Party Component Updates

Updated the “Horde_Data” library to version 2.1.5.

Let’s Encrypt 2.8.7

5 March 2020

Let’s Encrypt has found a bug and revokes some of its SSL/TLS certificates on March 4. This improvement solves the issue. The Let’s Encrypt extension will check domains as a part of the “Autorenew” feature, then will renew and replace affected Let’s Encrypt certificates. Future autorenew tasks will be done as usual when SSL/TLS certificates are about to expire.

To turn off the check and replacement of Let’s Encrypt certificates affected by the bug, add the following lines to the panel.ini file:
```
[ext-letsencrypt]
renew-lets-encrypt-revoked-certificates = false
```

SSL It! 1.2.2

4 March 2020

Let’s Encrypt has found a bug and revokes some of its SSL/TLS certificates on March 4. This improvement solves the issue. The SSL IT! extension will check domains as a part of the “Autorenew” feature, then will renew and replace affected Let’s Encrypt certificates. Future autorenew tasks will be done as usual when SSL/TLS certificates are about to expire.

To turn off the check and replacement of Let’s Encrypt certificates affected by the bug, add the following lines to the panel.ini file:
```
[ext-sslit]
renewLetsEncryptRevokedCertificates = false 
```

PHP Updates

25 February 2020

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.15.
Updated PHP 7.2 to version 7.2.28.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.28.

Plesk Onyx 17.5.3 Update 91

25 February 2020

Security improvements.
Changing a subscription’s PHP settings no longer locks the subscription if the “PHP version and handler management” permission is granted to the subscription.(PPPM-5442)

Third-Party Component Updates

Updated the “Horde_Data” library to version 2.1.5.

Plesk Onyx 17.8.11 Update 83

25 February 2020

Security improvements.
Changing a subscription’s PHP settings no longer locks the subscription if the “PHP version and handler management” permission is granted to the subscription.(PPPM-5442)

Third-Party Component Updates

Updated the “Horde_Data” library to version 2.1.5.

Plesk Email Security 1.0.2

21 February 2020

White and black list handling was improved for wildcard imports. (EXTCERT-2769)
Handling of the local DNS check was improved. (EXTCERT-2768)
A cleanup cron job was added for existing white and black list entries.
Description for white and black lists was improved.
Greylisting functionality was disabled to avoid delays in outgoing emails.
Sieve rules now have correct paths. (EXTCERT-2770)
Installing Plesk Email security and process services on CentOS 6 now works as intended. (EXTCERT-2767 & EXTCERT-2729)
Installation no longer fails when importing Plesk SpamAssassin configuration under certain circumstances. (EXTCERT-2756)
Making a request that cannot be executed no longer results in a “Config Check - Error” message. (EXTCERT-2729)

Site Import 1.4.3

20 February 2020

Website import can now be again launched. (PMT-4694)
After importing mail, actual dates when emails were received are no longer changed to the date of import on certain mail clients (for example, Apple Mail). (PMT-4559)
If the source Linux server has a custom umask set up (other than 0022), website import no longer fails with an error. If the target server has a custom umask set up, a website now correctly works after migration. (PMT-4730)

LDAP Auth 2.1.2

20 February 2020

Added error logging for failed cURL requests.

Plesk Onyx 17.8.11 Update 82

17 February 2020

Updated system packages to enable Plesk to connect to ext.plesk.com.

Third-Party Component Updates

Windows

Updated MySQL 5.7 to version 5.7.29, which includes a fix for a number of security issues.
Update MySQL 5.6 to version 5.6.47, which includes a fix for a number of security issues.
Update MySQL Connector/ODBC 5.3 to version 5.3.14, which includes a fix for a number of security issues.

We strongly recommend that you update Plesk.

Let’s Encrypt 2.8.6

13 February 2020

If an automatic renewal of a Let’s Encrypt certificate fails with the “Detail: Order’s status (“pending”) is not acceptable for finalization” or “Detail: No order for ID *****” error, the order is removed automatically. The next automatic renewal should complete with no errors. (EXTLETSENC-782)

Plesk Onyx 17.5.3 Update 90

11 February 2020

Linux

Updated system packages to enable Plesk to connect to ext.plesk.com.

Plesk Onyx 17.0.17 Update 80

11 February 2020

Linux

Updated system packages to enable Plesk to connect to ext.plesk.com.

Let’s Encrypt 2.8.5

7 February 2020

If users face the “No order for ID” error when they renew their SSL/TLS certificates, the extension fixes the error in the background and the users are asked to issue an SSL/TLS certificate once again, which helps in most cases. (EXTLETSENC-765)

Plesk Onyx 17.8.11 Update 81

3 February 2020

Security improvements.

WordPress Toolkit 4.5.1

31 January 2020

Proper text is now displayed instead of placeholders for filter names on Mass Update and Mass Security screens. (EXTWPTOOLK-4324)
Trying to retrieve Jetpack plan status on a site with Free Jetpack plan should not return a weird error anymore. (EXTWPTOOLK-4323)
WordPress can now be correctly installed without triggering the “Unable to download the WordPress package” error caused by a bug in Guzzle client. (EXTWPTOOLK-4326)
Users will no longer see a scary “500 Exception Permission Denied” server error when switching to a subscription without access to WordPress Toolkit. (EXTWPTOOLK-4165)
Smart Updates do not repeatedly fail with the same “plugin not found” task error anymore. (EXTWPTOOLK-4176)

Advisor 1.7.4

31 January 2020

The high and the highest server ratings are now shown correctly as a text and not as locale keys. (EXTADVISOR-784)

Plesk Email Security 1.0.1

31 January 2020

Added a button in the global settings that resets all user policies and applies only the global policy.
The anti-virus installation link in the dashboard directly opens the proper slide.
Added the Bypass Header rules to disable bad header blocks.
Fixed the installation process of the anti-virus with the installed Imunify repository on CentOS. (EXTCERT-2724)
Fixed a rare error when the email address is in the black and the white list at the same time. (EXTCERT-2715)
Removed the buy link from the description (the link is set in the Extension Catalog as an action button).
Newly created email accounts respect the current global server policy, not the hardcoded values.

G Suite 1.0.0

30 January 2020

Initial release

Amazon Route 53 2.7.3

30 January 2020

CAA records in Plesk can now be synced with Amazon Route 53. (EXTPLESK-1611)

WordPress Toolkit 4.5.0

27 January 2020

Users can now mark their sites with one of the predefined labels (for example, “Staging” or “Production”) for easier identification.
Commercial Jetpack plugin plans can now be purchased in the plugin installation interface by end-customers. To disable this ability on the server, add jetpackPluginUpgradeEnabled = false to your panel.ini file.
WordPress Toolkit can now properly clone and Smart Update sites on Linux OSes, if their wp-config.php file is set to read-only. (EXTWPTOOLK-4216)
Database dumps created during cloning are now properly removed if database import failed during the cloning for some reason. (EXTWPTOOLK-4131)
WordPress Toolkit no longer apologetically displays [object Object] message when users are clicking on “Remove” to remove a site without selecting anything. (EXTWPTOOLK-4159)
Plugin and theme images in the plugin or theme installation dialogs no longer occupy much more space than allowed on Plesk Obsidian in Safari. (EXTWPTOOLK-3992)
Preview screenshots no longer occupy much more space than allowed on Plesk Obsidian in Safari. (EXTWPTOOLK-3990)
WordPress Toolkit update no longer fails due to migration package dependencies. (EXTWPTOOLK-3981)
Site counters are no longer visually glued to filter names on “Updates” and “Security” screens for several sites. (EXTWPTOOLK-3827)
Fixed several translation issues.

PHP Updates

27 January 2020

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.14.
Updated PHP 7.2 to version 7.2.27.
Updated Xdebug to version 2.9.0.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.27.

Plesk Onyx 17.8.11 Update 80

27 January 2020

Security improvements.
Creating a backup in the FTP storage if the available cache size is insufficient now clearly indicates how much cache size is required for the backup to finish. (PPPM-11389)

Linux

Restoring a website with Drupal installed via the Application Catalog from a backup in Plesk no longer results in Drupal being inoperable. (PPPM-11382)

Plesk Onyx 17.8.11 Update 79

20 January 2020

Removing a DNS record causing an inconsistency in a DNS zone no longer fails. (PPPM-9653)

Windows

The “Tools & Settings” > “Database Servers” page, as well as the pages for Microsoft SQL Server servers registered in Plesk now load significantly faster. (PPPM-10956)

Third-Party Component Updates

Windows

Updated SpamAssassin to version 3.4.3.
Updated Git to version 2.24.1.

Plesk Migrator 2.18.0

20 January 2020

When migrating from cPanel to Plesk, DNS records are now migrated as well.
When migrating from DirectAdmin to Plesk, SSL is now enabled on the target servers for domains that had SSL enabled on the source server. (PMT-4684)
Migration from cPanel to Plesk no longer fails if one or more reseller-owned domains are being migrated and resellers are not supported on the target server (for example, because the Plesk administrator is in Power User view or because a license other than the Web Host Edition license is installed on the target server). (PMT-4691)
Gave the field for the IP address of the source server on the “New Migration” a more descriptive name. (PMT-4705)

Docker 1.4.5

14 January 2020

Using the ‘=’ (equal) character as the value of an environment variable no longer results in being unable to change the value of that environment variable. (EXTDOCKER-44)
The “Learn more” link now correctly leads to the up-to-date documentation. (EXTDOCKER-94)

WordPress Toolkit 4.4.1

27 December 2019

Two secret features were added.
Internal security improvements.
Set installation tasks happening simultaneousluy with WordPress Toolkit update to v4.4 no longer cause WordPress Toolkit to be inaccessible by clients. (EXTWPTOOLK-4089)
WordPress installation directory field does not lose input focus anymore. (EXTWPTOOLK-4043)
Plugins and themes can now be properly uploaded to certain directories via CLI on Plesk Obsidian. (EXTWPTOOLK-4037)
Resellers can now uninstall plugins and themes uploaded by server administrators on the “Plugins” or “Themes” tab. (EXTWPTOOLK-4033)
In a surprise guest appearance, the status of WordPress updates is now properly refreshed in the “Keep WordPress up-to-date” advice of the Advisor extension. (EXTWPTOOLK-4032)
A various variety of translation issues was fixed. (EXTWPTOOLK-4022)
Website screenshots are now automatically updated after the installation and activation of a theme from the “Themes” tab. (EXTWPTOOLK-4005)
Pagination controls in the list of WordPress sites were peacefully relocated from the East of UI to the West of UI to make sure they are no longer blocked by the window with the status of ongoing tasks. (EXTWPTOOLK-3806)
“Don’t show me again” control on the Smart Update free trial pop-up is now working correctly. (EXTWPTOOLK-4147)

Extension Catalog 1.11.0

26 December 2019

Added the ability to see extensions’ prices with or without VAT. Plesk remembers your choice, but you can change it at any moment.

DigitalOcean DNS 1.1.5

24 December 2019

Synchronizing a domain’s DNS zone with DigitalOcean DNS now correctly creates SRV records in DigitalOcean DNS. (EXTPLESK-753)
Newly created domain aliases are now automatically synced with DigitalOcean DNS. (EXTPLESK-1037)
On Plesk for Windows servers, it is now possible to open a subscription’s page from the main extension’s page. (EXTPLESK-1516)

Action Log 1.1.0

24 December 2019

Action Log now shows more information about the logged actions right in the extension’s interface - you no longer need to read the logs to find out what happened exactly.
Added the ability to select or clear all “Logged actions” checkboxes at once on the “Settings” tab.

Plesk Onyx 17.8.11 Update 78

23 December 2019

Installing an extension with multiple available versions no longer results in an error if the latest available extension version does not support Plesk Onyx. (EXTWPTOOLK-4060)
Restoring from a Plesk backup now always restores the SRV and CAA records along with the other records in the DNS zone(s) of the domain(s) being restored. (PPPM-11357, PPPM-11358)

Third-Party Component Updates

Windows

Updated Python to version 2.7.17.

PHP Updates

20 December 2019

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.13.
Updated PHP 7.2 to version 7.2.26.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.26.

Hosting Plan Exporter 1.0.0

20 December 2019

Hosting Plan Exporter helps you copy service plans between Plesk servers by exporting and importing them.

Both hosting and add-on plans can be exported and imported.
When importing service plans, conflicts are automatically detected. For example:
- when a service plan with the same name already exists on the target server, you will be offered to rename the imported plan;
- when imported service plan has a limit which does not exist on the target server, a warning will be shown on the import screen and the limit will not be imported;
- when target server does not support imported value of a hosting setting, you will be offered to select one of supported values.
Service plans are exported to JSON file format.

The extension can be used by Plesk administrators and resellers. Try it out!

Slave DNS Manager 1.9.2

19 December 2019

The status icons for the slave servers are now properly shown in the extension’s interface. (EXTPLESK-1082)
On Plesk Obsidian servers, the extension’s interface is no longer malformed and unusable. (EXTPLESK-1403)

Plesk Onyx 17.8.11 Update 77

16 December 2019

Third-Party Component Updates

Windows

Updated BIND to version 9.14.8.

Plesk Onyx 17.5.3 Update 89

16 December 2019

Extensions with multiple available versions can now be installed via “Tools & Settings” > “Updates and Upgrades” as well as the Extension Catalog. (EXTWPTOOLK-4060)

Plesk Onyx 17.0.17 Update 79

16 December 2019

Extensions with multiple available versions can now be installed via “Tools & Settings” > “Updates and Upgrades” as well as the Extension Catalog. (EXTWPTOOLK-4060)

Plesk Onyx 17.0.17 Update 78

10 December 2019

Additional users with the rights to manage a single subscription (for example, example.com) no longer get access to other subscriptions of a customer after the subscription example.com was deleted. (PPPM-8022)

Linux

On Ubuntu 16.04 and Debian 8, ModSecurity can now be again installed and turned on with the Atomic Standard rule set. (PPPM-11097)

Third-Party Component Updates

Updated OpenSSL to version 1.0.2t, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.

Plesk Onyx 17.8.11 Update 76

9 December 2019

Extensions’ files and scripts can be now run under the psaadm user, which is more secure than running them under root.

Plesk Onyx 17.5.3 Update 88

9 December 2019

Linux

Plesk servers with ProFTPD 1.3.6 installed are no longer vulnerable to denial of service attacks. (PPPM-11135)

WordPress Toolkit 4.4.0

5 December 2019

Server administrators can now install plugin & theme sets on existing websites at any time. This can be done by visiting the “Sets” tab, finding the required set, and clicking on “Install Set” in the corresponding ‘…’ dropdown menu.
The “WordPress Toolkit Settings” tab was redesigned and moved to a separate screen opened via Settings button located next to the WordPress Toolkit screen title.
The “Plugins”, “Themes”, and “Sets” tabs were rebuilt using Plesk UI Library to make sure we can quickly redesign and update them in the future.
Pop-up notifications about successful execution of various operations are now automatically hidden 3 seconds after appearing, so they are (hopefully) less annoying.
Improved various translation strings.
Quarantined WordPress sites no longer have a chance to prevent installation of plugins or themes from the “Plugins” or “Themes” tabs. (EXTWPTOOLK-4023)
It should be possible (again) to upload plugins and themes from a specified URL via CLI. (EXTWPTOOLK-3988)
WordPress Toolkit now properly cleans up temporary files on the server when users install plugins or themes. (EXTWPTOOLK-3977)
Changing the domain name on very busy servers should not lead to WordPress site becoming quarantined due to timeout anymore. (EXTWPTOOLK-3961)
Changing the domain name now properly changes the corresponding domain name in WordPress configuration files and database. (EXTWPTOOLK-3901)
WordPress Toolkit no longer generates PHP warnings during certain plugin updates. (EXTWPTOOLK-3938)
Proper plugin and theme names are now shown on the Updates screen instead of slugs. (EXTWPTOOLK-3826)
Smart Updates now properly work for WordPress sites where home is not where siteurl is. (EXTWPTOOLK-3784)
Loading of WordPress site list no longer slows to a crawl in presence of quarantined sites. (EXTWPTOOLK-3853)
Pagination in lists now correctly shows the current page number on Plesk Obsidian. (EXTWPTOOLK-3772)
The second and subsequent pages of the WordPress site list are now working properly on Plesk Obsidian. (EXTWPTOOLK-3771)
Owner links on the WordPress site cards now open in the same browser tab instead of a new tab. (EXTWPTOOLK-3362)
Outdated link to reference page about WordPress debugging was updated. (EXTWPTOOLK-3178)

SSL It! 1.1.3

4 December 2019

The Encryption Everywhere SSL/TLS certificates are no longer available for issue (even if they are specified in filteredProducts in the panel.ini file) because the corresponding API is reaching EOL. Issue free certificates from Let’s Encrypt instead. The already issued Encryption Everywhere certificates keep working until their expiration dates.

DigiCert SSL 1.8.1

4 December 2019

The Encryption Everywhere SSL/TLS certificates are no longer available for issue (even if they are specified in filteredProducts in the panel.ini file) because the corresponding API is reaching EOL. Issue free certificates from Let’s Encrypt instead. The already issued Encryption Everywhere certificates keep working until their expiration dates.

Extensions Catalog 1.10.1

3 December 2019

Go back to the earlier logic of automated extensions’ installation (Plesk installs newly purchased extensions automatically instead of sending a notification) by adding the following lines to the panel.ini file:
```
[ext-catalog]
extensionAutoInstall = true
```

Plesk Onyx 17.8.11 Update 75

2 December 2019

Updated PHP used by Plesk to version 7.1.33 to secure Plesk against a vulnerability found in earlier PHP versions.

Linux

Trying to access phpMyAdmin on cloned Plesk servers no longer results in an error. (PPPM-9529)

Plesk Onyx 17.8.11 Update 74

26 November 2019

Updated the trial license agreement text.

Third-Party Component Updates

Updated OpenSSL to version 1.0.2, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.

Plesk Onyx 17.5.3 Update 87

26 November 2019

Additional users with the rights to manage a single subscription (for example, example.com) no longer get access to other subscriptions of a customer after the subscription example.com was deleted. (PPPM-8022)

Third-Party Component Updates

Updated OpenSSL to version 1.0.2, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.

PHP Updates

26 November 2019

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.12.
Updated PHP 7.2 to version 7.2.25.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.25.

Extensions Catalog 1.10.0

25 November 2019

After purchasing an extension, the Plesk administrator is now shown a notification prompting them to install the purchased extension.
Updated the extensions that have a free trial period to show a notification clearly stating that a license must be purchased to use all of the extensions’ features. (EXTCATALOG-124)
The price of the WordPress Toolkit extension is no longer shown if the license for the extension is already included in the installed Web Host license. (EXTCATALOG-205)
Corrected an error in the German translation of the extension. (EXTCATALOG-266)
Added a white space character between the word “Buy” and the extension’s price on the “Buy” button. (EXTCATALOG-286)
The “Extensions” > “My Extensions” page is no longer blank. (EXTCATALOG-306)

Site Import 1.4.2

14 November 2019

Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

Google PageSpeed Insights 2.1.3

14 November 2019

Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

DigitalOcean DNS 1.1.4

14 November 2019

Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

Plesk Onyx 17.0.17 Update 77

13 November 2019

Windows

Customized values in the my.ini file are no longer overwritten during Plesk update or upgrade.
Updated MySQL Server to version 5.6.46.

Ruby 1.3.9

13 November 2019

Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

Node.js 1.3.6

13 November 2019

Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

Git 1.1.3

13 November 2019

On the domain creation page, the popover that appears when clicking the “automatically deployed” control (under “Enable Git support”) is now positioned correctly. (EXTGIT-82)
On the domain creation page, the icon next to the field used to specify the path to the directory to which the files from the repository are to be deployed (under “Enable Git support”) is now displayed correctly. (EXTGIT-93)

Docker 1.4.4

13 November 2019

Changed the extension’s icon to better fit visually among other icons in Dynamic List view.

Plesk Onyx 17.8.11 Update 73

12 November 2019

Linux

Plesk servers with ProFTPD 1.3.6 installed are no longer vulnerable to denial of service attacks. (PPPM-11134)
On CentOS 7 servers, configuring the Atomic repository and installing the psa-proftpd package from that repository no longer causes updating Plesk from a different repository with a later version of the psa-proftpd package to fail. (PPPM-11235)

Third-Party Component Updates

Windows

Updated Plesk SQL Server to version 5.7.28.
Updated MySQL 5.7 to version 5.7.28
Updated MySQL 5.6 to version 5.6.46

Plesk Onyx 17.5.3 Update 86

12 November 2019

Windows

Customized values in the my.ini file are no longer overwritten during Plesk update or upgrade.
Updated MySQL Server to version 5.6.46.

Let’s Encrypt 2.8.4

5 November 2019

Renewing a certificate issued via the Let’s Encrypt extension no longer results in an endless loading screen if the corresponding registration file is corrupted. (EXTLETSENC-552)
Creating a customer without a subscription in Plesk with the Let’s Encrypt extension installed and the “secure-new-domain = on” option specified in the panel.ini file no longer results in an error. (EXTLETSENC-697)

Docker 1.4.3

1 November 2019

The “X-Forwarded-Proto” (XFP) header is now correctly added to the nginx configuration file when proxy rules are configured in Plesk. (EXTDOCKER-75)
Trying to add another Plesk server with the Docker extension installed as a remote Docker node no longer fails with the “The Docker service is unavailable: Cannot enable tls” error. (EXTDOCKER-78)
Entering the equals sign (=) as a part of an environment variable in the Docker extension no longer results in an error. (EXTDOCKER-84)

Advisor 1.7.2

31 October 2019

The Advisor extension no longer shows that HTTP/2 is disabled on the server when it is, in fact, enabled. (EXTADVISOR-362, EXTADVISOR-752)

WordPress Toolkit 4.3.4

30 October 2019

Internal security improvements.

Plesk Onyx 17.8.11 Update 72

29 October 2019

On newly installed Plesk servers, the “country” field in the Plesk database is set to “US” instead of NULL. (PPPM-10453)

Linux

On CentOS 6 servers, the mysql-connector-odbc-8.0.12-1.el6.x86_64 package being installed during MySQL update no longer results in the “Settings” button disappearing from APS applications’ pages. (PPPM-9206)

PHP Updates

28 October 2019

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.11.
Updated PHP 7.2 to version 7.2.24.
Updated PHP 7.1 to version 7.1.33.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.24.
Updated PHP 7.1 to version 7.1.33.

Plesk Onyx 17.0.17

Updated PHP 7.1 to version 7.1.33.

WordPress Toolkit 4.3.3

26 October 2019

Daily maintenance script will no longer put garbage messages in panel.log on Plesk Onyx 17.5. (EXTWPTOOLK-3773)

WordPress Toolkit 4.3.2

24 October 2019

Smart Updates now use an new algorithm for analyzing plugin shortcodes, which should address most (if not all) false positives.
Improved support for Move Domains feature in Plesk Obsidian.
Smart Updates will warn user if a Smart Update procedure failed due to specific .htaccess customizations.
Smart Updates sitemap analysis was optimized to increase reliability.
Screenshot previews in the email notifications about Smart Update results are now displayed properly. (EXTWPTOOLK-3161)
Caching operations were optimized to address performance issues happening in certain cases with Plesk search and WordPress Toolkit site list. (EXTWPTOOLK-3567)
Smart Updates will now properly work if sitemap of the cloned website differs from the original due to meddling of certain plugins. (EXTWPTOOLK-3611)
Handling of nginx config files was changed to address the “Unable to reconfigure domain” error happening under certain circumstances. (EXTWPTOOLK-3626)
Sort control now works properly in the “Security Status” window. (EXTWPTOOLK-3609)
Smart Updates will not process unnecessary locations from XML sitemaps anymore. (EXTWPTOOLK-3610)
Smart Updates can now work with websites locally accessible only via domain aliases. (EXTWPTOOLK-3613)
Certain operations under certain conditions were failing with the “Event not scheduled” error. Scheduling certain events was certainly improved to handle this. (EXTWPTOOLK-3616)
Unsolicited jumping of input focus happening in some cases was removed from the “Clone” window. (EXTWPTOOLK-3633)

Let’s Encrypt 2.8.3

24 October 2019

Introduced the allow-wildcard-certificates option (true by default) under the ext-letsencrypt section in the panel.ini file. If set to false, the option hides the feature of issuing wildcard SSL/TLS certificates in the interfaces of the Let’s Encrypt and SSL It! extensions.

Note: For the same purpose, users could earlier use the acme-protocol-version setting with the acme-v01 value. If you have this configuration, we recommend that you start using allow-wildcard-certificates set to false because the ACMEv1 protocol will soon reach end of life.
The extension now consumes less server resources to issue SSL/TLS certificates.
Updated the list of trusted root certificates with those from Mozilla CA bundle.

Plesk DNSSEC 1.2.3

22 October 2019

CentOS6/RHEL6/CloudLinux6 are not supported because these OSes contain the BIND package that the extension does not support.
DNSSEC is now available for add-on domains and subdomains. (EXTDNSSEC-61)
Allowed algorithms for key generation now have correct values, which makes it possible to sign DNS zones. (EXTDNSSEC-59)

SSL It! 1.1.2

16 October 2019

The SSL/TLS Certificates button now opens the SSL It! screen when the new Dynamic List view mode is selected.
In Plesk for Linux, if Apache and nginx serve a website and HSTS is enabled for it, HSTS headers are no longer duplicated and Qualys SSL Labs correctly process the headers. (EXTSSLIT-462)
When a user manually reissues an SSL/TLS certificate, the extension now suggests securing all the previously secured components (subdomains, domain aliases, webmail, and so on) with the renewed SSL/TLS certificate. (EXTSSLIT-593)
When a subdomain is secured with a wildcard SSL/TLS certificate, the extension now correctly shows if subdomain’s components (domain aliases, webmail, the www subdomain) are secured or not secured. (EXTSSLIT-595)
The old SSL/TLS Certificates menu is now shown for wildcard subdomains. (EXTSSLIT-542)
Improved an error message shown when the SSL/TLS certificate issuing has failed. (EXTSSLIT-603)

Advisor 1.7.1

16 October 2019

The extension no longer suggests turning on NTP time synchronizing on Red Hat Enterprise Linux 8 and CentOS 8 because the ntp package is not available anymore on these OSes.
The “Exception: PHP Notice: Undefined offset:1” error no longer occasionally appears in /var/log/plesk/panel.log in Plesk for Linux and %plesk_dir%\admin\logs\php_error.log in Plesk for Windows. (EXTADVISOR-750)

Plesk Onyx 17.8.11 Update 71

14 October 2019

The information about available upgrade to Plesk Obsidian is now shown in the System Overview section when Early Adopter release is chosen. (PPPM-11083)

Linux

The password can now be changed in webmail if shortname authorization is enabled on the server and a mail account password is encrypted. (PPPM-11090)

Windows

Backups created in Plesk 17.x can now be restored in Plesk Obsidian. (PPPM-10999)

Plesk Onyx 17.5.3 Update 85

14 October 2019

Linux

On Ubuntu 16.04 and Debian 8, ModSecurity can now be again installed and turned on with the Atomic Standard rule set. (PPPM-11096)

Windows

Backups created in Plesk 17.x can now be restored in Plesk Obsidian. (PPPM-10998)

Plesk Migrator 2.17.8

14 October 2019

Migrating from cPanel servers hosting a large number of domains using the Migrator GUI has been sped up considerably.
It is now possible to migrate from cPanel by hosting plan as well as by subscription or owner using the Migrator GUI. (PMT-4642)
It is now possible to migrate from cPanel even if the /var/cpanel/users directory contains one or more files or a directories with special symbols in the name (for example, “)”). (PMT-4660)
Transferring web content of a domain hosted on Parallels Pro Control Panel for Linux no longer fails if the domain has a subdomain and the subdomain does not have CGI enabled. (PMT-4661)
When migrating from Plesk 12.0 and later, additional users not assigned to any subscription are now migrated. (PMT-4658)

Plesk Onyx 17.8.11 Update 70

7 October 2019

Linux

Custom buttons that have their own icons, as well as files whose names start with the dash character are now backed up without warnings. (PPPM-9810)

Windows

Plesk updates no longer overwrite changes made to the my.ini file.

Plesk Onyx 17.5.3 Update 84

7 October 2019

When multiple long tasks are launched at the same time, they are now queued and processed correctly: each task is run, and is only run once. (PPPM-10974)

WordPress Toolkit 4.3.1

3 October 2019

Cloning and Smart Updates now support websites with permalinks working on nginx.
WordPress Toolkit now spotlights 1 month free trial for Smart Updates to server administrators.
WordPress Toolkit link is now displayed on the Dashboard tab of the new Dynamic List in Plesk Obsidian.
Improved various interface texts.
Placeholders like [at] used by various plugins no longer trigger false positive alerts during Smart Update procedure. (EXTWPTOOLK-3550)
Smart Update now works for websites which URL was configured with www prefix. Additionally, links on the cloned website no longer redirect to the original website if it has www prefix in the URL. (EXTWPTOOLK-3584)
Smart Update controls now display proper information about licensing requirements in WordPress Toolkit SE. (EXTWPTOOLK-1462)
Screenshot separator has been given some growth hormone to make sure it reaches the bottom of the screenshot comparison block at all times. (EXTWPTOOLK-3492)
Smart Update screenshots were also given growth hormone to make sure they always reach the bottom of the screenshot comparison. (EXTWPTOOLK-3493)
Smart Update now resets the scroll position between different screens. (EXTWPTOOLK-3475)
Regular updates won’t be accidentally running instead of Smart Updates when Smart Updates are enabled (and expected) on a website. (EXTWPTOOLK-3462)

DigiCert SSL 1.8.0

3 October 2019

The extension can now be backed up and restored.
Paid certificates can now be used to secure domains with internationalized domain names. (EXTPLESK-1241)

Amazon RDS 1.0.2

2 October 2019

Opening the extension’s page in Plesk Obsidian no longer results in an error. (EXTPLESK-673)

Advisor 1.7

2 October 2019

The Plesk Advisor extension’s page now loads significantly faster.
Plesk Advisor now recommends the Smart Updates feature.
Plesk Advisor now recommends the Backup to Cloud Pro to schedule automatic backups of clients’ websites to remote storage.
Plesk Advisor now recommends using Acronis Backup to schedule server backups to Acronis Cloud.
It is now possible to enable HTTP/2 support on Plesk Obsidian servers via Plesk Advisor. (EXTADVISOR-698)

Plesk Onyx 17.8.11 Update 69

30 September 2019

Running the plesk repair mail command no longer breaks all mail accounts on the server if one or more accounts has a password that contains an unsupported character. (PPPM-10906)
Enabling scheduled backups in Plesk now automatically turns on backup rotation for scheduled backups. The default rotation period is four weeks. (PPPM-10967)

Third-Party Component Updates

Windows

Updated BIND to version 9.14.1.

PHP Updates

30 September 2019

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.10.
Updated PHP 7.2 to version 7.2.23.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.23.

Site Import 1.4.1

23 September 2019

Mail Import now migrates the content of mailboxes to Plesk Obsidian for Linux. (PMT-4647)

Plesk Migrator 2.17.7

23 September 2019

Migration now migrates the content of mailboxes to Plesk Obsidian for Linux. (PMT-4647)

Plesk Migrator 2.17.6

18 September 2019

Security improvements.
Additional users with the rights to manage a single subscription but whose email address was created under a different subscription (for example, a user created under example.com with email user@example.net) are now migrated when the subscription they were created under is migrated. (PMT-4644)

Plesk Onyx 17.8.11 Update 68

17 September 2019

Linux

On Ubuntu 16.04 and Debian 8, ModSecurity can now be again installed and switched on with the Atomic Standard rule set. (PPPM-11004)

Third-Party Component Updates

Windows

Updated MailEnable to version 10.25, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.
Update MySQL 5.7 to version 5.7.27 and MySQL 5.6 to version 5.6.45. They include fixes for a number of security issues. We strongly recommend that you update Plesk.

Plesk Onyx 17.5.3 Update 83

17 September 2019

Third-Party Component Updates

Windows

Update MySQL 5.6 to version 5.6.45, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.

Plesk Onyx 17.0.17 Update 76

17 September 2019

Third-Party Component Updates

Linux

Updated Dovecot and Pigeonhole to versions 2.2.36.4 and 0.4.24.2 respectively, which include a fix for a major security issue. We strongly recommend that you update Plesk.

Windows

Update MySQL 5.6 to version 5.6.45, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.

Plesk Onyx 17.5.3 Update 82

9 September 2019

Third-Party Component Updates

Linux

Updated Dovecot and Pigeonhole to versions 2.2.36.4 and 0.4.24.2 respectively, which include a fix for a major security issue. We strongly recommend that you update Plesk.

Extensions Catalog 1.9.0

9 September 2019

Purchase options (a currency, a country, and an extension ID) chosen by a user in the Extensions Catalog are now preserved in Plesk Online Store. When a user buys an extension and is redirected to Plesk Online Store, the user no longer needs to select the purchase options once again.
Introduced the “Deprecated” status for extensions. User who have already installed these extensions will be able to remove them and will not be able to install them anymore. Users who have not installed—will not see deprecated extensions in the Extensions Catalog.
The “My Extensions” tab now shows prices and buttons next to extensions the same way they are already shown in the Extensions Catalog.
Improved the Extensions Catalog interface when it is opened in Plesk Mobile Center: it is no longer necessary to swipe the screen to right or left to see extensions’ buttons and details. (EXTCATALOG-195)
When the Plesk main menu is minimized, quick access to extensions no longer highlights a part of the screen. (EXTCATALOG-234)

DigiCert SSL 1.7.1

9 September 2019

Restored the ability to issue SSL/TLS certificates in Plesk versions earlier than 17.8.

Plesk Onyx 17.8.11 Update 67

5 September 2019

Third-Party Component Updates

Linux

Updated Dovecot and Pigeonhole to versions 2.3.7.2 and 0.5.7.2 respectively, which include a fix for a major security issue. We strongly recommend that you update Plesk.

SSL It! 1.1.1

5 September 2019

When SSL It! is installed or updated to version 1.1.1, the extension now detects SSL/TLS certificates previously issued via the DigiCert extension but absent from the current SSL It! configuration and then suggests editing the panel.ini file to see and manage the certificates in the SSL It! interface.
Updated the list of trusted root certificates with those from Mozilla CA bundle.
When a user tries to install the extension on Windows 2008, SSL It! now informs that this OS is not supported because Windows versions earlier than Windows 2012 do not support SNI. (EXTSSLIT-447)
No error now occurs when a customer is created without a subscription and the secure-new-domain setting in panel.ini is enabled (the extension no longer tries to secure the customer’s non-existent domain with an SSL/TLS certificate). (EXTSSLIT-533)

WordPress Toolkit 4.3.0

4 September 2019

Smart Update feature has been dramatically redesigned, providing full transparency into the analysis process and streamlining overall user experience. Users can now clearly see what is being checked by Smart Updates and what issues are found on which pages. Full analysis summary with update forecast is now also available to users for making an educated decision about the update or for drilling down into issues found by the system.
Smart Update now analyzes sitemap to determine which pages to check. Users can create a custom sitemap file specifically for Smart Updates to define which pages should be analyzed (up to 30).
Smart Update will notify users about preexisting issues on the website even if the update process itself went smoothly.
Smart Update now checks for unexpected PHP errors, warnings, and notices on the website.
Smart Update now checks for presence of plugin shortcodes, which typically indicates broken plugins.
WordPress websites using really old PHP versions (5.4 and earlier) are now marked in the WordPress Toolkit UI, displaying a warning that WordPress Toolkit will soon stop supporting such websites. A prompt to change the PHP version is displayed for convenience, if users have the permission to manage PHP version on their website.
Smart Update toggle is now available as a separate switch on the website card, making sure the feature is easy to see and access.
Smart Update now gets VIP treatment from the screenshot making service, being finally able to request as many screenshots as needed.
Smart Update now detects the database limits before actually trying to clone the website for analysis.
Smart Update threshold settings were removed as a part of UX streamlining.
Updates screen was optimized, displaying current and available versions, and also hiding plugin & theme descriptions.
Smart Update screen displayed upon following the link in the notification email is now branding-neutral.
The algorithm of making website screenshots for Smart Updates was improved to better reflect the actual website look in certain cases. Finally, users can see the goddamned cactus succulent from the Twenty Seventeen theme in all its glory!
Smart Update failure no longer has a slim chance to accidentally remove the database of the source website under certain rare circumstances. (EXTWPTOOLK-3312)
Regular update is no longer stealthily performed instead of Smart Update if WordPress website has enabled password protection. (EXTWPTOOLK-3410)
Smart Update no longer returns weird error message mentioning website ID if 500 HTTP code is encountered during the Smart Update procedure. (EXTWPTOOLK-3234)
Smart Update now properly cleans up after itself if the procedure went awry. (EXTWPTOOLK-3313 and EXTWPTOOLK-3424)
Repeated opening and closing of the Updates window will no longer slow down the system (why would you do that anyway?). (EXTWPTOOLK-2669)
Improved handling of quantum entanglement in the code now allows WordPress Toolkit to identify more accurately whether a certain WordPress installation is broken or infected at any given moment of time. (EXTWPTOOLK-3330)
Screenshots can now be made for websites hosted on a domain without www. prefix if this prefix is present in the WordPress database as a part of the site URL. (EXTWPTOOLK-2799)
Smart Update will provide a clear explanation instead of a weird error when a website cannot be updated via Smart Update due to Maintenance Mode being enabled. (EXTWPTOOLK-3264)
Smart Update will provide a clear explanation instead of a weird error when a website cannot be updated via Smart Update due to password protection being used. (EXTWPTOOLK-3265)
Smart Update is now correctly handling the situation when someone tries to enable it on a multisite (spoiler: it doesn’t work and it never did). (EXTWPTOOLK-3378)
WordPress installations that were broken and fixed afterwards can now be updated without errors while they’re still detected as broken by WordPress Toolkit. (EXTWPTOOLK-3147)
If some of the items in a batch update were not updated successfully, WordPress Toolkit will now display a proper message, providing the necessary details. (EXTWPTOOLK-3151)
Sitemap is now properly cloned and copied with all necessary URL replacements during the corresponding procedure. (EXTWPTOOLK-3425)
WordPress Toolkit now verifies the MD5 checksum of the WordPress core package after downloading it. (EXTWPTOOLK-3270)
If the original WordPress installation on Apache only hosting had any URL structure enabled in “Permalink settings” (except “Plain”), the installation clone now works correctly and its links no longer redirect to the original. (EXTWPTOOLK-3484)

PHP Composer 0.9.2

4 September 2019

Improved the indication and speed of the “Scan”, “Install”, and “Update” operations.
Warning messages and explanations how updates works now differ depending on the type of available updates (major, minor, patch, or secondary dependancies updates).
Operations in the extension’s interface and manual operations in the CLI are now automatically synced with each other.
Scaling a browser window no longer merges the Install and Update buttons into one dropdown menu. (EXTPHPCOMP-5)

Plesk Onyx 17.0.17 Update 75

3 September 2019

Third-Party Component Updates

Linux

Updated Phusion Passenger to version 5.3.5, which includes a fix for a major security issue. We strongly recommend that you update Plesk.
Updated nginx to version 1.16.1, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.
Updated OpenSSL bundled with nginx to version 1.0.2r.

Plesk DNSSEC 1.2.2

3 September 2019

The plesk-zone-checker package is not required anymore. (EXTDNSSEC-58)

PHP updates

2 September 2019

Plesk Onyx 17.8.11

Updated PHP 7.3 to version 7.3.9.
Updated PHP 7.2 to version 7.2.22.
Updated PHP 7.1 to version 7.1.32.

Plesk Onyx 17.5.3

Updated PHP 7.2 to version 7.2.22.
Updated PHP 7.1 to version 7.1.32.

Plesk Onyx 17.0.17

Linux

Updated PHP 7.1 to version 7.1.32.

Panel.ini Editor 3.2.1

30 August 2019

Added a number of descriptions of popular extensions’ and Plesk settings.

Advisor 1.6.1

30 August 2019

Improved integration with Plesk Obsidian.

Plesk Onyx 17.8.11 Update 66

27 August 2019

Linux

On Red Hat Enterprise Linux 7 that has the Plesk DNSSEC extension installed, the plesk-zone-checker package no longer prevents bind system package updates. (PPPM-10910)

Windows

Improved stability of backend utilities where they occasionally failed with the “Unable to connect to pipe…” error. (PPPM-10898)

Third-Party Component Updates

Linux

Updated Dovecot to version 2.3.6, which includes a fix for a security issue. We strongly recommend that you update Plesk.
Updated nginx to version 1.16.1, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.

Plesk Onyx 17.5.3 Update 81

27 August 2019

Third-Party Component Updates

Linux

Updated nginx to version 1.16.1, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.

DigiCert SSL 1.7.0

23 August 2019

The extension now informs when a paid SSL/TLS certificate is about to expire and makes it easier to renew it. Users no longer need to find the certificate they bought earlier: the “Renew” button opens Plesk Online Store where they can buy the same certificate.
Internal stability and security improvements.
SSL/TLS certificates can now be installed on IDN domains. (EXTPLESK-1207)
SSL/TLS certificates can now be issued if a company name contains the ampersand (&). (EXTPLESK-1211)

Plesk Mobile Center 1.13

22 August 2019

Fixed the “Failed to load certificate for platform ios_manager_production” error.

Plesk Onyx 17.8.11 Update 65

20 August 2019

When multiple long tasks are launched at the same time, they are now queued and processed correctly: each task is run and just once. (PPPM-10876)

Linux

Updating the Atomic Standard ModSecurity rule set no longer hangs. (PPPM-10741)
Expanded the list of characters that are now correctly escaped in the “Cache requests with cookies” field in nginx. (PPPM-8395)
Daily maintenance script now calculates web statistics once a day. (PPPM-10877)

Windows

Log viewer now correctly shows data in columns of IIS access log. (PPPM-9153, PPPM-9358)

SSL It! 1.1.0

20 August 2019

The extension now shows a warning message when a paid SSL/TLS certificate from DigiCert is about to expire and suggests buying a new SSL/TLS certificate.
Updated the link to the documentation in the extension’s description.
Improved the layout of the extension’s screen that shows details about an installed SSL/TLS certificate in both Obsidian and Onyx color schemes.
Improved the UX and an error message when the DigiCert SSL extension was removed in the middle of ordering an SSL/TLS certificate. (EXTSSLIT-552)

Action Log 1.0.0

15 August 2019

Initial release.

DigiCert SSL 1.6.2

14 August 2019

Performance improvements. We strongly recommend that you update the extension.

Plesk Onyx 17.8.11 Update 64

13 August 2019

Security improvements.
Plesk 12.5 can now be upgraded to Plesk 17.8 when Plesk 12.5 has a remote MySQL server added and set as default. (PPPM-10382)

Plesk Onyx 17.5.3 Update 80

13 August 2019

Security improvements.

Plesk Onyx 17.0.17 Update 74

13 August 2019

Security improvements.

Domain Connect 1.4.0

9 August 2019

Users can now automatically configure mail DNS-records.
Users can now automatically configure DNS for subdomains.
Users can now use Domain Connect to verify their domains ownership for Bing Webmaster Tools.
The extension now supports SPFM records. This enables to update the existing SPF record with the rules from the SPFM record.

WordPress Toolkit 4.2.2

8 August 2019

Integration with Website Overview in Plesk Obsidian was updated, making sure that users can still access WordPress Toolkit quickly on each website.
Tools block was moved to a separate column on the website card for increased visibility and easier access.
Smart Updates no longer fails to update websites that have issues with infinite redirects. (EXTWPTOOLK-3328)
IDNs (international domain names) are now properly displayed on the Smart Update comparison screen. (EXTWPTOOLK-3239)
Website screenshots no longer disappear for reasons unknown when user is opening the Smart Update comparison screen. (EXTWPTOOLK-3260)
Update of multiple websites should not fail to start anymore in certain cases. (EXTWPTOOLK-3284)
WordPress Toolkit now exhibits more patience when connecting remote websites via plugin, ensuring that websites hosted on slower servers can be properly connected without timeouts. (EXTWPTOOLK-3278)

Plesk Migrator 2.17.5

8 August 2019

Adjusted Plesk Migrator to support the maximum length of FTP usernames in Plesk 17.8 and later (32 characters).

DigiCert SSL 1.6.1

8 August 2019

Internal security improvements. We strongly recommend that you update the extension.

Plesk Onyx 17.8.11 Update 63

5 August 2019

Third-Party Component Updates

Updated PHP 7.3 to version 7.3.8.
Updated PHP 7.2 to version 7.2.21.
Updated PHP 7.1 to version 7.1.31.

Plesk Onyx 17.5.3 Update 79

5 August 2019

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.21.
Updated PHP 7.1 to version 7.1.31.

Plesk Onyx 17.0.17 Update 73

5 August 2019

Third-Party Component Updates

Linux

Updated PHP 7.1 to version 7.1.31.

Plesk Onyx 17.8.11 Update 62

29 July 2019

It is now possible to change an add-on domain status and hosting type in a single API-RPC request. (PPPM-10455)
The Dropbox icon is now displayed correctly in Backup Manager after upgrading from earlier versions of Plesk and the Dropbox Backup extension. (PPPM-10776)

Third-Party Component Updates

Linux

Updated libcurl to version 7.65.3, which includes a fix for a major security issue. We strongly recommend that you update Plesk.

Windows

Updated libcurl to version 7.64.0, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.

Plesk Onyx 17.5.3 Update 78

29 July 2019

Linux

Updated libcurl to version 7.65.3, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.
Updated 7zip to version 18.05, which includes fixes for a number of security issues. We strongly recommend that you update Plesk.

WordPress Toolkit 4.2.1

26 July 2019

Users should now be able to perform Smart Update on websites that have a lot of pages. (EXTWPTOOLK-3283)

WordPress Toolkit 4.2.0

25 July 2019

Users can now upload plugins and themes straight to their website when they open the plugin or theme installation dialog on the website card.
Website card now has a link to the corresponding domain in Plesk for easier navigation.
Smart Update speed was dramatically improved.
Screenshot comparison screens shown in Smart Update details were streamlined.
Updates screen was cleaned up and polished, eliminating various small UX issues.
Website card view was optimized, making the card a bit more compact.
WordPress Toolkit was finally shamed into regularly cleaning up wp-cli utility cache on a per-site basis.
The File Manager link on the website card is now more visible and prominent.
WordPress Toolkit now displays more details about the update process of WordPress core, plugins, and themes. This change also affects the Smart Update process, making it more transparent.
Sites can now be installed and cloned into non-empty directories (including directories with random .php files, mummified remains of ancient WordPress sites, and so on). Users will be warned and asked for confirmation if target directory is not empty.
The task responsible for checking and running automatic updates (instances-auto-update.php) was rescheduled to run between 1 AM and 6 AM randomly on each server to avoid causing power surges in datacenters.
Smart Updates: E-mail notifications about Smart Updates no longer include periods after HTML links (this could break certain links). (EXTWPTOOLK-1759)
Smart Updates: When users are launching Smart Update while the Smart Update license is expired, a proper message will be displayed in UI. (EXTWPTOOLK-2796)
Smart Updates: Confusing error message about needing a valid SSL/TLS certificate was unconfused. (EXTWPTOOLK-2599)
Smart Updates: The system now properly notifies users when Smart Update skips a website for some reason during mass update operation. (EXTWPTOOLK-2733)
Smart Updates: Select Page dropdown now properly displays full website URL of WordPress websites installed in a subdirectory. (EXTWPTOOLK-3224)
Smart Updates: Open in Plesk link no longer overlaps the Select Page dropdown in some cases. (EXTWPTOOLK-3203)
Remote websites with broken database connection are now correctly marked as broken in UI. (EXTWPTOOLK-2950)
CLI output for remote WordPress websites was made more consistent with the output shown for local WordPress websites. (EXTWPTOOLK-2921)
Clicking Help in Plesk will now take users to the right help page. (EXTWPTOOLK-3091)
Checking the security status under certain circumstances cannot destroy Plugins and Themes tabs in website cards anymore. (EXTWPTOOLK-2867)
Plugins can be added to sets via CLI without the TypeError error. (EXTWPTOOLK-3079)
When users were choosing to copy only the new database tables using Copy Data functionality, all tables were copied instead if one of the new tables didn’t have the table prefix. This despicable behavior was nipped in the bud. (EXTWPTOOLK-3123)
The URL of WordPress website installed on a wildcard subdomain is now displayed correctly. (EXTWPTOOLK-3086)
Scan functionality no longer can be broken by the potential data inconsistency mess left by WordPress websites installed via APS. (EXTWPTOOLK-3065)
Users cannot start the update process for a website that’s already being updated. (EXTWPTOOLK-3174)
Text placeholders are no longer displayed when looking for certain things in Plesk Search. (EXTWPTOOLK-3004)
Updating WordPress to a newer version on remote hosting with PHP 5.3 will now show a proper error prompt about PHP requirements. (EXTWPTOOLK-3190)

Plesk DNSSEC 1.2.1

25 July 2019

If a subscription does not have the “DNS management” permission, the DNSSEC button is no longer shown in Websites & Domains > domains that belong to the subscription. (EXTDNSSEC-50)

Linux

If a Plesk server does not have the BIND DNS server component installed, DNSSEC is now installed and its screen shows instructions how to install BIND. (EXTDNSSEC-53)

Plesk Onyx 17.8.11 Update 61

22 July 2019

When restoring a backup of a Plesk server with the Web Pro license installed, the warning about the failure to restore reseller plans is no longer shown (the Web Pro license does not include resellers management). (PPPM-9590)

Linux

When sent via Outlook or Thunderbird, the email messages in newly created mailboxes no longer get stuck in Outbox and are successfully moved to the Sent folder. (PPPM-9624)

Third-Party Component Updates

Windows

Updated 7zip to version 18.05.

Repair Kit 1.2.0

18 July 2019

Added a new feature “MySQL Process List” (Beta). Users can now see:
- The list of processes being handled by the local MySQL server.
- The MySQL process details: what queries are being processed and how much resources they consume.
To try the new feature, go to Tools & Settings > MySQL Process List (Beta) (under “Assistance and Troubleshooting”).
Made a number of UX improvements.

Let’s Encrypt 2.8.2

18 July 2019

The ‘rsa-key-size’ setting in the ‘panel.ini’ file now again sets an RSA key size. (EXTLETSENC-714)
The webmail client of an add-on domain is no longer changed to the client of the main domain (or even disabled if webmail was disabled for the main domain) when any of the following actions are done to the SSL/TLS certificate of the main domain: issuing, manual or automatic renewal, enabling “Keep websites secured”, or unassigning. (EXTLETSENC-603)

Plesk Migrator 2.17.4

17 July 2019

When migrating to Plesk from the latest version of cPanel that has MySQL 5.7 installed, database users are now also migrated and the applications work correctly after the migration. (PMT-4627)

SSL It! 1.0.1

11 July 2019

If SLL It! is available for a domain, the domain screen in Websites & Domains can no longer show the duplicate “SSL/TLS Certificates” link that leads to the old interface for managing SSL/TLS certificates. (EXTSSLIT-535)
TLS protocols and ciphers can now be again synced with Mozilla: a more stable configuration of protocols and ciphers is used at the moment. (EXTSSLIT-539)

Plesk Onyx 17.8.11 Update 60

8 July 2019

Security improvements.

Linux

The Postfix local now reports an error when Dovecot experiences issues delivering emails. (PPPM-8328)

Windows

Fixed the issue with restoring large mailboxes from backups. (PPPM-10628)
For Plesk installed on Windows in Portuguese, files’ permissions can now be changed in File Manager. (PPPM-10672)

Third-Party Component Updates

Updated PHP 7.3 to version 7.3.7.
Updated PHP 7.2 to version 7.2.20.

Linux

Added the debuginfo packages for PHP 7.2 and 7.3.
Improved stability by fixing the PHP-FPM segmentation faults in fpm_event_epoll_wait. (PPP-43093)

Plesk Onyx 17.5.3 Update 77

8 July 2019

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.20.

Linux

Added the debuginfo packages for PHP 7.2 and 7.3.
Improved stability by fixing the PHP-FPM segmentation faults in fpm_event_epoll_wait. (PPP-43093)

Let’s Encrypt 2.8.1

4 July 2019

It is now possible to issue wildcard SSL/TLS certificates from Let’s Encrypt if the BIND DNS server component is not installed. (EXTLETSENC-558)

Git 1.1.2

4 July 2019

Fixed the look of the Git section on the “Add Domain” screen. (EXTGIT-85)
Pulling updates no longer fails with the “Call to a member function websiteOverviewUrl() on null” error. (EXTGIT-88)

Plesk Onyx 17.8.11 Update 59

1 July 2019

It is now again possible to open a website by clicking the “Open” link on the “Domains” screen in Service Provider view. (PPPM-10670)

Third-Party Component Updates

Updated phpMyAdmin to version 4.9.0.1, which includes a fix for the security issue. We strongly recommend that you update Plesk.

Plesk Onyx 17.5.3 Update 76

1 July 2019

Windows

It is now again possible to log in to phpMyAdmin by a direct URL after the features.phpMyAdmin.loginForm.enabled setting was enabled in the panel.ini file. (PPPM-9825)

Third-Party Component Updates

Updated phpMyAdmin to version 4.9.0.1, which includes a fix for the security issue. We strongly recommend that you update Plesk.

Windows

Updated MySQL 5.6 to versions 5.6.44.
Updated MySQL Connector/ODBC 5.3 to version 5.3.13.

Plesk Onyx 17.0.17 Update 72

1 July 2019

Plesk was switched to its own APS catalog that contains only the most popular, important, and latest applications.
SELinux enabled in Plesk on CentOS 7/Red Hat EL7 no longer hinders restoring server backups(PPPM-10683)

Third-Party Component Updates

Updated phpMyAdmin to version 4.9.0.1, which includes a fix for the security issue. We strongly recommend that you update Plesk.

Windows

Updated MySQL 5.6 to versions 5.6.44.
Updated MySQL Connector/ODBC 5.3 to version 5.3.13.

Plesk Migrator 2.17.3

1 July 2019

Linux

Migration of domains that have mixed-case names to Plesk 17.8 no longer fails on the step of copying content. (PMT-4621)

Ruby 1.3.8

27 June 2019

Ruby 2.6 is now supported.
Ruby 2.5 is now supported.
Ruby 2.4.x was updated to version 2.4.6.
Ruby 2.3.x was updated to version 2.3.8.

Node.js 1.3.5

27 June 2019

Linux

Added support for Node.js 12 (except CentOS 6, Debian 7.x, Ubuntu 12.x).
Added support for Node.js 10.
Updated Node.js 8.x to version 8.16.0.

Plesk Onyx 17.8.11 Update 58

24 June 2019

Security improvements.
Fixed Apache unavailability caused by the installation of Update 57. (PPPM-10630)

Windows

Plesk now prevents users from creating invalid DNS records that could cause the BIND service to crash. (PPPM-10403)

Advisor 1.6.0

21 June 2019

Extension developers can now integrate their own extensions with Advisor by:
- Adding recommendations to use their own extensions. For reference, use the source code of the Advisor Integration Example extension.
- Adding ratings for these recommendations. The Plesk team updates the ratings promptly on demand without launching a new version of Advisor.
Removed using the Atomic Advanced rule set from the list of recommendations.
The extension is now hidden for all additional users. (EXTADVISOR-428)

WordPress Toolkit 4.1.1

20 June 2019

Handling of wp-cli timeouts was improved to avoid putting innocent WordPress sites into quarantine.
WordPress Toolkit can now connect remote WordPress sites hosted using Bitnami WordPress images from Amazon Marketplace and other cloud marketplaces. (EXTWPTOOLK-3003)
Successful update of WordPress core from 5.2.1 to 5.2.2 no longer displays an error in WordPress Toolkit UI. (EXTWPTOOLK-3040)
WordPress Toolkit no longer slows down dramatically when connecting individual remote WordPress sites if their wp-config.php has read-only access permission. (EXTWPTOOLK-3007)

Plesk Migrator 2.17.2

18 June 2019

The extension is now compatible with Plesk Obsidian.
Databases can now be migrated to target Plesk servers on Windows in which the “Chinese (Simplified, China)” language is set as the system locale. (PMT-4570)

Extensions Catalog 1.8.0

18 June 2019

Extensions whose licenses were installed in Plesk are now automatically installed. Turn this behavior on or off in the panel.ini file by adding the following lines:
```
[ext-catalog]  
extensionAutoInstall = true/false
```

Docker 1.4.2

18 June 2019

The extension now handles situations when the docker service is stopped to avoid logging extra errors.

Plesk Onyx 17.8.11 Update 57

17 June 2019

Security improvements.

Linux

Added support for Node.js and Ruby applications inside CageFS. To use these applications inside CageFS, install the passenger-cagefs package and follow the instructions in its README file.

Plesk Onyx 17.5.3 Update 75

17 June 2019

Plesk was switched to its own APS catalog that contains only the most popular, important, and latest applications.

Plesk Onyx 17.8.11 Update 56

10 June 2019

Linux

Fixed issues related with removing subscriptions. (PPPM-10195)

Windows

Plesk File Manager no longer occasionally fails to unpack ZIP archives. (PPPM-9893)

Plesk Onyx 17.8.11 Update 55

3 June 2019

Third-Party Component Updates

Updated PHP 7.3 to version 7.3.6.
Updated PHP 7.2 to version 7.2.19.
Updated PHP 7.1 to version 7.1.30.

Plesk Onyx 17.5.3 Update 74

3 June 2019

Updated PHP 7.2 to version 7.2.19.
Updated PHP 7.1 to version 7.1.30.

Plesk Onyx 17.0.17 Update 71

3 June 2019

Updated PHP 7.1 to version 7.1.30.

WordPress Toolkit 4.1.0

30 May 2019

You can now connect remote WordPress installations to WordPress Toolkit and manage them without having SSH root access to the remote host. To access this feature, use the “Connect [Beta]” button on the WordPress website list and provide your WordPress administrator credentials. This feature is a part of the overall Remote Management functionality, so it’s available only for Server Administrators as a beta feature.
WordPress websites are now put into quarantine if WordPress Toolkit is not able to properly access certain important files. WordPress Toolkit could not manage such websites previously, since WordPress installation list froze if these websites were encountered. This should also address issues with connecting remote servers with such websites.
WordPress Toolkit now provides more information about broken websites to help users identify the website and troubleshoot the problem.
Remote Management functionality was improved and updated based on the user feedback.
Clone and Copy Data operations now handle absolute paths in WordPress database. (EXTWPTOOLK-2601)
Smart Update procedure is now more patient, so it has much less chance to fail because of a timeout. (EXTWPTOOLK-2723)
Smart Update purchase button is not available to end users anymore. Only server administrators can now purchase or upgrade Smart Update license, as intended. (EXTWPTOOLK-2730)
Smart Update procedure steps now communicate better with each other, so issues encountered by one step are now immediately displayed and do not leave the next steps hanging in the dark until the timeout. (EXTWPTOOLK-2734)
Rollback of security measures that modify wp-config.php file won’t have a chance of breaking the WordPress website anymore. (EXTWPTOOLK-2824)
There was a small chance that WordPress website could be accidentally deleted due to inconsistency of WordPress Toolkit database. It would be very painful, so this chance was extinguished. (EXTWPTOOLK-2686)
Remote Management feature now checks if PHP interpreter on remote server has all required PHP extensions before trying to connect the website. (EXTWPTOOLK-2677)
Remote Management feature now displays a proper error message if SSH key contents are not valid. (EXTWPTOOLK-2729)
Customers with multiple subscriptions can now install WordPress on one of them if another subscription does not have the “Database server selection” permission enabled. (EXTWPTOOLK-1940)
If you were constantly seeing the confusing “Unable to find the task responsible for the currently running update process. Try running the update again.” message when trying to run the updates, you can breathe a sigh of relief now, as we have identified and fixed the root cause of this annoying behavior. (EXTWPTOOLK-2694)
It’s now possible to clone WordPress located in a particular directory to a directory with the same name in a new subdomain. (EXTWPTOOLK-2906)
Users should no longer see the “Something went wrong” error when trying to select a domain during the cloning. (EXTWPTOOLK-2823)
WordPress Toolkit no longer tries to activate themes installed through a set. (EXTWPTOOLK-2621)
Major WordPress autoupdates no longer fail due to timeout. (EXTWPTOOLK-2925)
Customers won’t be seeing the empty “Plugin/theme set” menu during the WordPress installation if the “Allow customers to use sets when they install WordPress” global option is turned off. (EXTWPTOOLK-2692)
Server Administrators, on the other hand, will be seeing the proper contents of the “Plugin/theme set” menu during the WordPress installation if the “Allow customers to use sets when they install WordPress” global option is turned off. (EXTWPTOOLK-2693)
Users can now clone WordPress installations located in a subdirectory to the virtual folder root of their subscription. (EXTWPTOOLK-2939)

SSL It! 1.0.0

28 May 2019

Introduced a number of options, which are now available on Websites & Domains > your domain > SSL/TLS Certificates. It is now possible to:
- Enhance the security of your website’s visitors by setting up a permanent, SEO-safe 301 redirect from the insecure HTTP to the secure HTTPS version of the website. To do so, turn on “Redirect from http to https”.
- (Plesk Obsidian) Enhance the security of webmail connections by setting up a permanent, SEO-safe 301 redirect from the insecure HTTP to the secure HTTPS webmail connections. To do so, turn on “Redirect from http to https”. The webmail protection will be then applied by default. On Plesk Obsidian for Windows, the redirect to HTTPS for webmail connections is enabled by default and no corresponding checkbox is shown in the interface.
- (Plesk Onyx for Linux, Plesk Obsidian) Protect your website’s visitors by prohibiting web browsers from accessing the website via insecure HTTP connections. To do so, make sure that your website runs on HTTPS and is secured with an SSL/TLS certificate valid during the selected time period, and then turn on HSTS.
- Ensure that each domain, subdomain, domain alias, and webmail belonging to the subscription is secured with a free valid certificate from Let’s Encrypt. To achieve this, SSL It! can reissue an existing Let’s Encrypt certificate or replace an invalid certificate (expired of self-signed) with a valid one from Let’s Encrypt. To get peace of mind by receiving this all-round protection, turn on the “Keep websites secured” option.
- Get evaluation of your SSL configuration from SSL Labs, one of the most popular testing services. Go to the “Run SSL Labs Test” link to check how good the SSL protection of your website is, receive recommendations what can be improved, and follow them to get the highest possible score, A+. By improving your website rank in SSL Labs Test, you improve your website rank in Google.
- Easily upgrade your certificate if it is about to expire or a more advanced certificate is available (OV or EV) by clicking the “Upgrade certificate” button.
- (Plesk for Linux) OCSP Stapling can now be turned on and off for websites served by nginx with Apache or solely nginx.
  
  Note: OCSP Stapling may not work for certificates from certain vendors (for example, free certificates from DigiCert) if the complete trust chain is not in place. To check if your certificate supports OCSP stapling, run the SSL Labs test of your SSL configuration by going to Websites & Domains > your domain > SSL/TLS Certificates and clicking “Run SSL Labs Test” link.
(Plesk for Linux) It is now possible to enhance the security of connections encrypted with SSL/TLS certificates (website, mail, Plesk, and so on) by choosing the configuration of TLS protocols and ciphers (generated by Mozilla), which will be used by Plesk. Not to lag behind, synchronize with the Mozilla service once every few months by clicking “Sync Now”.
The domain screen in Websites & Domains now informs about the security status of a domain by showing a text message next to the SSL It! icon. The message can be “Domain not secured”, “Webmail not secured”, and others. Try to get the “Safe and sound!” message, which means all domain’s components are secured and TLS-related options are configured.
It is now possible to customize the list of SSL/TLS certificates available for order in SSL It! via the panel.ini file. To know which panel.ini settings to edit, install the Panel.ini Editor extension and see the description column of settings under the [ext-sslit] section.
Added descriptions of new SSL It! settings to Panel.ini Editor. Plesk administrators can use these settings to customize the appearance and configuration of SSL It!. (EXTSSLIT-295)
SSL It! can now automatically renew free certificates from Symantec. (EXTSSLIT-71)
If a certificate secures a domain plus a subdomain that is an alias for the domain (alias.example.com), the certificate is now correctly automatically renewed without excluding the alias SAN. (EXTSSLIT-513)
If the Plesk database contains a corrupted certificate, SSL It! no longer fails with the 500 Internal Server Error. (EXTSSLIT-445)
The webmail client of an add-on domain is no longer changed to the client of the main domain (or even disabled if webmail was disabled for the main domain) when any of the following actions are done to the SSL/TLS certificate of the main domain: issuing, manual or automatic renewal, enabling “Keep websites secured”, or unassigning. (EXTSSLIT-173)

Let’s Encrypt 2.8.0

28 May 2019

ACMEv2 is now used by default. It makes issuing wildcard certificates also available by default with no need to additionally configure the extension to support ACMEv2.
If ACMEv2 is used, certificates that secure a domain plus webmail are now automatically renewed even if webmail is disabled for the domain.
If the Plesk database contains a corrupted certificate, the “Keep websites secured” option and the automatic renewal of certificates now work for all certificates except the corrupted one. (EXTLETSENC-681)
Access to Plesk Obsidian Preview via 443 port is now automatically secured with a free Let’s Encrypt after the Let’s Encrypt extension is installed (manually or automatically during Plesk installation). (EXTLETSENC-679)
If the Let’s Encrypt extension fails to issue or renew certificates, Let’s Encrypt challenge tokens no longer pile up and slow down the speed of backing up and restoration. The challenge tokens are now automatically deleted after a defined period of time. (EXTLETSENC-676)
The extension no longer suggests securing webmail if mail management functions are disabled in Plesk. (EXTLETSENC-674)
A corrupted certificate in the Plesk database no longer causes unclear error messages in the Let’s Encrypt interface. (EXTLETSENC-659)
Improved the error message shown when there is an attempt to issue a Let’s Encrypt certificate for a website that cannot pass HTTP challenge. (EXTLETSENC-653)
The Plesk mail server can now be secured with ECDSA certificates. (EXTLETSENC-650)
If debug logging was enabled and then the Let’s Encrypt extension was installed while SSL It! was not, excessive messages informing that SSL It! was not installed are no longer shown in logs. (EXTLETSENC-641)
ECDSA certificates no longer occasionally fail to be issued and installed. (EXTLETSENC-640)
ECDSA certificates can now be issued for IDN domains. (EXTLETSENC-636)
If a certificate secures a domain plus a subdomain that is an alias for the domain (alias.example.com), the certificate is now correctly automatically renewed without excluding the alias SAN. (EXTLETSENC-626)
The “Secure with an SSL/TLS Certificate” section is no longer shown when wildcard subdomains are created because Let’s Encrypt cannot secure them. (EXTLETSENC-612)
The “Keep websites secured” option no longer unnecessarily reissues certificates trying to secure SANs (subdomains, domain aliases, or webmail) that do not exist or cannot pass HTTP challenge. “Keep websites secured” now checks if there are available SANs that can be secured and only then issues a certificate to secure them. (EXTLETSENC-571)
A wildcard certificate issued for the main domain no longer occasionally fails to secure a subdomain of the domain. (EXTLETSENC-550)
Configured Docker Proxy Rules can no longer hinder the performance of the Let’s Encrypt extension. (EXTLETSENC-11)

DigiCert SSL 1.6.0

28 May 2019

Fixed the extension’s meta information (the vendor website, Help and Support links).
Wildcard subdomains can no longer be selected on the extension’s main page because DigiCert cannot secure them. (EXTPLESK-869)
Digicert SSL is no longer shown for wildcard subdomains. (EXTPLESK-564)
Certificate orders for domains which names start with capital letters are now shown in the extension’s interface. (EXTPLESK-800)
If debug logging was enabled, the log no longer shows excessive messages about optional extensions (for example, SSL It!) not being installed. (EXTPLESK-632)

Plesk Mobile Center 1.11

27 May 2019

Updated the Plesk Mobile Center extension to use Firebase Cloud Messaging notifications.

DigitalOcean DNS 1.1.3

22 May 2019

Sync of DNS zones between DigitalOcean DNS and Plesk no longer occasionally fails with the “SOA records are not eligible for deletion” error. (EXTPLESK-894)

Plesk Onyx 17.8.11 Update 54

21 May 2019

Disabled automatic installation of Plesk updates is now handled correctly. (PPPM-10521)

Third-Party Component Updates

Updated RoundCube to version 1.3.8.
Updated the markasjunk2 plugin to version 1.11.2.

Plesk Onyx 17.5.3 Update 73

20 May 2019

Disabled automatic installation of Plesk updates is now handled correctly. (PPPM-10520)

Plesk Onyx 17.0.17 Update 70

20 May 2019

Disabled automatic installation of Plesk updates is now handled correctly. (PPPM-10512)

WordPress Toolkit 4.0.1

8 May 2019

WordPress Toolkit now displays a correct error message when users are trying to install WordPress 5.2 or update their WordPress to version 5.2 on a domain with PHP version older than PHP 5.6. (EXTWPTOOLK-2902)

Plesk Onyx 17.8.11 Update 53

7 May 2019

Security Improvements

Third-Party Component Updates

Updated PHP 7.3 to version 7.3.5.
Updated PHP 7.2 to version 7.2.18.
Updated PHP 7.1 to version 7.1.29.

Plesk Onyx 17.5.3 Update 72

7 May 2019

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.18.
Updated PHP 7.1 to version 7.1.29.

Plesk Onyx 17.0.17 Update 69

7 May 2019

Updated PHP 7.1 to version 7.1.29.

Extensions Catalog 1.7.1

26 April 2019

Fixed compatibility issues with Plesk Onyx 17.9.
The Extensions Catalog now shows prices (in USD) even if the country field has the NULL value in the Plesk database. (EXTCATALOG-192)

Plesk Onyx 17.8.11 Update 52

25 April 2019

Scheduled backups are no longer created in the server storage instead of cloud storage. (PPPM-10448)

Plesk Onyx 17.8.11 Update 51

22 April 2019

Security improvements.
Backup Manager no longer attempts to create a scheduled backup in FTP storage if the storage was disconnected. (PPPM-9596)

Linux

Emails received from senders with long names (when the “From” field takes several lines) no longer cause a DMARC error ending up in /opt/psa/handlers/spool by mistake. (PPPM-7163)
Emails from amazon.de and husqvarnagroup.com now pass the DMARC verification and do not go to spam. (PPPM-6847)
Additional nginx directives configured in service plans are now correctly applied to subdomains belonging to subscriptions based on those service plans. (PPPM-10041)

Windows

TXT records longer than 255 characters can now be added. (PPPM-8655)
A full server backup that is not protected with a password and stored in remote storage is now restored without errors on another Plesk server. (PPPM-10389)

DigitalOcean DNS 1.1.2

16 April 2019

Sync of DNS zones between DigitalOcean DNS and Plesk no longer fails with the “name already exists” error. (EXTPLESK-832)

Plesk Onyx 17.8.11 Update 50

15 April 2019

Security improvements.
Increased the maximum length of FTP usernames to 32 characters.
If a multi-volume backup was not deleted successfully from FTP storage, the remaining volumes are no longer shown as independent backups. (PPPM-8372)

Linux

Excessive notifications regarding missed service command from KAV update are no longer sent. (PPPM-8459)
On CloudLinux 7 x64 servers, LVE now correctly applies resource limits to all user processes executed via filemng exec. (PPPM-9779)

Windows

The plesk sbin statistics.exe --calculate-one --domain-name=example.com command again calculates disk usage of a domain mailbox. (PPPM-10325)
Backing up no longer fails with the “Unable to create a backup: Element ‘permission’: This element is not expected. Expected is ( limit ).” error when a backed up database contained garbage data in the “Subscriptions”, “SubscriptionProperties”, “Limits”, or “Permissions” tables. (PPPM-8713)
After completing security or permissions checks, Plesk Reconfigurator no longer crashes with the “Plesk Onyx has stopped working” error, which is not true. (PPPM-10386)

Domain Connect 1.3.1

11 April 2019

If a domain cannot be resolved, this event is now logged as a warning in /var/log/plesk/panel.log (Plesk for Linux) and %plesk_dir%\admin\logs\php_error.log (Plesk for Windows). (EXTPLESK-619)
Domain Connect no longer suggests configuring DNS settings for a domain when the domain’s DNS hosting is configured in Plesk. (EXTPLESK-590)

Plesk Onyx 17.8.11 Update 49

8 April 2019

Third-Party Component Updates

Updated PHP 7.3 to version 7.3.4.
Updated PHP 7.2 to version 7.2.17.
Updated PHP 7.1 to version 7.1.28.

Plesk Onyx 17.5.3 Update 71

8 April 2019

Improved communication with the Plesk license server.

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.17.
Updated PHP 7.1 to version 7.1.28.

Plesk Onyx 17.0.17 Update 68

8 April 2019

Improved communication with the Plesk license server.

Third-Party Component Updates

Updated PHP 7.1 to version 7.1.28.

Plesk Onyx 17.8.11 Update 48

1 April 2019

Improved communication with the Plesk license server.

Plesk Onyx 17.8.11 Update 47

25 March 2019

If a user has two subscriptions and one of them has the “Database server selection” permission turned off, WordPress can now be installed on the second subscription without any issues. (PPPM-10235)

Linux

On Ubuntu 18, the MySQL root user is no longer removed after Plesk installation and log rotation is performed correctly. (PPPM-8915)

Windows

Domain statistics and traffic usage are now calculated even if statistics_collector.exe finishes with errors. (PPPM-10237)
Binaries and packages for Plesk updates are now again signed. (PPPM-10269)

WordPress Toolkit 4.0.0

25 March 2019

Beta version of Remote Management functionality is now available. Go to the Servers tab and add any Linux-based remote server with WordPress sites to manage them from a single place. This functionality will stay free for a limited time during the Beta stage. A notification will be shown in advance regarding the switch from the free Beta stage to the Release stage that will require a separate license. Your feedback and input regarding this feature would be highly appreciated.
Smart Update procedure became more transparent, displaying specific steps and their progress. Now at least you’ll know which steps are taking so long!
Database server info was added to the Database tab of the WordPress site card.
Various links created by WordPress Toolkit on Websites & Domains screen are now directing users to the new UI.
Users can see the physical path of WordPress sites when cloning them or copying data from one site to another.
WordPress Toolkit is now much better prepared both physically and mentally for handling users who try to clone their WordPress site to a destination where another WordPress site already exists.
Removing a subdomain in Plesk will not remove WordPress installation anymore if this subdomain’s docroot was pointing to another domain with WordPress installed. This also covers the use of wildcard subdomains. (EXTWPTOOLK-2580)
WordPress Toolkit now properly notifies users why Smart Update could not be performed in certain cases. (EXTWPTOOLK-2573)
The description of Turn off pingbacks security measure now explains what will happen if pingbacks are turned off (spoiler: they stop working). (EXTWPTOOLK-2563)
The em dash punctuation mark is now correctly displayed in plugin and theme names. (EXTWPTOOLK-1990)

Extensions Catalog 1.7.0

21 March 2019

The Extensions Catalog can now show prices of extensions in four currencies: EUR, GBP, JPY, and USD. To select a currency, add the following line with the desired currency code to the panel.ini file:
```
[extensions]
catalog.currency = EUR|USD|GBP|JPY
```
The extensions prices are now more visible: they are shown in bold on a grey background.
If a paid extension is not installed, the “Buy” button is now shown next to it. (EXTCATALOG-159)
If a custom extensions store is specified in panel.ini (instead of Plesk Online Store), the Extensions Catalog now does not show prices of extensions. (EXTCATALOG-166)
If the Extensions Catalog was updated manually, its new version is now immediately shown in the Plesk interface. (EXTCATALOG-160)

Plesk Onyx 17.8.11 Update 46

19 March 2019

The log viewer no longer shows duplicates of one-line entries. (PPPM-8511)
Full scheduled server backups can no longer be created instead of incremental server backups. (PPPM-10232)

Linux

The ImunifyAV extension is now shipped with Plesk.
Improved the error message shown if an upgrade of the Atomic Standard rule set failed. (PPPM-10238)

Third-Party Component Updates

Linux

Updated Dovecot to version 2.3.4.1

Windows

Updated BIND to version 9.12.3.

Plesk Onyx 17.5.3 Update 70

18 March 2019

Minor improvements.

Plesk Onyx 17.0.17 Update 67

18 March 2019

The “Class ‘PartnerCentral_Customizations’ not found (configure.php:213)” error no longer occurs during initial Plesk setup in the Plesk interface. (PPPM-10199)

Third-Party Component Updates

Linux

Updated PHP 7.1 to version 7.1.27.

DigitalOcean DNS 1.1.1

15 March 2019

Updated the authorization token necessary for the extension to operate correctly. If you used the extension earlier than version 1.1.1, you may face issues with existing domains activated in DigitalOcean DNS.

How do I know if my domains were affected?
- On the “Overview” tab of the extension, the domains are now marked as “Disabled” under “DigitalOcean DNS Zone”.
- On the “DigitalOcean Authorization” tab of the extension, you see the “Invalid authorization token. Unable to authenticate you” error.
How can I make my domains and extension operational again?

Please do the following:
1. Update the DigitalOcean DNS extension to version 1.1.1 (if it is not done yet).
2. On the “DigitalOcean Authorization” tab of the extension, click Authorize.
This will restore the domains and the extension to operation.

Panel.ini Editor 3.2.0

14 March 2019

Plesk administrators can now edit descriptions of the Panel.ini Editor settings:
- (Plesk 17.9 and higher) In Panel.ini Editor if they want these changes for personal use. Then the changes will be saved on the server only.
- By creating pull requests with the changes to our GitHub repository to share these descriptions with other Panel.Ini Editor users. We regularly review pull requests and approve good ones. New released versions of Panel.Ini Editor will include these approved descriptions.
Improved a number of descriptions of SSL It! settings. (EXTPLESK-695)

Plesk Onyx 17.8.11 Update 45

12 March 2019

Third-Party Component Updates

Updated PHP 7.3 to version 7.3.3.
Updated PHP 7.2 to version 7.2.16.
Updated PHP 7.1 to version 7.1.27.

Plesk Onyx 17.5.3 Update 69

12 March 2019

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.16.
Updated PHP 7.1 to version 7.1.27.

Extensions Catalog 1.6.0

7 March 2019

The Plesk Extensions Catalog now shows the price of an extension if it is paid. The price is shown:
- Next to the extension’s icon on all screens (Featured, Most Popular, New & Updated, and Categories) of the “Extensions Catalog” tab.
- On the extension’s overview page.
If the price varies (“Multiple offers” extensions), the “Extensions Catalog” tab shows the minimal price, while the extension’s overview page shows all price options.

Plesk Onyx 17.8.11 Update 44

6 March 2019

Linux

It is now possible to switch a domain’s PHP handler to a different PHP version even if nginx proxy mode or nginx itself are disabled. (PPPM-9016)

WordPress Toolkit 3.6.3

6 March 2019

Cloning procedure now works correctly if the proc_close or proc_open PHP functions are disabled. (EXTWPTOOLK-2533)
WordPress Toolkit now shows a warning before cloning that the mysqlcheck utility has detected a database error, so cloning might not work correctly. Users who have not read this warning can continue the cloning procedure. (EXTWPTOOLK-2541)
The last remnants of upsell prompts for Maintenance Mode were eradicated from the old WordPress Toolkit UI. (EXTWPTOOLK-2540)

Export lists to CSV 1.1.1

6 March 2019

Fixed compatibility issues with Plesk 17.9: the button for exporting lists to CSV is visible again and JavaScript errors were fixed. (EXTPLESK-603)

Domain Connect 1.3.0

6 March 2019

The extension now adds the nameServers key to JSON returned to a domain’s third-party service. This helps the service provider identify that Plesk is the authoritative DNS provider for the domain.

Plesk Onyx 17.8.11 Update 43

4 March 2019

Windows

An SSL/TLS certificate that secures a subdomain is no longer unassigned after restoring the subdomain from a backup. (PPPM-9681)

Third-Party Component Updates

Linux

The PageSpeed module version 1.13.35.2 is now precompiled with nginx. By default, the module is disabled.

Note: To avoid issues with nginx, do not enable PageSpeed in nginx when SELinux is in enforcing mode.
Updated nginx and OpenSSL to versions 1.14.2 and 1.0.2r respectively.

Plesk Onyx 17.0.17 Update 66

4 March 2019

Improved the rolling out of updates.

Plesk Onyx 17.5.3 Update 68

26 February 2019

Subscriptions that have IDN domain names can now be restored from server or reseller backups stored in remote storage. (PPPM-9961)
Backups to FTP storage are now created without warnings if a backed-up subscription contains a database shared between two applications. (PPPM-6075)

Plesk Onyx 17.8.11 Update 42

25 February 2019

PHP versions 5.6 and 7.0 are now marked as “outdated” in Plesk and Plesk Installer and were removed from the default set of components.
The size of a MySQL database is now calculated correctly even if the database name contains the hyphen character (-). (PPPM-8134)
Backups created before the change of the Plesk administrator GUID are now rotated. (PPPM-9456)

Linux

PostgreSQL can now be configured in Ubuntu 18.04. (PPPM-8775)

Windows

It is now possible to get the list of available webmail clients for Plesk for Windows by running the mailserver.exe CLI utility. (PPPM-10106)

WordPress Toolkit 3.6.0

21 February 2019

Cloning UI was redesigned for improved responsiveness and consistency.
The UI for copying data (a.k.a. syncing) between installations was redesigned, also for improved responsiveness and consistency. As a side-effect, the procedure formerly known as Sync was renamed to Copy Data, so users should not be confused about what exactly is going on.
Users can now clone WordPress sites to arbitrary subdirectories on target domains.
Improved the reliability of screenshot generation for WordPress installations, Part II.
WordPress Toolkit no longer leaves various useless entries in the logs.
Improved the handling of broken plugins and themes, reducing the number of esoteric error and warning messages shown to users.
The “Install” button now has the focus by default on the WordPress installation form, so hitting “Enter” after opening the form should immediately launch the installation process.
Improved the performance of WordPress installation list if it has a lot of WordPress installations.
Improved WordPress installation list for viewing on mobile devices.
WordPress Toolkit database no longer becomes inconsistent when a subscription with two or more WordPress installations is removed. (EXTWPTOOLK-2250)
Smart Update on Windows servers now checks pages other than the main page. (EXTWPTOOLK-2189)
Resellers can finally access WordPress Toolkit via the corresponding link in the left navigation panel. (EXTWPTOOLK-1472)
Users who remove all WordPress installations on the last page in the list of installations are no longer forced to look with despair at the empty screen (unless it was the only page in the list, then yeah). (EXTWPTOOLK-1750)
Select the “All Updates checkbox” on the Updates screen is no longer confused about what it should select after several updates were already applied. (EXTWPTOOLK-2175)
Toolbar buttons above the list of WordPress installations no longer lose their titles after users minimize then maximize the left navigation panel. (EXTWPTOOLK-1394)
Server Administrator can now manage the “Disable unused scripting” security measure for WordPress installations on locked subscriptions not synchronized with a Service Plan. (EXTWPTOOLK-2178)
Disable unused scripting languages security measure can now be properly applied to WordPress installations on subdomains and additional domains. (EXTWPTOOLK-2323)
The username and email for WordPress administrator are properly updated in realtime during the WordPress installation procedure if you are changing the destination domain and it has a different owner. (EXTWPTOOLK-2396)
WordPress Toolkit now properly shows the theme screenshot if it is in the .jpg format (theme screenshots are displayed if WordPress is installed on a domain that does not resolve yet). (EXTWPTOOLK-1907)
Hotlink Protection And Additional Nginx Directives: Hotlink Protection security measure no longer overrides the additional nginx directives on a domain. (EXTWPTOOLK-2305)
Hotlink Protection And Mixed Case Domains: “Hotlink Protection” security measure now properly works for domains with mixed case names. (EXTWPTOOLK-2337)
Hotlink Protection And Expire Headers: Hotlink Protection security measure no longer disables Expire headers. (EXTWPTOOLK-2321)
Update tasks should no longer disappear with cryptic Unable to find the task responsible for the currently running update process message. (EXTWPTOOLK-2231)
WordPress Toolkit now properly cleans up its database when a subdomain with WordPress installation is removed in Plesk. (EXTWPTOOLK-2454)
“Block access to potentially sensitive files” security measure no longer prevents File Sharing feature in Plesk from working. (EXTWPTOOLK-2279)
Dramatically reduced the number of false positives for “Block access to potentially sensitive files” security measure. (EXTWPTOOLK-2247)
Clone procedure now correctly detects and properly modifies certain encoded URLs in the WordPress database. (EXTWPTOOLK-1789)
Cloned WordPress installations should no longer share their cache with the source installation (we know sharing is caring, but not this time). (EXTWPTOOLK-1773)
If WordPress Toolkit cannot change the database prefix for all tables when applying the “Database table prefix” security measure, it will properly roll back the changes to prevent website from being broken. (EXTWPTOOLK-2347)
When WordPress is installed in a subdomain, WordPress Toolkit no longer offers to install it in a subdirectory by default if the main domain already has WordPress installed. (EXTWPTOOLK-2252)
WordPress can now be installed via CLI into a path containing multiple directories. (EXTWPTOOLK-2260)
The error message displayed when users try to install WordPress on a domain without an available database now looks nicer. (EXTWPTOOLK-2440)

DigitalOcean DNS 1.1.0

20 February 2019

Newly created domains are now automatically activated in DigitalOcean DNS.
In Plesk 17.9, the icons on the “DNS management” tab are now displayed correctly. (EXTPLESK-741)

Advisor 1.5.0

20 February 2019

The “Switch to Up-To-Date PHP Versions” recommendation now considers PHP versions lower than 7.1 to be outdated.
Renamed Opsani to Imunify QuickPatch.
Updated the extension’s translations.
The Advisor’s page no longer hangs if a corrupted PHP handler exists. (EXTADVISOR-669)

Plesk Onyx 17.8.11 Update 41

19 February 2019

The Plesk login pages (https://<...>:8443) are no longer indexed by crawlers.

Windows

It is now possible to set up a MySQL data folder in a custom location using Plesk (all necessary permissions and adjustments will be configured automatically according to the custom path).
Fixed the website preview on external domain names for Plesk servers behind NAT. (PPPM-8350)

Third-Party Component Updates

Windows

Updated MySQL 5.6 and 5.7 to versions 5.6.43 and 5.7.25 respectively, which include fixes for a number of security issues. We strongly recommend that you update Plesk.
Updated MySQL Connector/ODBC 5.3 to version 5.3.12.

Repair Kit 1.1.0

19 February 2019

The extension now collects disk I/O data and shows it on the process list.
Added the “Exclude root”/”Exclude SYSTEM” filter on the process list, which hides system’s power user processes.
Improved the extension’s interface by fixing a number of UI/UX issues.
Added the notification shown if Repair Kit could not fix all detected issues and they must be fixed manually. (EXTPLESK-584)
If “Auto-update of resource usage” is turned on, the selected page is now kept after the process list was refreshed. (EXTPLESK-668)

Plesk Onyx 17.0.17 Update 65

18 February 2019

Windows

The installation of Plesk updates no longer fails with the “MSI: Error! The specified account already exists.” error. (PPPM-10037)
If the Plesk data folder and the Plesk installation folder were different, upgrading from Plesk 17.0 to a later version no longer fails with the “Access is denied” error. (PPPM-10039)

Domain Traffic Monitor 1.3.1

18 February 2019

The extension no longer fails to start with the following error: “Error: Internal error: Failed connect to localhost:8651; Connection refused”. (EXTPLESK-698)

Plesk Onyx 17.8.11 Update 40

11 February 2019

An additional user, whose subscription was removed, can no longer access all other subscriptions of the customer. (PPPM-8022)

Third-Party Component Updates

Updated PHP 7.3 to version 7.3.2.
Updated PHP 7.2 to version 7.2.15.

Plesk Onyx 17.5.3 Update 67

11 February 2019

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.15.

Windows

Updated MySQL 5.5 and 5.6 to versions 5.5.62 and 5.6.43 respectively, which include fixes for a number of security issues. We strongly recommend that you update Plesk.
Updated MySQL Connector/ODBC 5.3 to version 5.3.12

WordPress Toolkit 3.5.6

11 February 2019

WordPress Toolkit compatibility with Plesk 17.9 Preview releases was improved.
The limit on WordPress sites with Smart Update in a Service Plan is now correctly applied to each subscription instead of being shared between all subscriptions on this plan. Decommunization is important, comrades. (EXTWPTOOLK-2429)

Domain Traffic Monitor 1.3.0

11 February 2019

Dropped support for Plesk 12.5.
Updated the backend Go compiler:
- Updated its version to 1.11.5.
- The Go backend is now compiled as a 64-bit executable file instead of 32-bit.
Changed to the three digit versioning scheme (x.y.z).
The status of hosts-traffic-monitor is now detected more precisely: the extension can no longer be falsely shown as running when vhosts-traffic-monitor is stopped. (EXTPLESK-720)

Amazon Route 53 2.7.2

7 February 2019

The extension now applies the TTL value of the DNS zone (instead of a default value) to all its DNS records.

Plesk Onyx 17.8.11 Update 39

5 February 2019

It is now possible to add DNS records that contain the underscore character (_). (PPPM-9014)
Subscription’s PHP settings are no longer unexpectedly reverted to default values after the PHP handler version was changed. (PPPM-9817)

Plesk Onyx 17.0.17 Update 64

5 February 2019

Third-Party Component Updates

Windows

Updated MySQL 5.5 and 5.6 to versions 5.5.62 and 5.6.43 respectively, which include fixes for a number of security issues. We strongly recommend that you update Plesk.

Note: The new MySQL version may not be shown in Plesk right after the update. In this case, go to Tools & Settings > Server Components (under “Server Management”) and click Refresh to refresh the information about installed components.
Updated MySQL Connector/ODBC 5.3 to version 5.3.12.

Plesk Onyx 17.8.11 Update 38

28 January 2019

Encrypted files can now be opened in File Editor without any issues. (PPPM-8570, PPPM-9035)

Linux

Websites using the PHP 7.3 FPM handler are currently unavailable due to issues in PHP 7.3. Untill the issues fixed, we temporarily removed PHP 7.3 from the “Recommended” set of Plesk components. We recommend that you do not choose the PHP 7.3 FPM handler for new websites and switch existing websites from PHP 7.3 FPM to other handlers. (PPPM-9957)

Windows

The plesksrv service no longer creates zombie processes, which slowed down Plesk and could crash it. (PPPM-9843)

Plesk Onyx 17.5.3 Update 66

28 January 2019

Improved the stability of Plesk error reporting. The send-error-report utility that sends runtime errors to Plesk servers now uses the new URL “feedback.pp.plesk.com” instead of the old “feedback.pp.parallels.com”, which is no longer controlled by Plesk.

Linux

Updated sw-engine to enable retrieving and updating additional licenses for non-installed components.

Third-Party Component Updates

Linux

Updated nginx to version 1.14.2, which includes a fix for a security issue that caused excessive memory consumption and CPU usage in HTTP/2.

We highly recommend that you update Plesk.

Updated Phusion Passenger to version 5.3.5, which includes a fix for a major security issue.

We highly recommend that you update Plesk.

Updated OpenSSL for nginx to version 1.0.2q.

Windows

Plesk no longer licenses ActivePython and ActivePerl from ActiveState. To avoid violating the license agreement, the Plesk administrator can now collect statistics about subscriptions with ActivePython/ActivePerl used, see Python/Perl files, and take action.

Let’s Encrypt 2.7.3

24 January 2019

The “Keep your websites secured with free SSL/TLS certificates” option no longer occasionally incorrectly prolongs an issued SSL/TLS certificate.

Linux

Increased stability of issuing ECDSA certificates.

Amazon Toolkit 1.1.1

22 January 2019

Windows

Amazon S3 Backup can now be configured after being installed from the Amazon Toolkit extension. (EXTPLESK-675)

Plesk Onyx 17.8.11 Update 37

21 January 2019

Improved the stability of Plesk error reporting. The send-error-report utility that sends runtime errors to Plesk servers now uses the new URL “feedback.pp.plesk.com” instead of the old “feedback.pp.parallels.com”, which is no longer controlled by Plesk.
Fixed the Exception: PHP Warning: Invalid argument supplied for foreach() error. (PPPM-9899)
Fixed the Exception: PHP Warning: A non-numeric value encountered error. (PPPM-9902)

Windows

Plesk no longer licenses ActivePython and ActivePerl from ActiveState. To avoid violating the license agreement, the Plesk administrator can now collect statistics about subscriptions with ActivePython/ActivePerl used, see Python/Perl files, and take action.
interface_async_executor.exe processes no longer hinder Plesk work. Now they do not hang if one of them hangs and hung processes are closed. (PPPM-8493)

Amazon Toolkit 1.1.0

21 January 2019

Added Amazon S3 Backup to the Amazon Toolkit extension.

Amazon S3 Backup 1.3.0

21 January 2019

Added the ability to configure the Amazon S3 Backup storage via the Amazon Toolkit extension.
Added the ability to resume failed uploads/downloads. (EXTPLESK-563)

Amazon Route 53 2.7.1

21 January 2019

The extension can now sync DNS zones with a large number of DNS records (more than 100). (EXTPLESK-393)

DigiCert SSL 1.5.1

18 January 2019

Internal security improvements. We highly recommend that you update the extension.

Let’s Encrypt 2.7.2

17 January 2019

Improved the “Adding Your Own Subscription” screen: the “Secure the domain with Let’s Encrypt” section is now placed correctly. (EXTLETSENC-633)

Linux

In Plesk 17.8 and later, the extension now supports issuing ECDSA certificates. To have the extension issue certificates signed with ECDSA, add the following lines to the panel.ini file:
```
[ext-letsencrypt]
key-algorithm = ECDSA
ecdsa-curve-name = prime256v1
```

Plesk Onyx 17.8.11 Update 36

14 January 2019

Third-Party Component Updates

Updated PHP 7.3 to version 7.3.1.
Updated PHP 7.2 to version 7.2.14.
Updated PHP 7.1 to version 7.1.26.
Updated PHP 5.6 to version 5.6.40.

Plesk Onyx 17.5.3 Update 65

14 January 2019

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.14.
Updated PHP 7.1 to version 7.1.26.
Updated PHP 5.6 to version 5.6.40.

Plesk Onyx 17.0.17 Update 63

14 January 2019

Third-Party Component Updates

Linux

Updated PHP 7.1 to version 7.1.26.
Updated PHP 5.6 to version 5.6.40.

WordPress Toolkit 3.5.5

10 January 2019

Improved the reliability of screenshot generation for WordPress instances.

Panel.ini Editor 3.1.0

28 December 2018

Added the “Description” column: the panel.ini settings can now have descriptions.
Made the search case-insensitive: it no longer distinguishes between uppercase and lowercase letters.

WordPress Toolkit 3.5.4

27 December 2018

Listing WordPress instances via the CLI now works even if there are inconsistencies in the WordPress Toolkit database. (EXTWPTOOLK-2275)
Plugin-related PHP warnings no longer prevent WordPress instances from smooth update to version 5.0 on PHP 7.3. (EXTWPTOOLK-2232)
WordPress can now be installed for those customers who for some mind-boggling reason have no email address specified in Plesk. (EXTWPTOOLK-2274)
WordPress Toolkit can now be updated correctly even if there are inconsistencies in its own database. (EXTWPTOOLK-2251)

Git 1.1.1

27 December 2018

.local TLD can now be specified in the remote repository URL. (EXTGIT-75)
Improved the “Adding Your Own Subscription” screen: selection of a service plan was moved from the Git extension section to the Subscription one. (EXTGIT-73)
If Italian was set as the administrator’s interface language, Git repositories can now be removed via the interface without any issues. (EXTGIT-65)
If the actions node is empty, XML API calls to Git repositories are now executed without PHP notices and warnings. (EXTGIT-48)

Domain Connect 1.1.3

27 December 2018

Updated the templates.

Plesk Onyx 17.0.17 Update 62

26 December 2018

Third-Party Component Updates

Updated phpMyAdmin to version 4.8.4, which includes fixes for multiple security issues. We highly recommend that you update Plesk. However, note that phpMyAdmin 4.8.4 cannot execute stored procedures.

Extensions Catalog 1.5.0

20 December 2018

Users can now hide the promoted extensions and have only installed extensions shown in quick access to extensions by adding the following lines to the panel.ini file:
```
[ext-catalog]
quickAccessContextAds = false
```
Users can now hide quick access to extensions by adding the following lines to the panel.ini file:
```
[ext-catalog]
quickAccess = false
```
If an extension shown in both the “Most Popular” and “New & Updated” categories was installed, it will no longer disappear from the “Most Popular” category. (EXTCATALOG-96)
If Extensions Catalog is expired, quick access to extensions is now shown correctly not cutting off the list of installed extensions. (EXTCATALOG-66)

Plesk Onyx 17.8.11 Update 35

17 December 2018

Plesk was switched to its own APS catalog that contains only the most popular, important, and latest applications.

Third-Party Component Updates

PHP 7.3 is now shipped with Plesk.
Updated phpMyAdmin to version 4.8.4, which includes fixes for multiple security issues. We highly recommend that you update Plesk. However, note that phpMyAdmin 4.8.4 cannot execute stored procedures.

Plesk Onyx 17.5.3 Update 64

17 December 2018

Third-Party Component Updates

Updated phpMyAdmin to version 4.8.4, which includes fixes for multiple security issues. We highly recommend that you update Plesk. However, note that phpMyAdmin 4.8.4 cannot execute stored procedures.

Plesk Onyx 17.0.17 Update 61

17 December 2018

Security improvements.

Third-Party Component Updates

Linux

Updated PHP 7.2 to version 7.2.13.
Updated PHP 7.1 to version 7.1.25.
Updated PHP 7.0 to version 7.0.33.
Updated PHP 5.6 to version 5.6.39.

WordPress Toolkit 3.5.3

11 December 2018

WordPress Toolkit notifications now display proper information again instead of existential emptiness. (EXTWPTOOLK-2220)
Certain security measures no longer add incorrect directives to the Apache config file if the target WordPress instance contains a space in its path. (EXTWPTOOLK-2210)
WordPress Toolkit does not stealthily install WordPress in a subdirectory anymore if the target domain already has an /index.php file. (EXTWPTOOLK-2208)
WordPress installation screen no longer takes an obscene amount of time to load if there are a lot of domains on the server. (EXTWPTOOLK-2196)

Plesk Onyx 17.8.11 Update 34

10 December 2018

Security improvements.

Linux

Incoming email messages that fail to pass DMARC authentication are no longer indefinitely stored in the /opt/psa/handlers/spool/ directory. (PPPM-7166)

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.13.
Updated PHP 7.1 to version 7.1.25.
Updated PHP 7.0 to version 7.0.33.
Updated PHP 5.6 to version 5.6.39.

Linux

Updated nginx to version 1.14.1.

Plesk Onyx 17.5.3 Update 63

10 December 2018

Security improvements.

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.13.
Updated PHP 7.1 to version 7.1.25.
Updated PHP 7.0 to version 7.0.33.
Updated PHP 5.6 to version 5.6.39.

Advisor 1.4.1

6 December 2018

Renamed Revisium Antivirus for Websites to ImunifyAV.
Advisor no longer needlessly reloads the page when opening the list of recommendations for WordPress Toolkit. (EXTADVISOR-628)

WordPress Toolkit 3.5.2

5 December 2018

WordPress Toolkit now works properly when Alt-PHP is used as a PHP handler. (EXTWPTOOLK-2192)

Plesk Onyx 17.8.11 Update 33

3 December 2018

Added support for extensions with multiple licenses.
Plesk backups can now be restored if DUMP_TMP_D and /usr/local/psa/ are located on different drives. (PPPM-9517)

Linux

Customizing a subscription no longer reverts the changes to its PHP settings made via the CLI. (PPPM-7784)

Windows

Clicking “Tools & Settings” > “Summary Report” > “Report Layouts” no longer results in a 500 server error. (PPPM-9662)

WordPress Toolkit 3.5.1

3 December 2018

WordPress sites running in a shared application pool on Windows servers no longer become broken after certain new security measures are applied. (EXTWPTOOLK-2191)

WordPress Toolkit 3.5.0

29 November 2018

A big bunch of new security measures was added to ramp up the security of WordPress instances. The measures are not applied automatically, so all users are shown a notification in UI that prompts them to check and apply the new measures. It’s now possible to:
- Enable hotlink protection
- Disable unused scripting languages
- Disable file editing in WordPress dashboard
- Enable bot protection
- Block access to sensitive and potentially sensitive files
- Block access to .htaccess and .htpasswd
- Block author scans
- Disable PHP executing in various cache folders
WordPress installation experience was updated to unify the UI, so there are no “quick” and “custom” options anymore. WordPress Toolkit now always displays the installation form with all data prefilled, which allows users to make an informed choice: confirm the defaults to install WordPress quickly, or take your time and change the options you want.
All users can now choose domains from any accessible subscription when installing WordPress. In practical terms this means that you can now install WordPress anytime you click WordPress in the left navigation panel, even if you’re a reseller or server administrator.
WordPress Toolkit CLI for installing WordPress instances was updated to include management of automatic update settings. Specifically, the following options were added: -auto-updates, -plugins-auto-updates, and -themes-auto-updates.
For those who don’t want to use Gutenberg yet after WordPress 5.0 is released, we have added a “WordPress Classic” set that includes “Classic Editor” plugin.
WordPress Toolkit cache can now be cleared with a special CLI command: plesk ext wp-toolkit --clear-wpt-cache. This might be useful for handling issues with invalid WordPress Toolkit cache data like corrupted WordPress distributive or broken lists of languages and versions.
The yellow “Warning” security status was changed to greenish “OK” to avoid scaring innocent users, since it’s actually OK to not have every single security measure applied.
Security measures “Security of wp-content” and “Security of wp-includes” were unnecessarily restrictive, so they were forced to relax their grip somewhat.
WordPress Toolkit no longer hangs during the execution of routine daily maintenance tasks when it encounters WordPress instances infected by malware or otherwise operationally challenged. (EXTWPTOOLK-1524)
Error and warning messages do not display IDN domain names in punycode anymore. (EXTWPTOOLK-1769)
Resellers and Customers without security management and auto-updates management permissions can no longer manage security and automatic updates. (EXTWPTOOLK-2047)
WordPress instances no longer become invisible after their installation or cloning process has failed at the very end for some weird reason. (EXTWPTOOLK-1844)
When users were deleting WordPress instances, WordPress Toolkit was displaying an ambiguous confirmation message, insinuating that WordPress instances will be simply removed from the Toolkit (not deleted). The ambiguity of the message was reduced by several degrees of ambiguousness, so users should now have a very clear idea of what will actually happen. (EXTWPTOOLK-2075)
“Invalid URL was requested” error is no longer displayed when plugins or themes are activated in the dialog opened directly from the subscription screen. (EXTWPTOOLK-2096)
WordPress Toolkit no longer refreshes the update cache for detached instances. (EXTWPTOOLK-2049)
If users are trying to set up Admin credentials for a WordPress instance that does not have any Admin users, WordPress Toolkit does not spectacularly fall on its face anymore, displaying proper error message instead. (EXTWPTOOLK-1826)
The installation process of WordPress instances is not confused about its own success status anymore if it encounters a file owned by root in the installation directory. (EXTWPTOOLK-2091)
When WordPress Toolkit encounters a file owned by root during the security status check, it will no longer scare users with a message about the inability to apply a security measure. When the Toolkit finds such a file during the application of security measures, it displays a proper error message now. (EXTWPTOOLK-1875)
Interface translations no longer display HTML entities in places where they’re not supposed to be. (EXTWPTOOLK-2073)
Removal of multiple instances does not fail anymore if one of the removed instances is broken. (EXTWPTOOLK-1771)
WordPress Toolkit now properly falls back to the “Install WordPress service plan” option if the “Install WordPress with a set” service plan option was previously selected and this set was removed from the server. (EXTWPTOOLK-1931)
Smart Update does not enthusiastically notify users about successful updates via notification email anymore if Smart Update was in fact not performed correctly. (EXTWPTOOLK-1760)
Security status checks became too complacent and stopped working on a routine daily basis. This disgusting behavior was addressed, and users will now be duly notified whenever there’s a problem with previously applied security measures. (EXTWPTOOLK-1794)
Update settings are no longer changed for all WordPress instances selected in the instance list when some of these instances are subsequently filtered out on the Updates screen. (EXTWPTOOLK-2101)
Smart Update notification emails are now security conscious, providing HTTPS links to Plesk instead of HTTP. (EXTWPTOOLK-1758)
Cloning procedure now displays proper error message when somebody without the “Subdomain management” permission tries to clone their stuff. (EXTWPTOOLK-1866)
Failed automatic updates are now properly included in the notification digest. (EXTWPTOOLK-1761)
WordPress Toolkit has improved its defense against WordPress instances with malformed UTF-8 strings in their settings. Such instances will no longer cause WordPress Toolkit to display a blank screen instead of instance list. (EXTWPTOOLK-1935)
Users of Russian translation can now see when was the last time WordPress Toolkit checked an instance for updates. (EXTWPTOOLK-1821)
Speaking of text messages related to updates, a proper error message is now displayed whenever there’s a problem with a missing update task. (EXTWPTOOLK-1929)
WordPress instances that store authentication unique keys and salts in a separate file are no longer considered broken by WordPress Toolkit. (EXTWPTOOLK-2111)
“Set Contents” pop-up on the WordPress installation screen is now censored out when users open it for a selected set and then switch the set to “None”. (EXTWPTOOLK-1984)
Maintenance mode no longer displays the countdown on a preview screen if the countdown isn’t turned on. Internal debates still rage over whether the Toolkit should play The Final Countdown when it’s on, but that’s a different story. (EXTWPTOOLK-1845)
Users will now see a proper error message when they are trying to install WordPress in the same directory where important files like web.config were left behind by another WordPress installation. (EXTWPTOOLK-2082)
WordPress Toolkit now helpfully selects critical security measures not yet applied on the instance when the security scan is ran the first time. (EXTWPTOOLK-2002)
Text visibility on the Maintenance mode screen was improved to reduce the eye strain of the website visitors around the world. (EXTWPTOOLK-2086)
Certain placeholder messages were properly localized in the old UI. (EXTWPTOOLK-2021)
WordPress Toolkit no longer updates the “options” database table of detached WordPress instances when their domain name is changed in Plesk. (EXTWPTOOLK-2074)
Maintenance mode can now be properly configured if it was never enabled before. (EXTWPTOOLK-2087)
German translation was updated so that all messages display proper data instead of placeholders. (EXTWPTOOLK-1579)
“Administrator’s username” security measure is not displayed anymore for existing multisite instances, where it doesn’t work anyway due to circumstances beyond our control. (EXTWPTOOLK-2106)
Trying to remove plugins or themes in WordPress Toolkit when they were already removed via other means will now display a proper error message instead of a placeholder. (EXTWPTOOLK-1855)
Set names are finally restricted to 255 characters, so no more War And Peace on your Sets screen, sorry. (EXTWPTOOLK-1697)
Maintenance mode screen now properly displays default texts instead of “undefined”. (EXTWPTOOLK-2113)
Security Status screen can no longer be summoned by users without the corresponding security management permission for a particular instance. Such instances will also no longer be visible on the Security Status screen for multiple instances. (EXTWPTOOLK-1560)
WordPress Toolkit will display a proper message when one user is trying to secure an instance while another user has already deleted it. (EXTWPTOOLK-1515)
Redundant requests to wordpress.org on the Plugins and Themes management screens were optimized away. (EXTWPTOOLK-1876)
The “Select All Updates” checkbox on the Update screen is no longer accessible when users review the intermediate results of the Smart Update procedure. (EXTWPTOOLK-1801)
The dollar sign displayed on the “Sets” tab when you don’t have the full version of WordPress Toolkit is no longer clickable. (EXTWPTOOLK-1822)
WordPress Toolkit now displays somewhat different result messages when users remove or detach several WordPress instances as opposed to a single one. (EXTWPTOOLK-1755)
Extremely long WordPress site titles no longer venture outside of the WordPress Toolkit UI. (EXTWPTOOLK-1958)

SSL It! 0.9.0

29 November 2018

Initial release.

Let’s Encrypt 2.7.1

29 November 2018

Added integration with the SSL It! extension.
Updated the list of trusted root certificates with those from Mozilla CA bundle.
Updated the information about the limit of certificates that can be issued per a registered domain, per a week. Now the messages show the limit of 50 certificates.

DigiCert SSL 1.5.0

29 November 2018

Added integration with the SSL It! extension.
Paid certificates can now be again ordered via the extension. (EXTPLESK-461)

Docker 1.4.1

27 November 2018

Linux

Cleaned up the error log.

Plesk Onyx 17.8.11 Update 32

26 November 2018

Incremental multivolume backups can now be again restored. (PPPM-9541)
The event handler triggered by the “Domain updated” and “Subdomain updated” events now calls the event only once. (PPPM-9594)
Installation of extensions no longer causes sw-engine scripts and CLI utilities to hang. (PPPM-8929)

Linux

The clear error message is now shown when backup process fails because the backup upload to FTP storage was interrupted. (PPPM-9598)
Fixed the website preview on external domain names for Plesk servers behind NAT. (PPPM-8350)
On CentOS7, users are now protected from starting named.service by mistake, which breaks DNS configuration. The service named start|restart commands do not now start named.service, and the service named status command logs the warning to use named-chroot.service instead. (PPM-2134)

Domain Connect 1.1.2.

22 November 2018

Improved performance with a large number of domains.
Translated the extension and its description into several new languages.
Updated the Domain Connect logo.
Improved the loading speed of the extension’s screens. (EXTPLESK-466)

Plesk Onyx 17.8.11 Update 31

19 November 2018

Fixed the issue with empty display of APS catalog when libcurl 7.61 or later is installed on the server. (PPPM-9619)
The webmail client of an addon domain is no longer changed to the client of the main domain when an SSL/TLS certificate is issued for the main domain. (EXTLETSENC-603)

Plesk Onyx 17.5.3 Update 62

19 November 2018

Fixed the issue with empty display of APS catalog when libcurl 7.61 or later is installed on the server. (PPPM-9619)

Extensions Catalog 1.4.0

15 November 2018

An extension from the “Feature Packs” category is no longer shown in the banner if the extension’s license was bought and installed.
A domain name used as a custom URL for Extensions Catalog can now be longer than 55 characters. (EXTCATALOG-72)
Users are no longer redirected to the “My Extensions” tab and stay on an extension’s page when another extension was removed. (EXTCATALOG-71)
If errors occurred during removing extensions, the error message now shows the extension name instead of the %%name%% placeholder. (EXTCATALOG-52)
Links contained in the description of extensions are now opened in new tabs. (EXTCATALOG-46)
We have translated the “Show less/more” and “Learn more” lines for a number of localized extensions, and plan to do it for other localized extensions in the future. (EXTCATALOG-41)
Blacklisted extensions are no longer shown on the “My Extensions” tab. (EXTCATALOG-14)

Plesk Onyx 17.8.11 Update 30

12 November 2018

Updated PHP 7.2 to version 7.2.12 for customers’ websites.
Updated PHP 7.1 to version 7.1.24 for customers’ websites.

Plesk Onyx 17.5.3 Update 61

12 November 2018

Updated PHP 7.2 to version 7.2.12 for customers’ websites.
Updated PHP 7.1 to version 7.1.24 for customers’ websites.

Plesk Onyx 17.0.17 Update 60

12 November 2018

Linux

Updated PHP 7.1 to version 7.1.24 for customers’ websites.

Repair Kit 1.0.0

12 November 2018

Initial release.

Plesk Onyx 17.8.11 Update 29

6 November 2018

Linux

Updated Phusion Passenger to version 5.3.5, which includes a fix for a major security issue.

We highly recommend that you update Plesk.

Let’s Encrypt 2.7.0

31 October 2018

Expired wildcard certificates can now be renewed automatically.
Resolved a number of compatibility issues with Plesk Onyx 17.9.
Email addresses used for issuing certificates are now included in Plesk backups. (EXTLETSENC-570)

Plesk Onyx 17.8.11 Update 28

29 October 2018

Checked and updated the links to Knowledge Base articles found in Plesk.

Linux

Enabling server-wide log rotation now results in old log files being removed. (PPPM-8868)

Windows

Plesk installed on an Amazon AWS M5 instance now correctly accepts the VPS license. (PPPM-8348)

Plesk Onyx 17.5.3 Update 60

29 October 2018

Plesk administrators can now make log rotation mandatory for all hosted domains by enabling the “Force daily log rotation for all domains” option in “Tools & Settings” > “Server Settings”, and also via CLI and API. In addition, Backup Manager logs are now rotated in accordance with the global log rotation policy.

Linux

The “Domains” page no longer loads much slower on Plesk servers running MariaDB instead of MySQL when hosting a large number of domains. (PPPM-9383).

Plesk Onyx 17.0.17 Update 59

29 October 2018

Third-Party Component Updates

Updated PHP 7.1 to version 7.1.23.

WordPress Toolkit 3.4.2

24 October 2018

Improved integration with the Advisor extension.

Advisor 1.4.0

24 October 2018

Added the recommendation to use up-to-date WordPress and WordPress plugins.
Added the recommendation to use the Google PageSpeed Insights Pro extension.
Added the recommendation to use the Speed Kit extension.
Added the recommendation to use the Revisium Antivirus extension.
Renamed Symantec to DigiCert.
On Debian 9 and Ubuntu 18, Advisor recommends using the OWASP ModSecurity rule set.
The recommendation “Secure WordPress Websites” is no longer placed lower if WordPress Toolkit is not installed. (EXTADVISOR-540)
Scrolling the “Apply Multiple Recommendations” window no longer changes which checkboxes were selected. (EXTADVISOR-539)
Applying the recommendation “Secure Websites With SSL/TLS Certificates” no longer adds PHP notices to the Plesk log. (EXTADVISOR-538)
The Advisor icon is no longer shown for no-hosting domains. (EXTADVISOR-520)
Applying the recommendation “Configure Scheduled Backups” now activates backups scheduling with configured backup rotation. (EXTADVISOR-512)
Blacklisted recommendations will no longer be applied when applying recommendations via CLI. (EXTADVISOR-424)
On Linux servers, the recommendations “Enable HTTP/2” and “Secure Websites With SSL/TLS Certificates” can now be applied at once. (EXTADVISOR-440)

Plesk Onyx 17.8.11 Update 27

22 October 2018

Plesk administrators can now make log rotation mandatory for all hosted domains by enabling the “Force daily log rotation for all domains” option in “Tools & Settings” > “Server Settings”, and also via CLI and API. In addition, Backup Manager logs are now rotated in accordance with the global log rotation policy.
SSL/TLS certificates for subdomains are now correctly stored in the parent domain’s repository in Plesk. (PPPM-6085)
Plesk no longer stops users from creating “configuration only” backups if there is not enough free disk space on the server to create a full backup. (PPPM-8127)
It is now possible to remove MX DNS records using the plesk bin dns CLI utility. (PPPM-9499)

Windows

The plesk repair --repair-webspace-security -webspace-name example.com command now repairs permissions on the httpdocs folder. (PPPM-8899)

Docker 1.4.0

18 October 2018

Updated Docker Engine to version 18.
Proxy rules set up for a subdomain of an addon domain are now removed if the subdomain was removed. (EXTDOCKER-34)
Added links to port numbers of containers. (EXTDOCKER-29)

Linux

The extension now supports Ubuntu 18.
It is no longer possible to set up identical proxy rules for different containers or set up a proxy rule that matches one already configured for a given URL. (EXTDOCKER-46)
Names of environment variables can now contain lowercase letters. (EXTDOCKER-23)

Windows

A Docker image can now be run even if the image name contains the slash character (“/”). (EXTDOCKER-16)

Plesk Onyx 17.8.11 Update 26

15 October 2018

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.11.
Updated PHP 7.1 to version 7.1.23.

Plesk Onyx 17.5.3 Update 59

15 October 2018

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.11.
Updated PHP 7.1 to version 7.1.23.

Plesk Onyx 17.0.17 Update 58

15 October 2018

Third-Party Component Updates

Linux

Updated PHP 7.1 to version 7.1.23.

Plesk Onyx 17.8.11 Update 25

8 October 2018

The SEO Toolkit extension is now installed by default with Plesk.

Linux

IP addresses can now be changed via Plesk Reconfigurator even if PTR records for domains exist. (PPPM-8539)

Plesk Onyx 17.5.3 Update 58

8 October 2018

As a part of GDPR compliance changes: added the ability to set the email of the administrator responsible for a DNS zone to “SOA Records Template”.
Restoring a full server backup no longer results in warnings if specific configuration lines were added to the [php] section of the panel.ini
file prior to the creation of the backup. (PPPM-8339)
Joomla! instances on subscriptions with PHP 7.0.x can now be updated. (PPPM-9297)

Linux

As a part of GDPR compliance changes: improved IP address anonymization, which now works for AWStats and Webalizer.
As a part of GDPR compliance changes: removed the ServerAdmin directive from Apache configuration. To remove the ServerAdmin directive from the configuration files of existing domains, run the plesk sbin httpdmng --reconfigure-all command.
IP addresses anonymization is now performed when daily maintenance task is executed. (PPPM-9418)

Plesk Onyx 17.0.17 Update 57

8 October 2018

Improved error reporting during upgrade to the latest Plesk version.

Plesk Onyx 17.8.11 Update 24

1 October 2018

Added the ability to append the coupon parameter to the URL in the buyUrlCoupon parameter in the panel.ini file. This parameter is used by the Share & Earn program which gives our partners the ability to offer discounts on certain extensions and receive affiliate revenue from the sales of those extensions.
Backups created by customers and resellers whose names contain the slash character (“/”) now can be created and stored in an FTP storage. (PPPM-8953)
The OK button now works on the “Define IP Addresses Mapping” screen if Plesk is opened in Internet Explorer 11. (PPPM-8997)
Joomla! instances on subscriptions with PHP 7.0.x can now be updated. (PPPM-9320)
File system check in Plesk Repair Kit no longer shows excessive “info” lines if issues were detected. (PPPM-9329)

Linux

On Debian 9 and Ubuntu 18, the OWASP ModSecurity rule set is now selected by default. The Atomic ModSecurity rule sets (both free and paid) are not shown any more because they are not supported by these operating systems.
The plesk repair fs utility now fixes files and directories owned by the Apache system user as a part of incorrect ownership on some items in the WWW root directory. (PPPM-9324)
The plesk repair fs command can now be used again with the corresponding options. (PPPM-8421)
When restoring a subscription with scheduled tasks from a backup, users no longer see the warning “usr/bin/bash: Cannot open: File exists”. (PPPM-9283)
If certain time zones were chosen on a server (for example, “Asia/Seoul (UTC, +09.00)”), the time zone in domain’s Scheduled Tasks is now changed respectively. (PPPM-9284)
Calling the mchk utility no longer disables the usage of short mail account names in Postfix. (PPPM-9286)
Supscriptions’ owners can no longer see the Postfix mail queue. (PPPM-8716)

Windows

Plesk is now initialized correctly. (PPPM-9168)
The plesk version command now also shows Windows 2016 next to the “Build target” line. (PPPM-9155)

WordPress Toolkit 3.4.1

27 September 2018

The algorithm used for retrieving the list of plugins and themes was optimized to reduce the load on wordpress.org.
You can now apply the “Permissions for files and directories” security measure to multiple WordPress instances at a time. (EXTWPTOOLK-1847)
Plugins are now automatically activated after being installed. (EXTWPTOOLK-1851)
On Plesk Multi Server, WordPress Toolkit no longer shows a message prompting to upgrade to Plesk 17.8. (EXTWPTOOLK-1858)

Plesk Onyx 17.8.11 Update 23

26 September 2018

Windows

Clicking Tools & Settings > DNS Template no longer results in an error. (PPPM-9355)

Plesk Onyx 17.8.11 Update 22

24 September 2018

As a part of GDPR compliance changes: added the ability to set the email of the administrator responsible for a DNS zone to “SOA Records Template”.
Scheduled backups configured to be stored on both the server and Google Drive are now rotated on the server. (PPPM-9237)
Restoring a full server backup no longer results in warnings if specific configuration lines were added to the [php] section of the panel.ini file prior to the creation of the backup. (PPPM-9254)

Linux

Added support for managing IP addresses via Netplan.
When specifically named mail folders are used, switching from Courier IMAP to Dovecot no longer leads to server crash. (PPPM-8863)
On Ubuntu 18, opening databases via the phpMyAdmin no longer results in an error. (PPPM-9281)
Backups created with the “Do not compress backup files” option enabled and containing empty tar archives are no longer restored with a warning. (PPPM-6357)

Third-Party Component Updates

Updated phpMyAdmin 4.8 to version 4.8.3.

Plesk Onyx 17.0.17 Update 56

18 September 2018

Third-Party Component Updates

Windows

Updated PHP 7.1 used for customers’ websites to version 7.1.22.
Updated PHP 7.0 used for customers’ websites to version 7.0.32.
Updated PHP 5.6 used for customers’ websites to version 5.6.38.

Plesk Onyx 17.8.11 Update 21

17 September 2018

Third-Party Component Updates

Updated PHP 7.2 used for customers’ websites to version 7.2.10.
Updated PHP 7.1 used for customers’ websites to version 7.1.22.
Updated PHP 7.0 used for customers’ websites to version 7.0.32.
Updated PHP 5.6 used for customers’ websites to version 5.6.38.

Plesk Onyx 17.5.3 Update 57

17 September 2018

Third-Party Component Updates

Updated PHP 7.2 used for customers’ websites to version 7.2.10.
Updated PHP 7.1 used for customers’ websites to version 7.1.22.
Updated PHP 7.0 used for customers’ websites to version 7.0.32.
Updated PHP 5.6 used for customers’ websites to version 5.6.38.

Cloud Images Updates

12 September 2018

Updated Plesk images bundled with Google Cloud. Now they are based on Plesk 17.8.11 Update 19.

Plesk Onyx 17.8.11 Update 20

10 September 2018

Linux

As a part of GDPR compliance changes: improved IP address anonymization, which now works for AWStats and Webalizer.

Plesk Onyx 17.5.3 Update 56

10 September 2018

Linux

Users can now manage a large number of IPv6 addresses (more than 600) via Plesk. (PPPM-8260)

Cloud Images Updates

10 September 2018

Rebuilt images of Plesk WordPress and Business & Collaboration Editions (former Plesk WordPress Server and Business Server respectively) bundled with Amazon EC2 and Microsoft Azure. Now these images are based on Plesk 17.8.11 Update 14, which contains the latest security improvements, and have an updated set of extensions and components.

Plesk Onyx 17.8.11 Update 19

3 September 2018

Added the ability to append the coupon parameter to the URL in the buyUrlCoupon parameter in the panel.ini file. This parameter is used by the Share & Earn program which gives our partners the ability to offer discounts on certain extensions and receive affiliate revenue from the sales of those extensions.
The Domain Connect extension is now installed by default with Plesk.

Linux

Added support for MariaDB version 10.2.
As a part of GDPR compliance changes: removed the ServerAdmin directive from Apache configuration. To remove the ServerAdmin directive from the configuration files of existing domains, run the plesk sbin httpdmng --reconfigure-all command.

WordPress Toolkit 3.4.0

30 August 2018

New CLI commands are now available! You can manage your plugin & theme sets, install them, and upload or remove custom plugins and themes – all through command line. Run plesk ext wp-toolkit --help to learn more about sets, plugins, and themes commands.
Security-related screens were redesigned to make them more convenient and usable. In particular, users can now apply any selection of security measures to a number of instances.
It’s now possible to roll back several applied security measures on multiple Plesk instances at once (not that we recommend to do it).
Users can detach or remove multiple WordPress instances from WordPress Toolkit.
Server administrators using Plesk versions earlier than Plesk Onyx 17.8 will see a gentle reminder that upgrading their Plesk to version 17.8 or later will give them access to a wonderful world of great new WordPress Toolkit features wrapped in a brand new UI.
Users can now clearly see when a new website screenshot is being made. Spoilers: the screenshot part of an instance card is temporarily greyed out.
When you clone WordPress instances, Search Engine Indexing is now turned off for the clones by default. Server Administrators can change this behavior on the Global Settings tab.
Screenshots for cloned instances are immediately visible right after the cloning (no more playing hide-and-seek).
When users synchronize data between WordPress instances, Files And Databases option is now selected by default, as opposed to Files Only option.
Updates screen for a single WordPress instance now has a magical checkbox that selects or clears all items from WordPress Core, Plugins, and Themes groups.
Users can now install WordPress instances in subfolders and on additional domains or subdomains even if wp-config.php file is present in the parent domain or folder. (EXTWPTOOLK-1765)
As a corollary of the bugfix mentioned above, users can now clone WordPress instances to additional domains or subdomains even if wp-config.php file is present on the parent domain. (EXTWPTOOLK-1766)
It’s now possible to install WordPress into an already existing empty folder. (EXTWPTOOLK-1155)
Uninstall confirmation dialog in the old UI now has proper text instead of internal localization string. (EXTWPTOOLK-1720)
WordPress Toolkit no longer redirects users to the first page of the instance list after they have closed the security check screen of an instance located on a different page. (EXTWPTOOLK-1737)
Custom plugins no longer ignore the Activate after installation option, especially if it’s not selected. (EXTWPTOOLK-1724)
WordPress instances with broken database connections can now be found by WordPress Toolkit. Hint: if you fix the database connection, you can manage them in the WordPress Toolkit. (EXTWPTOOLK-1754)
Smart Updates now work with IDN domains. (EXTWPTOOLK-1719)
Options on Update Settings page will not jump around anymore if you change them before checking for updates has been finished. Note: no options were harmed during the fixing of this bug. (EXTWPTOOLK-1681)
WordPress Toolkit displays proper error message if one of the instances found during the instance scan is broken. (EXTWPTOOLK-1768)
CLI command responsible for installing WordPress now adequately explains what’s wrong with provided administrator username if there’s anything wrong with it. (EXTWPTOOLK-1609)
WordPress Toolkit no longer executes files of WordPress instances on suspended and disabled domains as a part of its scheduled task. (EXTWPTOOLK-1678)
Custom themes are now properly activated if Activate after installation option is enabled. (EXTWPTOOLK-1717)
Tooltip is now available for the green icons which indicate that there are no updates on the Updates screen shown for multiple instances. (EXTWPTOOLK-1680)
wp-config.php is now removed properly when users remove WordPress instances initially installed as APS packages. (EXTWPTOOLK-1677)
Smart Update now displays proper error message if it cannot work due to SSL-related problems on the website. (EXTWPTOOLK-1594)
Security checker Permissions for files and directories now should display proper error message if it couldn’t do what it had to do. (EXTWPTOOLK-1746)
Scan operation does not refuse to continue working anymore when it encounters a broken instance. (EXTWPTOOLK-1631)

Site Import 1.4.0

30 August 2018

Added post-migration checks to Site Import.
Mail Import now automatically detects IMAP hostname.
Made progress reporting of adding an email address to Mail Import more detailed.
Improved detection of SSL protocol to communicate between the source and target servers. (PMT-4528)
Email messages flags are now preserved when importing mail to the MailEnable Enterprise/Premium server. (PMT-4449)
Re-sync no longer fails during SSL certificate verification in Mail Import. (PMT-4491)
If an invalid or improperly formatted custom destination path is specified during migration, Site Import will now automatically correct it. (PMT-3937)

Plesk Migrator 2.17.1

30 August 2018

Improved detection of SSL protocol to communicate between the source and target servers. (PMT-4528)
Email messages flags are now preserved when importing mail to the MailEnable Enterprise/Premium server. (PMT-4449)
Improved processing of IP addresses in DNS zones. (PMT-4461)

Plesk Onyx 17.8.11 Update 18

27 August 2018

Backups created with the “The dump has wrong format” error are no longer removed thereafter. (PPPM-9062)
From the Plesk Welcome screen, removed the pop-up message prompting the Plesk administrator to activate the trial license. (PPPM-8903)

Plesk Onyx 17.8.11 Update 17

21 August 2018

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.9 for customers’ websites.
Updated PHP 7.1 to version 7.1.21 for customers’ websites.

Plesk Onyx 17.5.3 Update 55

21 August 2018

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.9 for customers’ websites.
Updated PHP 7.1 to version 7.1.21 for customers’ websites.

Plesk Onyx 17.0.17 Update 55

21 August 2018

Third-Party Component Updates

Linux

Updated PHP 7.1 to version 7.1.21 for customers’ websites.

Plesk Onyx 17.8.11 Update 16

30 July 2018

Removing the “Backup and restoration of subscription data using the server storage” permission from a customer’s subscription no longer prevents them from creating and storing backups in remote storage. (PPPM-8700)

Linux

PHP support can no longer be enabled for domains for which no PHP handlers are available. (PPPM-6171)

WordPress Toolkit 3.3.1

25 July 2018

Plugins and themes from the selected set are now properly installed during the provisioning of a subscription with automatic installation of WordPress. (EXTWPTOOLK-1664)

Plesk Onyx 17.8.11 Update 15

23 July 2018

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.8.
Updated PHP 7.1 to version 7.1.20.
Updated PHP 7.0 to version 7.0.31.
Updated PHP 5.6 to version 5.6.37.

Plesk Onyx 17.5.3 Update 54

23 July 2018

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.8.
Updated PHP 7.1 to version 7.1.20.
Updated PHP 7.0 to version 7.0.31.
Updated PHP 5.6 to version 5.6.37.

Plesk Onyx 17.0.17 Update 54

23 July 2018

Third-Party Component Updates

Updated PHP 7.1 to version 7.1.20.
Updated PHP 7.0 to version 7.0.31.
Updated PHP 5.6 to version 5.6.37.

Amazon Route 53 2.7.0

20 July 2018

Translated the extension and its description into several new languages.
Changed to the three digit versioning scheme (x.y.z).

Plesk Onyx 17.8.11 Update 14

9 July 2018

Plesk Onyx 17.8.11 Update 14 is a stable (late adopter) release.

Windows

The php-cgi.exe process no longer terminates unexpectedly with the “0xc0000409” error. (PPPM-8814)

Plesk Onyx 17.5.3 Update 53

9 July 2018

Windows

The SNI support option is available again in Server Settings. (PPPM-8825)

Let’s Encrypt 2.6.1

6 July 2018

Issuing a wildcard SSL/TLS certificate via the Let’s Encrypt extension page no longer fails with an incorrect redirect. (EXTLETSENC-548)

WordPress Toolkit 3.3.0

5 July 2018

Filters were added to the plugin and theme installation screen, helping users quickly find what they need (hopefully).
Users can now check for updates, change update settings and apply updates for multiple WordPress instances at once.
WordPress Toolkit now has CLI for installing WordPress. Run plesk ext wp-toolkit --help for more information.
Mass security screen is no longer annoying users by constantly rechecking instance security status. You can always recheck the security status by clicking “Check Security” on the Mass Security screen.
Security checker Permissions for files and directories now agrees that permissions stricter than those set by the checker are not in fact insecure. (EXTWPTOOLK-1577)
Log In button on Websites & Domains screen is no longer displayed on Plesk 17.8 and higher if WordPress access credentials are not known. To make this button appear, go to the WordPress instance list in WordPress Toolkit and specify access credentials for the corresponding instance. Sorry for inconvenience! (EXTWPTOOLK-1573)
Users can once again change passwords of additional WordPress administrator accounts. (EXTWPTOOLK-1568)
Server administrators now can manage “Caching (nginx)” checkbox on WordPress instances belonging to subscriptions without the Manage Hosting permission. (EXTWPTOOLK-1563)
This one’s somewhat long, so grab your reading glasses. If the administrator username specified during WordPress installation started with a permitted character, but also included forbidden characters, the installation would go on as if nothing wrong happened. However, the administrator username was actually changed during the installation and the user was not informed about this change, which could be surprising to some users. This behavior was fixed, and username validation works properly now. (EXTWPTOOLK-1561)
WordPress updates no longer turn off Maintenance Mode if it was enabled before the update. (EXTWPTOOLK-1540)
Search bars for Plugins and Themes are now separated on Plugin/Theme installation screen. (EXTWPTOOLK-1500)

Let’s Encrypt 2.6.0

5 July 2018

Users can now issue wildcard SSL/TLS certificates and secure the main domain, subdomains, domain aliases, and webmail with them.
- By default, Let’s Encrypt uses ACMEv1. For issuing a wildcard SSL/TLS certificate, users need to configure the Let’s Encryptextension to support ACMEv2.
- Currently, wildcard SSL/TLS certificates are not renewed automatically. This feature is planned to be added later.
Starting with Let’s Encrypt 2.6.0, the server setting is replaced with acme-directory-url. Now the server setting is still supported but it will be deprecated in the future Let’s Encrypt updates. We recommend that users replace the server setting with acme-directory-url in the panel.ini file.
Improved messages for most frequent Let’s Encrypt errors.
Now, to renew a Let’s Encrypt SSL/TLS certificate created via the CLI, the email specified in the CLI command is used. (EXTLETSENC-498)

Linux

Improved chances of successful Let’s Encrypt HTTP challenge validation by using general locations for .well-known/acme-challenge. This helps issue an SSL/TLS certificate if a domain has some specially configured rewrite rules (certain web applications configure them by default) or access restrictions. You can revert this improvement by adding the following lines to the panel.ini file:
```
[ext-letsencrypt]
use-common-challenge-dir = false         
```

Site Import 1.3.0

3 July 2018

Now emails’ synchronization between source and destination mailboxes is faster because Site Import does not check all emails searching for new ones to be copied.
Now users can disable Mail Import by adding the following lines to the panel.ini file:
```
[ext-site-import]
allowMailImport = off
```
Mail Import no longer fails if the log priority is greater than 5 in the panel.ini file. (PMT-4444)
Website Import no longer fails if PHP on the source server does not return the list of user’s files. (PMT-4424, PMT-4393)
Mail Import no longer tries importing if the specified destination email address has no actual mailbox. Now, Mail Import tries to create a mailbox with the specified email address first. (PMT-4400, PMT-4399)
Attempts to connect via SSH in Site Import no longer take much time if SSH is not available. (PMT-4398)
Site Import no longer fails if an FTP server of an website you want to import does not support the UTF-8 charset. (PMT-4397)
The “Add an e-mail address to import” dialog no longer hangs if a backend error occurs. (PMT-4322)
Mail Import no longer stops if a network connection is temporarily lost. (PMT-4321)
Site Import no longer fails to import a database if the database server was connected to both the source and the target website. (PMT-3970)

Linux

Importing mail no longer fails if the email address of the destination mailbox has a mix of lowercase and uppercase letters. (PMT-4427)

Windows

Emails imported to the destination mailbox with IceWarp no longer show a date of import instead of the actual received dates. (PMT-4356)

Plesk Migrator 2.17.0

3 July 2018

Plesk Migrator no longer displays the issue and the details as two separate issues in pre-migration check report. (PMT-4452)
Plesk Migrator no longer migrates subscriptions’ overuse policies incorrectly by setting them all to “Overuse is allowed”. (PMT-4375)
Plesk Migrator now shows a newly created customer, reseller, or hosting plan to which you can reassign the subscription during migration. (PMT-4284)
Plesk Migrator no longer recommends to install a dropped Apache Tomcat component when migrating from a source server with installed Apache Tomcat to a destination server with Plesk 17.8.9 and later. (PMT-4217)

Linux

Migration no longer fails to start if the source MySQL server has a customized wait_timeout parameter set to a small value (for example 15 seconds). (PMT-4395)

Windows

Migration no longer fails if the cp65001 encoding is used on the source server. (PMT-4439)
Plesk Migrator no longer fails to migrate a customer whose name contains the slash character (“/”). (PMT-4430)
Plesk Migrator no longer fails to migrate MIME types from the source server with Helm. (PMT-4392)

Plesk Mobile 1.2.0

30 June 2018

GDPR compliance related improvements.

Extensions Catalog 1.2.0

29 June 2018

The Extensions Catalog interface has been translated into 31 additional languages.

Advisor 1.3.1

28 June 2018

A scheduled task for updating cache of the Advisor extension no longer finishes with an error. (EXTADVISOR-429)

Plesk Onyx 17.8.11 Update 13

26 June 2018

Improved security.

Linux

The plesk bin service --restart plesk command no longer fails with the “ERR [panel] Class ‘ServiceControl’ not found” error. (PPPM-8785)

Windows

Plesk no longer breaks with the “Call to undefined method Form::Form()” error under certain circumstances. (PPPM-8763)

Third-Party Component Updates

Updated PHP to versions 7.1.19 and 7.2.7.

Windows

Added support for Node.js 10.

Plesk Onyx 17.5.3 Update 52

26 June 2018

Improved security.

Third-Party Component Updates

Updated PHP to versions 7.1.19 and 7.2.7.

Windows

Added support for Node.js 10.

Plesk Onyx 17.8.11 Update 12

18 June 2018

(the update is available only on Ubuntu 18.04 LTS)

Plesk now supports Ubuntu 18.04 LTS (Bionic Beaver). However, keep in mind the following limitations:
- Atomicorp does not support Ubuntu 18.04 yet. So, Atomic rule sets (both basic and advanced) cannot be enabled in ModSecurity on a Plesk server with Ubuntu 18.04.
- Ubuntu does not support dist-upgrade from Ubuntu 16.04 to Ubuntu 18.04 yet and neither does Plesk. Ubuntu is expected to release Ubuntu 18.04.1, which supports dist-upgrade, in late July. Soon after the release, we will add dist-upgrade support from Ubuntu 16.04 to Ubuntu 18.04 to Plesk.
- Currently, Docker does not support Ubuntu 18.04 and neither does the Docker extension. We recommend that you do not install the Docker extension on a Plesk server with Ubuntu 18.04. As soon as Docker starts officially supporting Ubuntu 18.04, we will add the support to the Docker extension as well.
- We are working to fix the issue where PostgreSQL cannot be configured on a Plesk server with Ubuntu 18.04.

Plesk Onyx 17.8.11 Update 11

13 June 2018

Returned the ftp-user operator to XML API (1.6.7.0, 1.6.8.0, 1.6.9.0, and 1.6.9.1 versions).
Added the tooltip for the “Anonymize IP addresses” checkbox in Tools & Settings. (PPPM-8553)

Linux

Clicking “Reread IP” in Tools & Settings > IP Addresses no longer results in Plesk updating the Fail2ban white list once for every IP address on the server. (PPPM-8668)

Plesk Onyx 17.5.3 Update 51

13 June 2018

Added the tooltip for the “Anonymize IP addresses” checkbox in Tools & Settings. (PPPM-8554)

Linux

Clicking “Reread IP” in Tools & Settings > IP Addresses no longer results in Plesk updating the Fail2ban white list once for every IP address on the server. (PPPM-8669)
Emails sent from domains with short names now include a single DKIM record in the header (the bug caused the number of DKIM records to be equal to the number of recipients). This fixed the “552 5.6.0 Headers too large” error when the number of recipients was large. (PPPM-8380)

Windows

Localized the EULA link on the initial configuration screen. (PPPM-8703)

Plesk Onyx 17.8.11 Update 10

4 June 2018

Linux

Improved localization.
Fixed the issue where the “Anonymize IP addresses during log rotation” checkbox remained selected even if IP anonymization was not actually enabled due to backend errors. (PPPM-8605)
Fixed the issue where log files smaller than the set log rotation size limit were lost after performing a daily task. (PPPM-8502)

Plesk Onyx 17.5.3 Update 50

4 June 2018

Linux

Fixed the issue where the “Anonymize IP addresses during log rotation” checkbox remained selected even if IP anonymization was not actually enabled due to backend errors. (PPPM-8605)
Fixed the issue where Plesk File Manager loaded the directories’ content slowly. (PPPM-5035)

Advisor 1.3.0

4 June 2018

Added the ability to apply all available recommendations at once by clicking the “Apply Multiple Recommendations” button. Alternatively, you can do so via the CLI by running the plesk ext advisor --apply-recommendations [-list recommendation_code1,recommendation_code2,...] command.
Added the ability to hide recommendations via the panel.ini file. To do so add lines of the following pattern to the panel.ini file:
```
[ext-advisor]
blacklist = recommendation_code1, recommendation_code2
```
Note: To get the list of recommendations and corresponding codes, run the plesk ext advisor --advice-list command.
Added the recommendation to synchronize server time.
Added the recommendation to activate scheduled backups.
Added the recommendation to install the SEO Toolkit extension.
Improved the “Configure the Plesk Firewall” recommendation: installation of the Plesk Firewall is now more stable.
Rearranged recommendations so that those giving the most score to the server rating are at the top and added anchor links to such recommendations.
Fixed the issue where Advisor suggested installing the KernelCare extension in unsupported environments (for example, inside a Virtuozzo container). (EXTADVISOR-344)
Fixed the issue where the “Advisor” button in the header was absent for customers and resellers. (EXTADVISOR-349)
Fixed the issue where Advisor suggested switching to a PHP handler that was disabled in Tools & Settings > PHP Settings. (EXTADVISOR-379)
Fixed the issue where Advisor did not detect that Advanced ModSecurity Rules by Atomicorp was selected. (EXTADVISOR-380)

WordPress Toolkit 3.2.1

31 May 2018

Minor internal security improvements.

Site Import 1.2.1

31 May 2018

Minor internal security improvements.

Plesk Migrator 2.16.1

31 May 2018

Minor internal security improvements.

Plesk Onyx 17.8.11 Update 9

29 May 2018

Fixed the issue where it was not possible to update a service plan via the CLI. (PPPM-8602)

Linux

Fixed the issue where, even if the “Anonymize IP addresses during log rotation” checkbox was selected, IP anonymization was not actually performed dut to broken log rotation. (PPPM-8607)

Third-Party Component Updates

Updated PHP to versions 7.1.18 and 7.2.6.

Plesk Onyx 17.5.3 Update 49

29 May 2018

Fixed the issue where it was not possible to update a service plan via the CLI. (PPPM-8602)

Linux

Fixed the issue where, even if the “Anonymize IP addresses during log rotation” checkbox was selected, IP anonymization was not actually performed due to broken log rotation. (PPPM-8607)
Fixed the issue where wrong inheritance of a subdomain’s PHP handler type resulted in broken PHP-FPM configuration. (PPPM-7671)
Fixed the issue where wrong PHP handlers were used and PHP-FPM configuration was broken for subdomains created via the CLI or XML API. (PPPM-7755)

Third-Party Component Updates

Updated PHP to versions 7.1.18 and 7.2.6

Plesk Onyx 17.0.17 Update 52

29 May 2018

Third-Party Component Updates

Updated PHP to version 7.1.18.

WordPress Toolkit 3.2.0

24 May 2018

New GDPR-compliant interface for installing plugins and themes is now available, completely replacing the old Addendio service. It doesn’t have filters yet, but (spoiler alert!) we’re working on that.
Users can now check security and apply critical security fixes for multiple WordPress instances at once. The ability to apply non-critical security fixes en masse was late to the party, so it will have to wait for later WordPress Toolkit releases.
A couple of new default sets with Jetpack plugin were added.
Setup shortcut was added for those who want to quickly fine-tune their nginx caching settings.
Smart Update service accuracy was improved. Also, confirmation prompts were added because everybody loves them.
Toggling stuff like Debug or Maintenance Mode on an instance now immediately updates instance list filters. (EXTWPTOOLK-1389)
Instance filters went through an extensive bootcamp and became much more useful. You can always see the Filter button now with selected filter and filtered instance count, and you have a “Clear filter” button on the bottom of the instance list as well. (EXTWPTOOLK-1390)
Smart Update action buttons on the “Updates” screen are now always visible after being taught how to float. (EXTWPTOOLK-1496)
The “link” button now opens the website in a different tab or window, not in the current one. (EXTWPTOOLK-1445)
Instance screenshots are now removed if the instance itself is removed (sorry for littering). (EXTWPTOOLK-1413)
Quick Start menu on the Websites & Domains screen is not hideously deformed on wildcard subdomains anymore. (EXTWPTOOLK-1159)
If instance cloning has failed during Smart Update, the failed clone is now removed to avoid clone wars (and, uh, copyright infringements). (EXTWPTOOLK-1360)
Caching management is no longer visible for customers who don’t have the permission to manage their hosting settings. (EXTWPTOOLK-1504)
Users can now turn off countdown timer without having to disable Maintenance mode first. (EXTWPTOOLK-1507)
In a surprising turn of events, nginx caching management is no longer visible if nginx is not installed on the server. (EXTWPTOOLK-1482)
Several layout issues were eliminated from the Maintenance mode settings screen. (EXTWPTOOLK-1300)
It’s not possible anymore to confuse Smart Updates by unchecking update items in the middle of Smart Update procedure. (EXTWPTOOLK-1460)

Cloud Images Updates

23 May 2018

Lightsail

Added instructions how to configure access to Plesk in the Lightsail firewall to /etc/motd, message of the day. Users see the instructions when they log in to the Plesk server via SSH.
Introduced the maintenance screen feature. The Plesk administrator sees the maintenance screen after logging in to a Plesk instance that is being deployed. Once the deployment is finished the maintenance screen is removed and Plesk is ready for use.
After deployment, the server name matches the publicly available hostname. This allows to access the webserver using the domain name.
Rebuilt images using the latest Plesk Onyx 17.8 distribution and the Ubuntu kernel tuned by Canonical and Amazon Web Services for improved performance.
Updated the Web Server’s Default Page: added instructions how to configure access to Plesk in the Lightsail firewall.
Fixed the issue where customers could not create files and directories in the home directory /home/ubuntu. (PPP-34221 )

Plesk Onyx 17.8.11 Update 8

21 May 2018

Added the ability to store scheduled backups of subscriptions in remote cloud storage as a premium feature. You can purchase it in the Plesk Online Store. The purchase of the feature unlocks the ability to use all cloud storages.
As a part of GDPR compliance changes: when creating customers, resellers, and additional administrators, the Plesk administrator can now enable activation of the account by email. This will make the created account inactive until the user activates it with the link sent by email.
As a part of GDPR compliance changes: replaced the Facebook Like button with the static image and the link leading to the Plesk community page on Facebook.
Fixed the issue where, in configured automated logging in to Plesk via XML API, a session token was not automatically removed if the back_url node was specified. (PPPM-8543)

Linux

As a part of GDPR compliance changes: in Server Settings, the Plesk administrator can now enable anonymizing of IP addresses during log rotation.
This will null the last octet of IPv4 and the last group of IPv6 addresses.

Windows

As a part of GDPR compliance changes: in Server Settings, the Plesk administrator can now disable logging of customers’ IP addresses in IIS, FTP and mail logs.
Fixed the issue where add-on domains created via the CLI did not have physical hosting. (PPPM-8536)

Plesk Onyx 17.5.3 Update 48

21 May 2018

Fixed the issue where the daily maintenance script could not update all installed applications if one of them failed to be updated. (PPPM-8494)
Fixed the issue where, in configured automated logging in to Plesk via XML API, a session token was not automatically removed if the back_url node was specified. (PPPM-8543)
Newsletters subscription is now compliant with GDPR

Linux

As a part of GDPR compliance changes: in Server Settings, the Plesk administrator can now enable anonymizing of IP addresses during log rotation. This will null the last octet of IPv4 and the last group of IPv6 addresses.

Windows

As a part of GDPR compliance changes: in Server Settings, the Plesk administrator can now disable logging of customers’ IP addresses in IIS, FTP and mail logs.

Site Import 1.2.0

16 May 2018

Added the ability to import the content of mailboxes hosted on third-party servers with the IMAP access into mailboxes hosted on a Plesk server. Now users can import emails from Gmail or Yahoo! Mail mailboxes and from mailboxes managed by control panels (for example, Plesk or cPanel). All folders (including custom folders) and emails contained in them are imported. The “read” or “unread” status of imported emails is preserved.
Improved the interface of preparing to importing websites: configuring import, pre-import check, and scan. Added the step where, if import can be performed only via insecure connections, Site Import informs a user about it and asks for confirmation.
Fixed the issue where, under certain circumstances, it was impossible to import websites using the “web streaming” method for transferring content. (PMT-4341)

Linux

Fixed the issue where it was impossible to import websites from the source server with installed VSFTPd v3.0.3 supporting SSL. (PMT-4283)
Fixed the issue where it was impossible to import websites to the Plesk on CloudLinux target server with enabled CageFS. (PMT-3980)

Plesk Migrator 2.16.0

16 May 2018

Improved the log viewer.
Fixed the issue where all emails stored in any folders other than “Inbox” were not migrated to the target server with installed SmarterMail 16.3. (PMT-4359)
Fixed the issue where the list of objects available for migration was empty when migrating from the cPanel source server where Apache config was stored in the /etc/apache2 folder. (PMT-4351)
Fixed the issue where it was impossible to migrate from the Confixx, PPCPL, and cPanel source servers to Plesk 17.8 via the CLI because the list of objects available for migration was not generated. (PMT-4332)
Fixed the issue where the Plesk interface showed that the pre-migration check is still in process while it was actually finished. (PMT-4281)

Linux

Fixed the issue where errors were not reported correctly when rsync failed to copy files on Linux. (PMT-4377)
Fixed the issue where a subscription with configured additional Apache or nginx directives was migrated with the “Failed to transfer additional Apache/nginx directives” error. (PMT-4287)

Windows

Fixed the issue where, during migration, emails were not copied if the target Plesk server had installed SmarterMail 16.3.6677. (PMT-4374)
Fixed the issue where the emails’ flags were not preserved after migration to the target server with MailEnable 10: all emails were wrongly marked as “unread”. (PMT-4372)
Fixed the issue where, if several migrations (more than 10) were started simultaneously, the log viewer page started being constantly refreshed. (PMT-4268)
Fixed the issue where migration to Plesk from the source server with installed Smarter Mail 16 could hang up on the stage of copying mail content. (PMT-4201)
Fixed the issue where custom MIME types were not migrated correctly from the Plesk 8 and 9 source servers. (PMT-884)

Slave DNS Manager 1.9.1

8 May 2018

If slave DNS server supports flag -clean (BIND v9.10+), it will be added automatically for rndc delzone.

Plesk Onyx 17.8.11 Update 7

7 May 2018

GDPR compliance related improvements.
Added an additional email confirmation, which appears on the Plesk Welcome screen if the trial license is chosen.
Fixed the issue where users could not manage WordPress updates (administrator’s digest, reseller’s digest, and customer’s digest) in Tools & Settings > Notifications via the CLI. (PPP-36212)

Linux

Fixed the issue where installation of extensions could fail with the “Unsupported segments file format” error. (PPP-36204)
Fixed the issue where configuring rewrite rules in “Additional nginx directives” made it impossible to retrieve information about the PHP configuration. (PPP-36210)
Fixed the issue where, after removing Horde, the apt/dpkg database of Debian9 was corrupted. (PPP-36218)
Fixed the issue where, if the domain name of a sender was relatively short (“example.com” or shorter), the number of DKIM records in the email headers was equal to the number of recipients. This led to the “552 5.6.0 Headers too large” error when the number of recipients was large. (PPP-36261)
Fixed the issue where renewal of an SSL/TLS certificate broke the Apache configuration when a wildcard subdomain was set as a default domain for the IP address. (PPP-36209)

Windows

Fixed the issue where users could not manage domains if there was a forwarding domain pointing to a website with certain specific characters (for example, Sanskrit or Bhojpuri) in its URL. (PPP-36207)

Third-Party Component Updates

Updated PHP to versions 5.6.36, 7.0.30, 7.1.17, and 7.2.5.

Linux

Updated Roundcube to version 1.3.6.

Windows

PHP version 7.2 provided by Plesk is now shipped with ionCube Loader.

Plesk Onyx 17.5.3 Update 47

7 May 2018

GDPR related improvements.

Windows

Fixed the issue where IPv4 bindings for a subdomain were kept after removing an IPv4 address from the parent domain. (PPPM-6800)

Third-Party Component Updates

Updated PHP to versions 5.6.36, 7.0.30, 7.1.17, and 7.2.5.

Plesk Onyx 17.0.17 Update 51

7 May 2018

GDPR related improvements.

Third-Party Component Updates

Linux

Updated PHP to versions 5.6.36, 7.0.30, 7.1.17, and 7.2.5.

Windows

Updated PHP to versions 5.6.36, 7.0.30, and 7.1.17.

Ruby 1.3.6

27 April 2018

Ruby 2.2.x was updated to version 2.2.10.
Ruby 2.3.x was updated to version 2.3.7.
Ruby 2.4.x was updated to version 2.4.4.
Fixed the issue where searching by the “rake” word showed not the result but the “Permission denied” error. (EXTRUBY-65)

Node.js 1.3.4

26 April 2018

Added support for Node.js 9 on Linux.
Updated Node.js 6.x to version 6.14.1.
Updated Node.js 8.x to version 8.11.1.

Plesk Onyx 17.8.11 Update 6

23 April 2018

Improved security.
Fixed the issue where, if users configured storing scheduled backups in FTP storage in Plesk 17.5 and then upgraded to Plesk 17.8, the “Scheduled Backup Settings” screen did not show that FTP storage was selected. (PPP-35897)
Fixed the issue where orphaned backup sessions were not removed. (PPPM-8168)
Fixed the issue where Extensions Catalog and all extensions disappeared after clicking “Check Now” on the “My Extensions” tab. (EXTCATALOG-10)

Linux

Fixed the issue where, Health Monitor Notification Daemon on clean Plesk installation did not stop properly and caused unexpected restart of psa.service. (PPP-36144)
Fixed the issue where newly created domains had an outdated PHP version 5.14.16. (PPP-35916)

Plesk Onyx 17.5.3 Update 46

23 April 2018

Improved security.
Fixed the issue where users could not manage WordPress APS application updates (administrator’s digest, reseller’s digest, and customer’s digest) in Tools & Settings > Notifications via the CLI. (PPPM-6563)
Fixed the issue where subscriptions could not be completely removed because webmail configuration files were not deleted. (PPPM-7434)
Fixed the issue where users could not use the underscore character (_) in domain names and CNAME DNS records. (PPPM-4301)

Linux

Fixed sender callback verification for forwarded emails with enabled SRS. (PPPM-6317)

Plesk Onyx 17.0.17 Update 50

23 April 2018

Linux

Fixed the issue where the check-quota handler failed when forwarding emails. (PPPM-7541)
Fixed the issue where emails forwarded to several recipients were not delivered to all mailboxes if one of mailboxes was full. (PPPM-7541)
Fixed the issue where sending an email to multiple recipients via the Postfix server with SPF enabled resulted in multiple “Received-SPF…” lines instead of one line. (PPPM-3456)

WordPress Toolkit 3.1.0

19 April 2018

Automatic updates for all plugins or themes on a WordPress instance are now available.
Smart Update comparison screen was dramatically prettified to the point where it makes certain other screens jealous. The screen also provides more data to help users make informed decisions about whether update will be fine or not.
Multisite instances are now visually marked in the UI.
WordPress Toolkit now generates database names with random suffixes when installing WordPress to avoid database name clashes under certain circumstances. Server administrators can also change the database name prefix on the “Global Settings” screen.
It’s now possible to remove multiple plugins or themes at once on the corresponding tabs of an instance.
Minor improvements and bugfixes related to the new WordPress Toolkit UI.
Plugins installed on an instance will be visible right away without refreshing the page if all other plugins were previously removed from the instance and the page was not refreshed. (EXTWPTOOLK-1426)
Smart Update can now be properly performed when wp-config.php is located in a non-default folder. (EXTWPTOOLK-1418)
Preview screenshots now have a much harder time using timeouts to avoid being created. (EXTWPTOOLK-1412)
Smart Update settings can no longer be tricked into giving the impression of being enabled if the Smart Update is not available for the instance. (EXTWPTOOLK-1379)
The “Updates” screen was trained to be more courageous and can now be successfully opened from the list view. (EXTWPTOOLK-1378)
The wp-toolkit CLI utility had some grammar classes and now consistenly understands that 1, true, and on all mean one thing (Enabled), while 0, false, and off all mean precisely the opposite thing (Disabled). (EXTWPTOOLK-1377)
Plesk session expiration is now checked on most WordPress Toolkit screens, making for a less confusing working experience. (EXTWPTOOLK-1375)
Plugins and themes can now be successfully removed in Internet Explorer 11. Why would anyone still use that browser remains a mystery, though. (EXTWPTOOLK-1292)
The security checker “Permissions for files and directories” now agrees that 750 for directories is quite secure. (EXTWPTOOLK-1103)
Database naming settings are no longer ignored when WordPress is installed automatically upon the provisioning of a Hosting plan. (EXTWPTOOLK-1098)

Security Advisor 1.2.0

12 April 2018

Added the ‘plesk ext advisor’ command line utility. Run plesk ext advisor --rating to learn the highest possible rating, your server’s current rating both as an absolute number and as a percentage of the highest possible rating, and also your server’s Advisor level (low/medium/high).
Added the recommendation to install Plesk updates.
Added the recommendation to increase the minimum password strength.
Improved the recommendation “Switch to Up-To-Date PHP Versions”. Advisor no longer suggests switching sites running on PHP 7.0 and 7.1 to PHP 7.2.
Improved the recommendation “Secure Websites With SSL/TLS Certificates”. When securing a website with an SSL/TLS certificate, in addition to the website’s domain name, Advisor also secures the domain name with the ‘www.’ prefix, all existing domain aliases, and webmail.
Improved the recommendation “Configure ModSecurity & Fail2ban”. Advisor now tracks separately whether ModSecurity and Fail2ban are installed and enabled, allowing for three states (from worst to best): not installed, installed but not enabled, installed and enabled. In addition, enabling Fail2ban via Advisor now also enables the “plesk-modsecurity” jail.
Fixed the issue where trying to install an extension via Advisor resulted in the “Unknown error” message if the installation of the extension failed. (EXTADVISOR-230)
Fixed the issue where the “Advisor” tab was shown to customers in the left navigation menu in Plesk interface. (EXTADVISOR-247)
Fixed the issue where Advisor included domains with PHP disabled in the list of domains using outdated PHP versions. (EXTADVISOR-254)
Fixed the issue where trying to switch selected websites to an up-to-date PHP version resulted in the “Unable to execute command…” message. (EXTADVISOR-291)

Plesk Onyx 17.8.11 Update 5

11 April 2018

Switched Plesk to UI library version 1.1.5.
Fixed the issue where outdated Plesk logos were shown in the Plesk upgrade wizard. (PPP-35989)

Linux

PHP version 7.2 provided by Plesk is now shipped with ionCube Loader.

WordPress Toolkit 3.0.5

11 April 2018

Minor improvements and bugfixes related to the new WordPress Toolkit UI.

Plesk Onyx 17.5.3 Update 45

9 April 2018

Fixed the issue where the Plesk interface could become unresponsive if Plesk was unable to send error reports. (PPPM-7461)

WordPress Toolkit 3.0.4

5 April 2018

Improved the reliability of creating instance preview screenshots: WordPress instances were taught to politely stand in the queue instead of overcrowding the screenshotting service like barbarians. (EXTWPTOOLK-1401)
Activating a theme on a WordPress instance no longer shows themes being switched off on other instances in the list when these instances also have Themes tab opened. (EXTWPTOOLK-1398)

Plesk Onyx 17.8.11 Update 4

2 April 2018

Updated non-English locales.
Fixed the issue where 5xx error pages showed the suggestion to use Plesk Repair Kit even if it was unavailable. (PPP-35733)

Linux

Fixed the issue while upgrading a Plesk Onyx 17.5 server using a custom nginx template file to Plesk Onyx 17.8 resulted in hosted websites becoming unavailable. (PPP-35833)

Windows

Added support for Smartermail 16.3.
Fixed the issue where trying to configure centralized SSL certificate support resulted in the “Undefined class constant” error. (PPP-35779)
Fixed the issue where the controls for enabling limitations on outgoing email messages were missing from the “Tools & Settings” > “Mail Server Settings” screen if SmarterMail 16 Pro was used as the default Mail server. (PPP-35754)

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.4.
Updated PHP 7.1.12 to version 7.1.16.
Updated PHP 7.0.26 to version 7.0.29.
Updated PHP 5.6.32 to version 5.6.35.

Plesk Onyx 17.5.3 Update 44

2 April 2018

Made a number of security improvements.
Plesk Installer was updated to version 3.21.3. (PPPM-7189, PPPM-7691)
Fixed Captcha in the “Contact Form” module in Web Presence Builder 17.0.16. See the details in the KB article. (PPB-4554)
Fixed the issue where orphaned backup sessions were not getting removed. (PPPM-8168)
Fixed the issue where, if the Italian language was selected in the Plesk interface, clicking “See details” after a cron task finished executing did not result in the output being shown in a pop-up window. (PPPM-7274)

Third-Party Component Updates

Updated PHP 7.2 to version 7.2.4.
Updated PHP 7.1.12 to version 7.1.16.
Updated PHP 7.0.26 to version 7.0.29.
Updated PHP 5.6.32 to version 5.6.35.

Plesk Onyx 17.0.17 Update 49

2 April 2018

Fixed Captcha in the “Contact Form” module in Web Presence Builder 17.0.16. See the details in the KB article. (PPB-4554)

Third-Party Component Updates

Linux

Updated PHP 7.1.12 to version 7.1.16.
Updated PHP 7.0.26 to version 7.0.29.
Updated PHP 5.6.32 to version 5.6.35.

WordPress Toolkit 3.0.3

29 March 2018

Maintenance screen text is now displayed in English instead of Arabic if WordPress admin UI uses languages not available in Plesk localization packs. (EXTWPTOOLK-1382)
The contents of the Actions dropdown (displayed in the WPT toolbar under certain responsive circumstances) no longer offend the aesthetic sensibilities of users. (EXTWPTOOLK-1355)
WordPress Toolkit now properly indicates that rollback of an instance restore point has been actually finished. (EXTWPTOOLK-1358)
Scan and Import buttons now work properly when you click on them in the Actions dropdown. (EXTWPTOOLK-1362)
Plesk now properly redirects users to the corresponding page when they remove WordPress instances from My Apps screen on the Applications tab (ProTip: do not go there for managing your WordPress instances). (EXTWPTOOLK-1365)
User-provided username will no longer be reset when changing the password in the Password Protection UI. (EXTWPTOOLK-1339)
Users can now change WordPress admin settings when WPT does not yet know the password to the WordPress instance. (EXTWPTOOLK-1383)
Smart Update limit in hosting plans is not displayed anymore on Plesk Onyx versions prior to 17.8. (EXTWPTOOLK-1391)

Extensions Catalog 1.1.1

28 March 2018

Fixed the issue where the Plesk login page was loading slowly if the Extensions Catalog was temporarily unavailable. (EXTCATALOG-7)
Fixed the issue where clicking “Check Now” on the “Updates” tab and using the catalog/scripts/update-index.php script in scheduled tasks did not update the Extensions Catalog. (EXTCATALOG-6)

Plesk Onyx 17.8.11 Update 3

27 March 2018

Fixed the issue where it was impossible to access a subscription Backup Manager after providing an incorrect password for an FTP storage. (PPP-35755)
Fixed the issue where Tools & Settings > Server Information incorrectly showed hard disk usage as 0.00 MB out of 0.00 MB. (PPP-35732)
Fixed the issue where old backups were not rotated. (PPP-35708)
Fixed the issue where it was impossible to log in to Roundcube webmail after mail was secured with an SSL/TLC certificate from Let’s Encrypt. (PPP-35500)
Fixed Captcha in the “Contact Form” module in Web Presence Builder 17.8.12. See the details in the KB article. (PPB-4554)

Linux

Fixed the issue where, on Debian 9, using FTPS in FTP storage settings threw an error. (PPP-35664)
Fixed the issue where Watchdog was misconfigured by default and could not start, stop, or get status of the PHP-FPM service. (PPP-35761)
After the plesk sbin pci_compliance_resolver --enable utility was run in Plesk 12.0 and Plesk 12.0 was upgraded to Plesk Onyx, sw-cp-server failed to start due to duplicate ssl_cipher records. (PPP-28486)

Windows

Fixed the issue where Plesk could not be installed or updated if the path to the Plesk installation folder contained any C-string control symbols (\s, \t, \r, or \n). (PPP-35722)

Third-Party Component Updates

Linux

Updated libcurl to version 7.58.0.
Fixed a security issue in Roundcube.

Plesk Onyx 17.8.11 Update 2

19 March 2018

Installed Advisor on those Plesk servers that were upgraded to Plesk Onyx 17.8.
Fixed the issue where scheduled incremental backups did not work after upgrade to Plesk Onyx 17.8 or after the first incremental backup was created on a clean Plesk installation. (PPP-35597)
Fixed the issue where Power User view was used instead of Service Provider view if Web Host license was installed before Plesk initial configuration. (PPP-35541)

Linux

Fixed the warning messages during upgrade to Plesk Onyx 17.8 related with configuration of Courier-Imap/Dovecot. (PPP-35441)
Fixed the issue where sslmng does not enable server ciphers ordering for Dovecot, which did not allow to apply the most secure SSL/TLS configuration. (PPP-35254)
Fixed the issue where new REST API was not available after upgrade to Plesk Onyx 17.8. (PPP-35592)

Windows

Fixed the issue where installation of Plesk using the console failed if a very weak password was specified while configuring additional settings before installation. (PI-438)

Third-Party Component Updates

Linux

Updated Dovecot to version 2.3.0.1.
Replaced Roundcube SieveRules plugin with Managesieve. This improvement fixed the issue where short name authentication in Roundcube did not work after users switched on short name support for Dovecot.

WordPress Toolkit 3.0.2

19 March 2018

Addendio Plus plugin is no longer installed on all new WordPress instances by default. If you want it to be installed by default, go to WPT Global Settings and enable the corresponding checkbox.
WPT now properly refreshes instance cache data in Plesk Multi Server environment. (EXTWPTOOLK-1356)
Users can once again install and manage WordPress instances on domains with PHP 5.3, although we strongly recommend to use at least PHP 5.6 for security reasons. (EXTWPTOOLK-1356)
Reseller subscriptions can now be customized again without any errors about invalid specified limits. (EXTWPTOOLK-1352)
Users are now able to remove WordPress instances with missing database. (EXTWPTOOLK-1349)

Let’s Encrypt 2.5.3

14 March 2018

Fixed the issue where the text on the “Secure domain” page was displayed in English regardless of the user’s chosen interface language. (EXTLETSENC-481)
Fixed the localization issue with locales except en-US. In this issue the message about a failed challenge ended with a placeholder instead of failure details. (EXTLETSENC-480)
Fixed the link to the Let’s Encrypt website on the “Secure domain” page. (EXTLETSENC-482)

WordPress Toolkit 3.0.1

7 March 2018

WordPress Toolkit now properly handles the Plesk session expiration, logging users out and directing them to the login screen whenever the session has expired.
Smart Update option in Service Plans is now always visible when WordPress Toolkit is installed. (EXTWPTOOLK-1343)
Database tab is no longer completely broken when it’s not possible to fetch all the data that’s supposed to be displayed there. (EXTWPTOOLK-1345)
Document root content will no longer be removed during Smart Update if updated WordPress was installed in a subfolder and no WordPress instance was present in the document root. (EXTWPTOOLK-1344)
WordPress Toolkit will continute to work nonchalantly if it stumbles upon inconsistencies with WordPress instance restore points. (EXTWPTOOLK-1346)
It is possible once again to sync data between WordPress instances located on different subscriptions. (EXTWPTOOLK-1348)

WordPress Toolkit 3.0.0

7 March 2018

Completely redesigned, modern and responsive UI and UX for WordPress instance management. The full list of changes is too numerous to mention here, but the basic idea is: the instance list and overview screen were redesigned and merged into one single UI, providing much better user experience and increased performance. Explore the new WordPress Toolkit and let us know what you think!

Important: this feature is available only in Plesk Onyx 17.8+.
Updates can now use the Smart Update service on a per-instance basis. Using Deep Learning algorithms and screenshot analysis, Smart Update checks how the WordPress update would go in a test environment before performing it on the production instance. Glory to our AI Overlords! ahem Smart Update supports both automatic and manual updates, providing meatbags with ability to compare the screenshots by themselves. This is a Pro feature that needs to be purchased separately.

Important: this feature is available only in Plesk Onyx 17.8+.
Users can enable nginx-based caching via the corresponding switch on the instance card. To configure caching options, go to “Apache & nginx Settings” page on Websites & Domains.

Important: this feature is available only in Plesk Onyx 17.8+.
Clone procedure now also watches out for URL changes in certain files. (EXTWPTOOLK-1249)
Clone procedure no longer fails if DB_CHARSET is missing in wp-config.php file. (EXTWPTOOLK-1243)
WordPress Toolkit no longer uses https prefix when automatically installing WordPress during the Service Plan provisioning if SSL/TLS is not available in this Service Plan. (EXTWPTOOLK-1238)
PHP notices are no longer added to log when you get WordPress instance info from CLI. (EXTWPTOOLK-1308)

Plesk Onyx 17.8.11 Update 1

6 March 2018

Added support for storing Plesk backups in S3 cloud storages (DigitalOcean Spaces, Minio, and others) in addition to already supported Amazon S3.
Added the integrated part of Repair Kit. Repair Kit is a tool that can help users automatically fix issues preventing Plesk from operating properly and bring it back online. Repair Kit can be used even when Plesk is unavailable and can be accessed right from 5xx error pages.
Plesk users can now store their backups remotely in Microsoft OneDrive.
The new section “Assistance and Troubleshooting” was added to Tools & Settings.
All newly installed Plesk servers now come with a preinstalled Plesk Onyx Web Pro edition trial license valid for 14 days.
The PHP extension ionCube Loader is now shipped with Plesk PHP 7.1.
The Amazon AWS Migration Tutorial extension was published.
Plesk users can now store their backups remotely in Google Drive.
For certain extensions, the installed license can now be upgraded from Extensions Catalog.
Plesk administrator can now find specific extensions using the Plesk global search found in the top left corner.
Plesk administrator can now customize the “My Extensions” screen by rearranging the extensions.
Contextual promos for Plesk extension are now shown in the Plesk interface.
Plesk users now can store their backups remotely in Amazon S3 buckets.
The Extension Catalog had received a new landing page with a series of improvements.
CLI for managing ModSecurity was significantly enhanced and now supports most features, available in Plesk Panel, including:
- Selecting predefined and uploading custom rulesets,
- Setting the active ruleset and update frequency,
- Setting the web application firewall mode.
Added the Advisor extension to the list of extensions shipped with Plesk by default. On Plesk 17.8.10 and later, Advisor automatically replaces the Security Advisor extension. On Plesk 17.8.9 and earlier, Security Advisor is not replaced by Advisor.
Changed the Plesk postinstall configuration - users can now choose between installing a paid or a full-featured trial license right after installing Plesk. This feature is compliant with the General Data Protection Regulation (GDPR).
Made it so that subscribing to Plesk newsletters on one Plesk server automatically duplicates the subscription on all Plesk servers that belong to the same customer. This feature is compliant with the General Data Protection Regulation (GDPR).
Added the trial_license option to the init_conf utility and the initial_setup node. Plesk administrators can use it to install a full-featured trial license via the CLI or XML-RPC. This feature is compliant with the General Data Protection Regulation (GDPR).
Updated the Google Login extension and published it as Social Login. Users can now link their Plesk accounts with Google, Facebook, and GitHub accounts and log in to Plesk with these social network accounts.
Marked PHP versions earlier than 5.6 as “Outdated” in the Plesk interface.
Dropped support for Apache Tomcat.
Removed the ability to restore backups created in Plesk 11.x or earlier.
Removed the Featured Applications block from the Websites & Domains screen in Power User view.
Added the Google Login extension to the list of components shipped with Plesk by default.
Increased the UI speed when restoring backups stored in remote storage.
Improved the Power User view UI. Now, users see the “Add Domain” screen if they have not yet created a domain. Certain UI controls are disabled until a domain is added.
Updated the icons and descriptions of certain Plesk components.
Outdated versions of the XML-RPC protocol, as well as a number of methods, are no longer supported. For more information, read “Deprecated Protocols, Operators, and Backward Compatibility”. Note that the versions of XML-RPC protocol up to and including 1.6.5.0 are considered outdated and can be deprecated in the future Plesk updates.
To improve the reliability of Plesk, the ability to encode Plesk extensions using ionCube has been removed. If you are an extension vendor and you wish to encode the source code of your extension, refer to this topic.
Starting with Plesk Onyx 17.8 Preview 8, installing Plesk Virtuozzo containers via EZ templates is no longer supported.
Plesk 11.x can be no longer directly upgraded to Plesk Onyx 17.8 Preview 8.
For certain extensions, users can now upgrade the installed license directly from the Extension Catalog.
By default, users can no longer upload license key files for Plesk and additional licenses in Tools & Settings > License Management. To install a license key, they need to provide an activation code. For more information, read “Plesk License and Additional License Keys in Plesk Onyx 17.8”.
The display speed of quick access to extensions was adjusted.
The Plesk Welcome screen has been redesigned. Now, when customers log in to Plesk for the first time, they need to provide only the contact name, email, and password.
Users now can add, remove, and replace plan items on demand using the extensions SDK.
Multiple performance improvements related to backing up to cloud remote storages.
Users logging in to a cloud service Plesk instance that is being deployed will now be greeted by a maintenance screen. They can start using Plesk once the deployment is finished and the maintenance screen is removed.
The functionality of Plesk File Manager editors (Code Editor, Text Editor, and HTML Editor) has been improved. Now, when users save changes (by clicking “Apply” or using the CTRL+S key combination), the editor page is not reloaded, the text cursor keeps its position, and the editor does not lose focus. In addition, the editor windows now adjust their height to the screen size.
Plesk Extensions will now be running on PHP 7.1. We recommend extension vendors to review their code for PHP 7.1 compliance.
Most users should observe significant resource consumption decrease along with performance improvements.
The “Extensions” > “My Extensions” screen in the Plesk UI has been redesigned.
Plesk users now can set the administrator password in the Cloud Launcher when creating a Plesk server on Google Cloud.
Made it easier for Plesk administrators to access their installed extensions.
Plesk now checks for extension updates every day instead of every week.
The Extensions Catalog search function has been improved.
When creating a Plesk server on Amazon Web Services, the login link is now listed in the installation log available in the AWS Management Console.
Plesk extensions promos can now be set and shown as a contextual advertisement on certain Plesk pages.
CAA DNS records are now supported in Plesk.
Plesk backups can now be stored in cloud storages (Amazon S3) via Plesk GUI and CLI.
After having purchased an extension licence in Plesk Online Store, user is redirected back to the Plesk server and Plesk automatically installs the new extension licence and upgrades existing extensions’ licences if necessary.
The web server failed to start if an IP address registered in Plesk was absent in the system.
Plesk EULA and copyright information were updated.
Starting with Plesk Onyx 17.8 Preview 2, Perigon Control Suite is no longer supported.
A detailed message, explaining the changes and consequences, is now shown when changing the hosting type. This message contains a complete list of folders that are going to be removed.
Redirects from HTTP to HTTPS on domain aliases have been improved to make a single SEO-safe redirect with HTTP response code 301. For example, if alias.tld is set as an alias for example.tld, and example.tld is secured with an SSL certificate, there is now a single redirect from http://alias.tld to https://example.tld.
Security improvements.
Fixed the issue where users could not use the underscore character (_) in domain names and CNAME DNS records. (PPP-34267)
Fixed the issue where scheduled backups stored on the FTP server were not rotated if a backed up domain contained Unicode symbols in its name. (PPP-34853)
Fixed the issue where multiple calls of the operation “Get child backup” slowed down the creation of a full server backup stored in the FTP storage. (PPP-34798)
Fixed the issue where PHP settings of a domain were reset after the hosting plan the domain was based on was updated. (PPP-33180)
Fixed the issue where search in Code Editor worked only for the current code fragment instead of the whole file. (PPP-33746)
Fixed the issue where it was impossible to create backups in Google Drive unlimited storage. (PPP-34900)
Fixed the issue where, in Power User view, Applications and Mail in the left panel were not displayed correctly in Microsoft Edge and Internet Explorer versions 10 and 11. (PPP-34335)
Fixed the issue where certain custom buttons in Websites & Domains were not visible in Plesk on mobile devices. (PPP-34113)
Fixed the issue where Webalizer was opened instead of AWStats if a domain was created via XML API. (PPP-33649)
Fixed the issue where the description of the poolSize setting was missing from the Plesk Long Task SDK. (PPP-34268)
If an APS application, for example, WordPress, was installed on a domain, temporary files were not removed after the domain backup was created. (PPP-33532)
The bug report form in Plesk Preview builds redirected to https://support.plesk.com instead of https://talk.plesk.com/bugreport. (PPP-33502)
Subscription PHP settings were reset after the update and synchronization of the hosting plan to which the subscription belonged. (PPP-33180)
It was not possible to switch off www URLs redirect for a subdomain. (PPP-29245)
It was not possible to identify which Plesk component created certain temporary files as they did not have identifying prefixes. (PPP-33543)
The incorrect text was displayed in the “Country” column for Arabic language pack in Tools & Settings > Interface Management > Languages. (PPP-33465)
In Italian localization, clicking the “See details” link after executing a cron task did not display a pop-window with execution details. (PPP-33190)
Plesk no longer sends X-Plesk HTTP header. (PPP-33394)
The “Hide controls for rejection messages for non-existent mail addresses” checkbox in “Tools & Settings” > “Interface Management” > the “Interface Controls Visibility” tab did not work. (PPP-31117)
It was not possible to create a customer with the contact name containing the exclamation mark character (!) via the CLI. (PPP-27385)
Backup Manager did not display any information in the “System notes” column for backups created by users other than the Plesk session owner. (PPP-31703)
It was not possible to create a domain with the name containing IDN characters if the DNS template contained a TXT record including the <domain> placeholder. (PPP-32897)
XML API requests using the session operator with the get operation retrieved expired CP sessions in addition to the currently open CP sessions. (PPP-31651)
The isImpersonated() method could not identify that an administrator or a reseller was logged in the Customer Panel as one of their customers. (PPP-32589)
Under certain circumstances, it was possible to select more than one item from the left menu panel in Power User view. (PPP-31871)
A mistyped time zone name was displayed in Tools & Settings > System Time. (PPP-31324)
Code Editor converted line endings to Windows-style with CRLF line terminators. (PPP-32628)
After upgrading to Plesk Onyx 17.8, the window offering to rate Plesk was shown every time a new Plesk page was opened. (PPP-31268)
Logging in to Plesk with no license installed resulted in an error. (PPP-31409)
Changing the subscription limits on a Plesk Multi Server master node failed to update the subscription limits on service nodes. (PPP-31221)
Users with the “Administrator” or the “WebMaster” user role could create new webspaces even if their access was limited to a single subscription. (PPP-30024)
Restricting administrative access in Plesk resulted in customers and resellers being unable to log in to Plesk via the Plesk Mobile application. (PPP-30222)
Trying to access phpMyAdmin in Plesk resulted in an error if the user’s session had timed out. (PPP-30845)
Under specific circumstances, the File Manager could be used to perform certain operations with files outside of the user’s webspace. (PPP-31240)
Backups could not be restored on Plesk Web Admin edition servers. (PPP-31168)
Users could not change a domain’s hosting type to “forwarding’ via XML API. (PPP-30466)
Plesk returned empty responses to XML API requests if the “Google Authenticator” extension was installed on the Plesk server. (PPP-30527)
The incorrect DNS record was added for the website preview if the server was behind NAT. (PPP-29408)
It was impossible to add the 127.0.0.0/8 subnet mask to the mail server whitelist via CLI. (PPP-29607)
User with the denied permission “Create and manage sites” could not add a website but still had access to creating domains. (PPP-29718)
User with the access only to a particular webspace was able to see the list of all other webspaces. (PPP-30023)
Installing Plesk with the ‘Plesk Migrator’ component resulted in creating duplicate entries in /etc/apt/sources.list. (PPP-28879)
When trying to connect to an FTP storage, a ‘Curl error: (35) SSL connect error’ occurred. (PPP-29266)
In Power User view, attempts to remove a domain failed with a ‘Permission denied’ error. (PPP-29247)
Attempts to activate a terminated additional license led to Plesk removing the main license. (PPP-28991)
Additional users could not log in to Plesk because of a DNSSEC error. (PPP-28949)
A multiline mail bounce message could not be set via CLI. (PPP-28768)
If an FTP server for backing up had previously been configured incorrectly and using the server storage was forbidden, attempts to back up failed with an uninformative message. Now, Plesk shows a message explaining the requirement to configure an FTP storage. (PPP-28710)
Making API calls to Plesk resulted in an error if the <packet> tag was missing. (PPP-28705)
Customer could not change domain hosting settings for their domain if the subscription name was identical to the server’s hostname. (PPP-28667)
When a customer used the file-sharing option for public files and clicked ‘Link to This Folder’, the generated public URL for read-only visitors did not have the ‘www’ prefix. (PPP-28641)
Backup rotation from an FTP storage could consume extra disk space if the FTP server did not support the REST command. (PPP-28335)
Certain log messages from ModSecurity disrupted the functioning of the Log Browser page. (PPP-28282)
Starting multiple backup processes within a minute of each other caused one of them to fail. (PPP-27889, PPP-27484)
Pressing ‘Download Backup’ several times in a row caused Plesk to consume extra disk space. (PPP-27636)
The handler for the “Disk space limit for reseller account reached” event did not pass event parameters to commands. (PPP-27438)
Backup creation failed if the time of backup creation and upload exceeded the ‘FTP SessionTimeout’ value and the FTP repository did not support APPE/REST commands. (PPP-27354)
The “Maximum number of scheduled backup files to store” setting on the backup settings page was also applied to the external backup storages. (PPP-27351)

Linux

Added support for nginx caching to improve the performance of websites.
Added support for dist-upgrade to Debian 9.
CentOS 7.4, Red Hat Enterprise Linux 7.4 and Debian 9 are now supported.
Plesk pages now support gzip encoding.
In Cgroups Manager a notification threshold for resource usage can now be configured without setting a hard limit.
Additional HTTP headers can now be configured in Apache and nginx settings.
Done some security improvements and hardening.
Changed the default port number for connecting to the KA server from 5224 to the standard HTTPS port 443.
Dropped support for the mod_php, mod_perl, mod_python Apache modules.
Fixed sender callback verification for forwarded emails with enabled SRS.
The plesk repair utility with the installation aspect now detects and fixes incorrect permissions and ownership of files in RPM and DEB packages.
The plesk repair utility with the fs aspect now detects and fixes incorrect permissions and ownership of files inside httpdocs folders.
Plesk firewall is now managed by firewalld to ensure that all ports necessary for Plesk to operate are open.
LimitNOFILE can now be managed for PHP-FPM.
PHP opcache_get_status is now disabled by default.
PHP-FPM pool settings can be configured on a domain level via Plesk GUI.
CloudLinux 7.3 is now supported.
The PHP-FPM setting max_children can now be customized.
Phusion Passenger was updated to version 5.1.11.
The plesk repair utility with the web aspect now detects and disables missing or corrupted Apache modules.
Using passive FTP on Plesk servers deployed from Cloud providers images now requires opening the TCP port range recommended by IANA (49152-65535) in the firewall.
Starting with Plesk Onyx 17.8 Preview 7, Debian 7 is no longer supported.
Fixed the issue where the ./dev directory in the document root was skipped during backup creation. (PPP-30478)
Fixed the issue where wrong inheritance of a subdomain’s PHP handler type resulted in broken PHP-FPM configuration. (PPP-34078, PPPM-7671)
Fixed the issue where it was impossible to activate all Fail2Ban jails if ModSecurity was in the default “Off” mode. (PPP-33954)
Fixed the issue where, after mod_php was disabled, all domains with PHP handlers of ‘module’ type (mod_php5, mod_php7, and so on) stopped working. (PPP-34997)
Fixed the issue where the -disk_space_soft option changed the allowed amount of disk space for a service plan. (PPP-34024)
Fixed the issue where mail settings were not changed when the mail management function was disabled. (PPP-34270)
Fixed the issue where, during Plesk installation, the TLSv1 protocol was specified in /etc/courier-imap/imapd-ssl instead of TLSv1+. (PPP-29831)
Fixed the issue where AWStats sent error notifications to the Plesk administrator on a clean installation. (PPP-31619)
Fixed the issue where, under certain circumstances, the packagemng utility returned an empty output resulting in UI faults. (PPP-33798)
Fixed the issue where the check-quota handler failed when forwarding emails. (PPP-33801)
Fixed the issue where the default list of available SSL ciphers was not complete if HTTP/2 support was enabled. (PPP-33863)
Fixed the issue where emails forwarded to multiple addresses were not delivered if one of the recipient mailboxes was full. (PPP-33803)
Fixed the issue where microupdates installation reset the SELinux context in /usr/sbin/suexec. (PPP-33288)
Fixed the issue where the greylisting check failed when sending or receiving emails from local mailboxes. (PPP-34011)
Fixed the issue where the mail_outgoing_restore.worker utility was not working correctly if python-sqlite2 was installed. (PPP-33614)
Fixed the issue where, under certain circumstances, statistics counting could hang if qmail was used. (PPP-31661)
Fixed the issue where, in Plesk for Linux instances behind NAT, http://host:8443 redirected to https of the private IP address instead of the public one. (PPP-33872)
Fixed the issue where users could not configure PHP-FMP parameters whose name contained the dot (.) character via panel.ini. (PPP-30043)
If DKIM was activated, the TXT DNS record containing DKIM policy (for example, _domainkey.example.com.) was skipped during backup creation. (PPP-33461)
If email forwarding was set up and no password was set for the second email, running plesk repair mail broke email forwarding. (PPP-33019)
Adding a DNS record to a domain with a large number of DNS records (around 7500 DNS records) took a long time. (PPP-32419)
It was not possible to install a custom ModSecurity rule set. (PPP-21128)
The mchk utility incorrectly restored Mailman list aliases. (PPP-28459)
Under certain circumstances, the packagemng utility returned an empty output resulting in the empty list in Tools & Settings > Server Components. (PPP-31211, PPP-32479)
Roundcube upgrade reconfigured the web server configuration and the webmail vhosts files, which made servers with a large number of domains overloaded. (PPP-33718)
The plesk repair web command reconfigured a domain without confirmation prompts even if the -n option was specified. (PPP-31400)
The <domain> variable was incorrectly handled when used in TXT DNS records of a domain alias. (PPP-28903)
Emails larger than 250 KB were not deleted from the Spam folder even after 30 days. (PPP-30012)
If Roundcube defaults.inc.php file was customized, it was not replaced with the new default.inc.php from an updated Roundcube package. (PPP-33783)
Changing the number of entries per page and searching on the “Users” tab of the Plesk file server extension resulted in an error. (PPP-30822)
The creation of wildcard subdomains failed if the DNS template contained an SRV record. (PPP-30766)
Adding or removing domains on overloaded servers with more than 100 subscriptions could result in an error. (PPP-33098)
While specifying the File Sharing settings, it was possible to include invalid characters (for example, the whitespace character) to the web folder root URL, which resulted in nginx failing to start. (PPP-30508)
Apache graceful restart failed to stop orphaned php-cgi processes. (PPP-31050)
Certain configuration files were not accessible when opening an FTP session. (PPP-28246)
On Debian-based OSes, certain information in AWStats (Operating Systems, Browsers, and so on) was not displayed correctly because the “LogFormat” parameter was set to “4” by default. (PPP-32682)
The “Tools & Settings” > “Server information” page could be inaccessible if the /etc/mtab file contained an excessively large number of records. (PPP-29199)
The /usr/local/psa/bin/reconfigurator.pl utility did not remap IP addresses of domain aliases. (PPP-17104)
Sorting log files in the Log Browser by modification date produced a disordered list. (PPP-31792)
Under certain circumstances, DMARC service encountered segmentation fault errors. (PPP-32405)
On CloudLinux, it was impossible to click the ‘Run Now’ button while adding a cron-style scheduled task for the root user. (PPP-31798)
Wildcard subdomains logs were not rotated. (PPP-31787)
A customer could potentially gain access to the data owned by the psaadm group. (PPP-32586)
Users could not set a four-digit CPU limit in Cgroups Manager. (PPP-32603)
Multiple simultaneous attempts to renew a Let’s Encrypt SSL/TLS certificate via different Plesk sessions could result in Apache stopping and failing to start. (PPP-31345)
Trying to browse files with extensions other that .php resulted in a “403 Forbidden” error if the “Proxy mode” option was disabled and both the “Restrict the ability to follow symbolic links” and the “Serve static files directly by nginx” options were enabled in “Apache & nginx settings”. (PPP-27118)
SPF handler could not add email headers for authorized SMTP sessions, which resulted DMARC verification failures. (PPP-31016)
Running the ‘plesk bin init_conf –init’ CLI command reset the Plesk administrator password. (PPP-31393)
Running the ‘plesk bin cloning -u prepare-public-image true’ CLI command did not reset the MySQL “admin” user’s password. (PPP-30057)
The disk space usage for mail accounts shown on the “Email Addresses” tab in Plesk was incorrect. (PPP-30528)
Trying to log in to Roundcube with an incorrect password resulted in an HTTP response code 500. (PPP-29087)
On Debian 8 servers, IPv6 addresses added via Plesk were not working correctly after server reboot. (PPP-29295)
On Debian 8 servers, IPv6 addresses added via Plesk were not added to the ‘/etc/network/interfaces’ file. (PPP-29298)
Backups made in Plesk did not include dumps of MySQL databases if Perl version 5.26 was installed on the server. (PPP-31259)
Under certain curcumstances, websites could not be published in Web Presence Builder. (PPPM-6776)
Users with encrypted mailbox passwords could not log in to Roundcube. (PPP-30208)
The maximum number of connections to the Plesk mail server configured in “Tools & Settings” > “Mail Server Settings” did not affect the maximum number of IMAP connections. (PPP-30395)
When configuring the settings of PHP handlers in “Tools & Settings” > “PHP Settings”, PHP-FPM handlers were not listed in the help message. (PPP-30640)
Users could not send mail via Horde after the plesk sbin pci_compliance_resolver --enable utility was run on the Plesk server. (PPP-30816)
Web Presence Builder websites could not be published if the information about installed packages was missing from the Plesk database. (PPP-30824)
Trying to back up a subscription resulted in a confusing error message if the libdbd-mysql-perl package was missing from the Plesk server. (PPP-30850)
The mchk utility resets back to open relay settings that had been closed. (PPP-28966)
If the mailbox size for a subscription was set to unlimited, executing plesk repair mail <subscription> incorrectly changed the values in maildirsize file for each mail account under the subscription. (PPP-29237)
Browsing the access_log file in Plesk resulted in an error. (PPP-29214)
Upgrading the plesk-roundcube package resulted in overwriting PHP settings for Roundcube. (PPP-29088)
Trying to log in to Roundcube with an incorrect password resulted in an HTTP response code 500. (PPP-29087)
FastCGI PHP handler in the Service Plan was displayed in GUI as FPM by Apache. (PPP-29064)
When sending emails to a mail list, the Mailman generated a wrong DKIM signature. (PPP-28836)
If a backed up subscription contained more than 8GB of content files, it could not be restored from backup. (PPP-28793)
If the Skins & Color extension was installed in Plesk, creating a full server backup finished with a warning. (PPP-28765)
On Debian 8 servers, users could not log in to Horde if the ‘psa-kronolith’ component was installed. (PPP-28744)
The plesk repair fs command failed to check permissions on /var/lib/psa/dumps. (PPP-28599)
If a customer’s name contained Unicode characters outside of ASCII range, backing up such customer’s subscription had succeeded, but an error message was displayed. (PPP-28587)
If the name of a database included a dot, running the statistics utility resulted in a warning. (PPP-28531)
The mchk utility reset the ‘Certificate for securing mail’ setting to the default value. (PPP-28433)
Running the Watchdog Security Scan completed with a message ‘Checking file i18n versions [Update failed]’. (PPP-28221)
Under certain circumstances, updating Plesk from version 12.0 to Onyx resulted in an error message “ERROR 1049 (42000): Unknown database '-Br'”. (PPP-28194)
On Debian 8 x64 with tar v. 1.27.1 installed, if the web content directory contained a subdirectory or a file with a leading space in the name, the backup process got stuck, consuming 100% of CPU. (PPP-28176)
Sendmail failed to send email to the root account. (PPP-27696)
The plesk repair utility did not detect broken symlinks to Apache configuration files. Now, such broken symlinks are repaired correctly. (PPP-27477)
On Ubuntu 16.04 servers, Watchdog incorrectly reported the PHP-FPM service as being stopped. (PPP-27085)
Kaspersky AntiVirus could not correctly detect its PID. (PPP-27002)
On CloudLinux 7 servers, APS applications could not be installed on subscriptions for which CageFS was enabled. (PPP-25214)
On Debian 8 servers, restoring a subscription from a backup made on another Plesk server with a different mail server installed resulted in all mail for that subscription being permanently softbounced with a 4xx code. (PPP-22957)

Windows

Microsoft SQL Server 2017 is now supported.
For Microsoft SQL Server, Microsoft ODBC Driver 11 and Microsoft ODBC Driver 13 are now supported.
If the MailEnable component is installed, the SpamAssassin spam filter supports moving spam to the Junk folder.
It is now possible to connect a remote Microsoft SQL Server 2017 database server installed on Linux for hosing databases.
Users can now log in to Plesk servers installed on Active Directory Domain Controller via FTP using their short names.
ASP.NET Core 2.0 is now supported.
MySQL 5.7 is now supported.
Added the Node.js 9 component to the list of components shipped with Plesk by default.
Added support for IceWarp Mail Server 12.0.
Added Microsoft SQL Server 2016 Service Pack 1 (SP1) to the list of components shipped with Plesk by default.
Added Microsoft SQL Server 2014 Service Pack 2 (SP2) to the list of components shipped with Plesk by default.
Added IIS URL Rewrite Module version 2.1 to the list of components shipped with Plesk by default.
The plesk repair utility with the fs aspect now detects and fixes incorrect permissions and ownership of files inside httpdocs folders.
Plesk administrator’s PHP version was switched to 64-bit resulting in improved performance of backing up to cloud storages.
PHP 4 is no longer shipped with Plesk.
The plesk version CLI command now shows the revision number of the latest installed microupdate.
Plesk administrator no longer can add IP addresses to or remove them from a network interface with DHCP enabled.
MSSQL 2008 server is no longer shipped with Plesk.
IIS Dynamic Content Compression is now supported in Plesk.
SNI support is now activated by default.
MailEnable Standard Edition is now automatically upgraded on Plesk upgrade.
ISC BIND is now running under a low-privileged user.
Fixed the issue where removing a reseller with a subscription secured with an SSL/TLS certificate made the Plesk database inconsistent. (PPP-32864, PPP-34425)
Fixed the issue where the --ftp-login and --ftp-password options could not be used with the pleskbackup.exe utility. (PPP-30562)
Fixed the issue where removing a domain did not remove the SSL/TLS certificate securing it. (PPP-34119)
Fixed the issue where a remote Microsoft SQL database could not be backed up if the SQL server contained special characters in the administrator password. (PPP-34728)
Fixed the issue where error messages of the ApplySecurity.exe utility were unclear. (PPP-34824)
Fixed the issue where error messages of the lock manager were unclear. (PPP-33825)
Fixed the issue where the HostingSecurity.exe utility processed only one subscription at a time. Thus one subscription with a large amount of files and folders (more than 100000) could block the execution of hostingsecurity.exe commands for other subscriptions. (PPP-34574)
Fixed the issue where users could not upload a skeleton template ZIP file whose size was greater than 16 MB. (PPP-34168)
Fixed the issue where it was not possible to send more than 1000 emails per hour if MailEnable was installed. (PPP-34217)
Fixed the issue where, if the Danish locale was selected, it was not possible to create a user or change a password for a password protected folder. (PPP-33421)
Fixed the issue where it was impossible to change permissions for a folder in File Manager if a folder had no full control permission for the administrator. (PPP-33763)
Email Security Pack, which contains MagicSpam, the Linux-only software, was displayed in Extensions Catalog. (PPP-33622)
If a domain contained locked IIS log files, temporary files were not removed after the domain backup was created. (PPP-33542)
During backups creation, failed attempts to remove temporary files terminated the backup process. (PPP-33483)
Restoring a domain from a backup could fail if the domain and its corresponding subscription had different IDs and the subscription limit of Microsoft SQL database was customized. (PPP-31359)
The Plesk Administrator PHP engine could crash or get stuck inside the ionCube loader module. (PPP-27342)
The error message displayed when mail content backup failed was not explicit. (PPP-33469)
Health Monitor did not inform which Performance Counter was missing or misconfigured. (PPP-30389)
Self-signed SSL/TLS certificates generated in Plesk were considered invalid by certain browsers (for example, Chromium for Linux). (PPP-33495)
If outgoing mail was filtered with Rspamd, email notifications from scheduled tasks were labeled as spam. (PPP-29864)
Under certain circumstances, the plesksrv service crashed with an unhanded exception 0xE06D7363 resulting in Plesk becoming inaccessible. (PPP-32701)
Updating the DrWeb Antivirus database did not result in the “last update date” of Plesk Premium Antivirus displayed in “Tools & Settings” > “Server Components” being updated. (PPP-31197)
Under certain circumstances, the C:\Program Files (x86)\Plesk\admin\repository\registry.xml file became empty, which resulted in Plesk becoming inaccessible. (PPP-32634)
Plesk Log Browser sometimes displayed information from old, rotated IIS logs if log rotation was enabled on the server. (PPP-31004)
Users could not stop or recycle IIS application pools in Internet Explorer 11. (PPP-31537)
Microsoft SQL Server database dumps sometimes failed to be restored. (PPP-31565)
Under specific circumstances, invalid entries could be added to domains’ list of servers allowed to request DNS zone transfer in the DNS Manager. (PPP-31212)
Users could not delete TXT DNS records containing capital letters. (PPP-32671)
Attempts to repair the mail server that is not installed via the plesk repair utility resulted in a confusing error message. (PPP-31425)
Users could not import Microsoft SQL Server databases if the local administrator user was renamed. (PPP-31545)
Using the plesk repair utility failed to set the correct identity for IIS application pools. (PPP-31280)
Changes made to a website’s PHP settings after changing the website’s document root directory to a child directory of /httpdocs failed to take effect. (PPP-30889)
Changing a domain’s ASP.NET settings in Plesk resulted in the “providerName” parameter being removed from the domain’s web.config file. (PPP-30496)
Creating server backups in Plesk resulted in an error if one or more domains on the server were secured with an SSL/TLS certificate from Let’s Encrypt. (PPP-29193)
During upgrade to Plesk Onyx 17.8, if an external drive was mounted to the the %plesk_vhosts% directory, the drive was unmounted and an empty directory was created instead. (PPP-30801)
Securing the mail server with an SSL/TLS certificate in Plesk failed to add the certificate in MailEnable if MailEnable version 9.60 or later was installed on the Plesk server. (PPP-30517)
Users could not perform certain operation with subscriptions (such as renaming) if Plesk was installed on a mounted .vhd file. (PPP-30525)
When configuring backup settings for remote Linux-based Microsoft SQL Server 2017 database servers, users could not set a Linux-style path for the temporary files directory. (PPP-31010)
Some Plesk services installation paths contained spaces and were unquoted. (PPP-28340)
The contact name was not displayed in scheduled tasks notifications. (PPP-29261)
Email notifications in scheduled tasks malfunctioned due to equal sender and receiver addresses in the header. (PPP-29550)
Copying of databases via Plesk failed if the database size exceeded 3.5 GB or the database contained big blobs. (PPP-29570)
Internationalized domain names could not be created directly. (PPP-29882)
It was impossible to create a domain alias for the domain using the Punycode encoding. (PPP-29923)
A customer had to manually change the publishing settings to enable web deploy from Visual Studio for ASP.NET Core applications. (PPP-29284)
If SmarterMail Pro was installed, the Outgoing Mail Control feature worked incorrectly. (PPP-29254)
If Plesk data directory and Plesk installation directory were different, upgrading from Plesk 17.0 to a later version failed with an ‘Access is denied’ message. (PPP-29170)
If the PHP temporary folder was not accessible, certain operations caused a php-cgi.exe error. (PPP-29081)
If the PHP temporary folder was not located on the drive on which Plesk was installed, the Let’s Encrypt extension could not renew certificates. (PPP-29077)
Enabling mail service with an API call resulted in webmail binding in IIS being removed. (PPP-28901)
Under certain circumstances, the functionality of Plesk utilities linked with C++/CLI assemblies was disrupted. (PPP-28747)
On servers under high load, server health statistics sometimes became unavailable. (PPP-28647)
On Windows servers, a system task could be scheduled multiple times, resulting in unreported errors. Now, the scheduler properly detects and rejects duplicate tasks. (PPP-28370)

Third-Party Component Updates

Updated PHP 5.6.32 to version 5.6.33.
Updated PHP 7.0.26 to version 7.0.27.
Updated PHP 7.1.12 to version 7.1.14.
Updated PHP 7.2 to version 7.2.2.
Updated phpMyAdmin to version 4.7.7.
Updated the OWASP ModSecurity Core Rule Set (CRS) to version 3.0.2.

Linux

Updated ProFTPD to version 1.3.6.
Updated Horde to version 5.2.17 and Horde components to the latest versions.
Updated Roundcube and its plugins to version 1.3.4.
Updated the PEAR modules to version 1.10.5.
Updated libcurl to version 7.58.0.
Updated ModSecurity to version 2.9.2.
Updated Phusion Passenger 5.1.11 to version 5.1.12.
Updated AWStats 7.6 to version 7.7.
Updated Golang to version 1.9.3.
Updated nginx and OpenSSL to versions 1.13.8 and 1.0.2n respectively.
Updated Dovecot and Pigeonhole to versions 2.3.0 and 0.5.0.1 respectively.
Updated Postfix to version 2.11.11 on CentOS 6 and RHEL 6 servers.
Updated Rkhunter to version 1.4.4.

Windows

Updated ASP.NET Core 2.0 to version 2.0.5.
Updated ASP.NET Core 1.1.2 to version 1.1.6.
Updated ASP.NET Core 1.0.5 to version 1.0.9.
Updated MailEnable to version 10.12.
Updated Horde and IMP to versions 5.2.17 and 6.2.21 respectively.
Updated BIND to version 9.10.6-P1.
Updated Node.js 8.9. and 6.12 to versions 8.9.4 and 6.12.3 respectively.
Updated MySQL Server 5.7.19 and 5.6.36 to versions 5.7.21 and 5.6.39 respectively.
Updated Microsoft SQL Server 2012 Native Client and its libraries to version 11.3.6538.
Updated Git to version 2.15.1.2.
Updated MySQL-Admin to version 5.7.
Updated Plesk SQL Server to version to 5.7.19.
Updated MySQL Connector/ODBC to version 5.3.7.
Updated the libcurl library to version 7.53.0.
Updated AWStats to version 7.6.
Updated POCO Libraries to version 1.7.8p3.

Advisor 1.1.0

6 March 2018

Added a recommendation to configure ModSecurity in tandem with Fail2ban.
Added a recommendation to configure the Plesk Firewall.
Added a recommendation to turn on Plesk automatic updates.
Added a recommendation to switch hosted websites to up-to-date PHP versions. .
Improved messages and descriptions in the Advisor interface.
Added the “About rating” description explaining what is a server rating and how Advisor counts it.
Improved how Advisor checks and activates HTTP/2 for hosted websites.
Removed a recommendation to use the Patchman extension.
Fixed the issue where installation of a WordPress instance increased the highest possible rating of a server. (EXTADVISOR-156)

Plesk Onyx 17.5.3 Update 43

5 March 2018

Updated PHP to versions 7.2.3, 7.1.15, 7.0.28, and 5.6.34 for customers’ websites.

Plesk Onyx 17.0.17 Update 48

5 March 2018

Updated PHP to versions 7.1.15, 7.0.28, and 5.6.34 for customers’ websites.

Let’s Encrypt 2.5.2

5 March 2018

Fixed the issue where, in Plesk 12.5, the Let’s Encrypt form displayed locale messages incorrectly. (EXTLETSENC-473)

Plesk Migrator 2.15.0

1 March 2018

Created a separate extension for the website importing function, Site Import.
Improved the generation of configuration files by adding multi-session support and implementing a number of other improvements.
Added the ability to increase the maximum length of the “restoration of hosting settings” stage (two hours by default) via the configuration file. The corresponding option and its description were added to the configuration file template.
Fixed the issue where the post-check report contained an error for every FTP user for which no password was specified in the hosting description file. (PMT-4072)
Fixed the issue where running post-migration checks after migrating a disabled subscription resulted in unnecessary errors being reported. (PMT-4106)
Fixed the issue where Plesk Migrator tried updating empty fields in the profiles of customers being migrated which could lead to increased migration times. (PMT-4261)
Fixed the issue where, during post-migration sync of multiple migrated subscriptions, the status of subscriptions for which all post-migration checks were finished was not being updated correctly and was displayed as “on hold” until the checks for all subscriptions were finished. (PMT-4265)

Linux

Fixed the issue where, when migrating from a Plesk for Linux server, manually added DKIM records were not migrated. (PMT-4086)
Fixed the issue where, when migrating a subscription with no hosting or with hosting set to “forwarding”, the subscription’s creation date was not migrated. (PMT-4051)

Windows

Added the ability to skip individual migration steps via the configuration file.
Fixed the issue where migrating a subscription with disabled ASP.NET resulted in errors during hosting settings restoration. (PMT-3420)
Fixed the issue where removing the extension left some extension’s files on the file system. (PMT-4248)
Fixed the issue where the migration got stuck and was filling the migration log with errors if the connection to the source server was interrupted during the mail migration stage. (PMT-4169)

Let’s Encrypt 2.5.1

27 February 2018

Improved the extension code to make delivering future improvements easier.
Fixed the issue where, if a domain with uppercase letters in the name and its www alias and/or webmail were secured with a Let’s Encrypt certificate, Let’s Encrypt tried retrieving certificates every hour, exceeding rate limits and sending misleading email notifications to the domain’s owner, if the “Keep secured” option was enabled for the domain. (EXTLETSENC-447)
Fixed the issue where, if the “Keep secured” option was enabled in Let’s Encrypt settings for a domain for which webmail was disabled, the domain’s owner received daily email notifications about Let’s Encrypt trying and failing to secure webmail. (EXTLETSENC-457)
Fixed the issue where domain aliases with names in uppercase (e.g. ALIAS.domain.tld) were shown as unsecured in Let’s Encrypt even if they were, in fact, secured with a Let’s Encrypt certificate. (EXTLETSENC-250)
Fixed the issue where renewing the Let’s Encrypt certificate for a domain with a wildcard subdomain resulted in the subdomain becoming inaccessible. (EXTLETSENC-395)
Fixed the issue where, in Plesk Web Admin Edition, customers received notifications about Let’s Encrypt certificates’ renewal even if these notifications were disabled in “Tools&Settings” > “Notifications”. (EXTLETSENC-427)

Linux

Fixed the issue where trying to secure webmail for a domain using Plesk Premium Email with a Let’s Encrypt certificate resulted in an error. (EXTLETSENC-365)

Windows

Fixed the issue where Let’s Encrypt challenges failed for domains with a custom MIME type configured for “.” (extensionless files). (EXTLETSENC-364)
Fixed the issue where renewing the Let’s Encrypt certificate securing Plesk stalled indefinitely if the number of IP addresses on the server was very large (40-50 or more). (EXTLETSENC-367)

Plesk Onyx 17.5.3 Update 42

26 February 2018

Updated the copyright information.
Fixed the issue where trying to create a customer account via CLI resulted in an error if the customer’s user name contained special characters. (PPPM-8002)

Plesk Onyx 17.0.17 Update 47

26 February 2018

Updated the copyright information.

WordPress Toolkit 2.5.2

21 February 2018

The upgrade procedure of the WordPress Toolkit extension was persuaded to be more forgiving – it can now be successfully repeated if it has previously failed for some reason.
Disable scripts concatenation for WP admin panel security checker no longer invalidates IIS site config if WordPress installation path starts with a digit. (EXTWPTOOLK-1264)

Plesk Onyx 17.5.3 Update 41

19 February 2018

Done some security improvements and hardening.
Fixed the issue where the controls used to configure the policy towards mail sent to non-existent mail addresses were visible even if the “Hide controls for rejection messages for non-existent mail addresses” checkbox was selected in “Tools & Settings” > “Interface Management”. (PPP-526, PPP-31117)

Linux

Added the “Web Statistics SSL/TLS” to the domain settings screen. The button is only visible if SSL support for the domain is switched on. Clicking the button displays web statistics for the domain based only on requests via the HTTPS protocol. If both SSL support and redirect from HTTP to HTTPS is switched on for a domain, the “Web Statistics” button (showing web statistics based on HTTP requests) is hidden.
Fixed the issue where updating the default SSL/TLS certificate via the XML API resulted in the web server configuration getting corrupted. (PPPM-7473, PPPM-7398)

Cloud Images Updates

19 February 2018

Google Cloud

Introduced the maintenance screen feature. Users see the maintenance screen if they log in to a Plesk instance that is being deployed. Once the deployment is finished the maintenance screen is removed, they can start using Plesk.
Rebuilt images using the latest base image and Plesk distribution.

WordPress Toolkit 2.5.1

12 February 2018

Added new security option that disables script concatenation, preventing certain DoS attacks.

Plesk Migrator 2.14.1 and Site Import 1.1.1

12 February 2018

Fixed the issue where, during update of a Plesk key, the error was written to the log file. (PMT-4282)

Advisor 1.0.0 and Security Advisor 1.6.0

12 February 2018

The new Advisor extension is now available. On Plesk 17.8.10 and later, Advisor automatically replaces the Security Advisor extension. On Plesk 17.8.9 and earlier, Security Advisor is not replaced by Advisor.

Plesk Multi Server 1.2.1

8 February 2018

Added the support for the following extensions: Social Login, Unloq, MagicSpam, Acronis Backup, Atomic Secured Linux, KernelCare, Imunify360, My Good Client, and Keychain for API Secret Keys.
Limited the support of Plesk Multi Server to Plesk Onyx 17.5. The upgrade to Plesk Onyx 17.8 is presently unavailable.
Fixed the issue where the ‘Extensions’ tab was not working on service nodes. (EXTPMS-1351)
Fixed the issue where, under certain circumstances, it was not possible to create a new subscription during migration. (EXTPMS-1358)
Fixed the issue where the administrator was redirected to the login screen if a user’s session on a service node expired. (EXTPMS-1362)

Plesk Onyx 17.5.3 Update 40

5 February 2018

Windows

Fixed the issue where the installation of the Plesk update #39 sometimes failed with a “MSI: Error! The specified account already exists.” error. (PPPM-7937)

Third-Party Component Updates

PHP 7.2 was updated to version 7.2.2.
PHP 7.1 was updated to version 7.1.14.

Plesk Onyx 17.0.17 Update 46

5 February 2018

Third-Party Component Updates

PHP 7.1 was updated to version 7.1.14.

Site Import 1.1.0

1 February 2018

Added the option to use the same IP address for establishing the connection to the source server and for transferring data via FTP.
Fixed the issue where, when importing a WordPress site, the site URL was not updated in the WordPress database if one or more files could not be imported. (PMT-4195)

Linux

Increased the RPC agent deployment speed.

Plesk Onyx 17.5.3 Update 39

30 January 2018

Done some security improvements and hardening.
Updated the social media links.
Fixed the issue where predefined values for PHP parameters that contained the dot (.) character were not taking effect. (PPPM-7696)

Windows

Fixed the issue where Plesk utilities using the proc_open function stopped responding when run if their output was greater than 4 KB in size. (PPPM-7804, PPPM-7305)

Plesk Onyx 17.5.3 Update 38

22 January 2018

Fixed the issue where it was impossible to connect to a Plesk server behind NAT via FTP in passive mode even if the public IP address was configured in Plesk because the “MasqueradeAddress” directive was not set. (PPPM-6879)

Note: Applying the update is not enough to resolve the issue if you are already affected. In this case, you need to re-apply the public IP address in “Tools&Settings” > “IP Addresses”.

Linux

Fixed the issue where trying to access Plesk Lightsail via the public IP address using the HTTP protocol resulted in a failure because the user was redirected to the private IP address instead. (PPPM-7844)
Fixed the issue where, after upgrading a Plesk 12.0 server with PCI compliance enabled to Plesk Onyx, the sw-cp-server process could not start due to duplicated “ssl_cipher” records in /etc/sw-cp-server/conf.d/pci-compliance.conf and /etc/sw-cp-server/conf.d/ssl.conf. (PPPM-5964)
Fixed the issue where manually added DKIM records with values like “*_domainkey." were not included in Plesk backups and could not be restored or migrated. (PPPM-7401)

Plesk Onyx 17.5.3 Update 37

10 January 2018

Third-Party Component Updates

PHP 7.2 was updated to version 7.2.1.
PHP 7.1 was updated to version 7.1.13.
PHP 7.0 was updated to version 7.0.27.
PHP 5.6 was updated to version 5.6.33.

Plesk Onyx 17.0.17 Update 45

10 January 2018

Third-Party Component Updates

PHP 7.1 was updated to version 7.1.13.
PHP 7.0 was updated to version 7.0.27.
PHP 5.6 was updated to version 5.6.33.

Cloud Images Updates

10 January 2018

Rebuilt Plesk WebPro images bundled with Alibaba Cloud. Now these images have Fail2Ban, ModSecurity, and Plesk Firewall installed and activated by default.
Rebuilt Plesk images bundled with Google Cloud on the basis of the latest Plesk Onyx 17.5.3 microupdate.
Rebuilt Plesk for Windows images bundled with Microsoft Azure. Improved security and deployment time were. The images now contain the maintenance screen feature.

Joomla! Toolkit 1.1.0

28 December 2017

Significantly improved the UX and workflow by adding the support for long tasks. All long processes are now executed asynchronously, so that other processes can be started in the meantime.
Added the Settings page where you can configure the site name and the mapped administrator user, update the password and the email address, and also completely detach the user from the selected Joomla! instance.
Added a new installation option: Install Demo Data. Enabling this option when creating a Joomla! instance installs the Default English (GB) sample data on the instance.
Added a new security check: User Name. It replaces commonly used user names (for example, admin or webmaster) and synchronizes them if mapped or added as a new mapping to activate the automatic logging in process.
Added a new security check: Debug Mode. It deactivates the debug mode with one click, as activating the debug mode on a production Joomla! instance is insecure.
Extended PHP compatibility down to PHP 5.3. All versions are supported as per the official requirements of the Joomla! project.
Done some security improvements and hardening.
Fixed the issue where scanning for Joomla! instances on a server with a lot of domains and Joomla! instances could result in a HTTP error 504. (EXTCERT-936)
Fixed the issue where scanning for Joomla! instances could result in a PHP fatal error: Cannot redeclare JConfig5a1368bbcf32f::$smtppass. (EXTCERT-937)
Fixed the issue where scanning for Joomla! instances could result in a PHP notice: Use of undefined constant JSON_PRETTY_PRINT. (EXTCERT-938)
Fixed the issue where after updating a Joomla! instance via the Joomla! admin panel the Joomla! version was not displayed correctly in Joomla! Toolkit. (EXTCERT-965)
Fixed the issue where Joomla! instances installed in a subdirectory of the /httpdocs directory were marked as broken in Joomla! Toolkit. (EXTCERT-978)
Fixed the issue where the instance name and Joomla! version were not displayed for Joomla! instances installed in a subdirectory of the /httpdocs directory. (EXTCERT-1030)
Fixed the issue where Joomla! instances installed as APS applications in a subdirectory of the /httpdocs directory could not be added to Joomla! Toolkit. (EXTCERT-1035)

WordPress Toolkit 2.5.0

26 December 2017

Support for custom plugins and themes. Users can install and manage their own plugins and themes in WordPress through WordPress Toolkit. In addition, server administrators can upload their own plugins and themes to the server-level plugin and theme repositories so that other users on the server can see and install these plugins and themes. Server administrators can also add their plugins and themes to sets for further provisioning.
Users can install WordPress with a predefined set of plugins and themes during custom WordPress installation. If you do not want your users to access your sets for some reason, you can hide this option on the Global Settings tab.
The UI hint about WordPress sets preinstallation was not displayed for existing Hosting plans, making it kind of useless. The hint is now displayed for all Hosting plans, regaining its intended usefulness. (EXTWPTOOLK-1081)
WordPress instance will now be removed from the instance list in WPT if the subscription with this WordPress instance is switched from ‘hosting’ to ‘no hosting’. (EXTWPTOOLK-1043)
WordPress Toolkit now respects personal boundaries of domains and does not use PHP handler of a parent domain when it should be using PHP handler of the domain where the WordPress is installed. (EXTWPTOOLK-1046)
Plugin and theme sets are now correctly marked in UI as a feature that requires proper WordPress Toolkit license for users of WordPress Toolkit SE. (EXTWPTOOLK-1039)
Values of WP_HOME and WP_SITEURL variables in wp-config.php were not properly changed during the cloning of WordPress instances. We’ve made sure the values of these variables will get proper treatment during the cloning and data synchronization from now on. (EXTWPTOOLK-1069)
Maintenance mode assets were not loaded in maintenance mode if any page other than the main page was opened in the browser. (EXTWPTOOLK-978)
WordPress instances not registered in the WordPress Toolkit were ruthlessly overwritten if somebody performed Quick WordPress installation on the affected domain. WordPress Toolkit was convinced to be more considerate, so now it avoids overwriting unregistered WordPress instances during Quick installation, opting to install new WordPress instances in a subfolder nearby instead. (EXTWPTOOLK-1037)
PHTML notices are no longer added to debug.log on WordPress instance updates. This fix does not affect existing WordPress Toolkit instances which have previously modified Maintenance mode templates, unfortunately. (EXTWPTOOLK-972)
WordPress Toolkit was displaying a message that a set was installed during the provisioning of a subscription even when nothing of the kind actually happened. This enthusiasm was quite confusing, so WordPress Toolkit now displays the message about set installation only when it is actually installed. (EXTWPTOOLK-1038)
Instance URLs are now displayed correctly in the Toolkit if WP_SITEURL or WP_HOME constants in wp-config.php have values different from actual website URL. (EXTWPTOOLK-1010)
The plugin or theme info pop-up window was genetically modified to avoid completely blocking the screen when trying to display a very long plugin or theme name. (EXTWPTOOLK-1012)
When a WordPress instance without a single plugin was put into maintenance mode, refreshing it in the Toolkit interface resulted in the following error: Invalid field: slug. You won’t see this error anymore, as all unruly slugs were scurried to graze in the more appropriate fields. (EXTWPTOOLK-1000)

Plesk Migrator 2.14.0

26 December 2017

Added the ability to connect to the source server via SSH and to use rsync for importing files.
Increased data transfer speed during website migration.
Added the ability to generate the configuration file for command line migration by running the plesk-migrator configure command.
Fixed the issue where MySQL events and stored routines were not migrated. (PMT-4065)
Fixed the issue where migration failed if a user’s password contained non-Unicode characters and the Enhanced security mode was disabled on the source server. (PMT-4103)
Fixed the issue where, if during a failed migration attempt a subscription’s limits were not set correctly on the target server, Plesk Migrator did not try to update them during subsequent attempts. This could result in addon domains or subdomains belonging to the subscription not being migrated. (PMT-4066)
Fixed the issue where post-migration checks could sometimes stall when checking the migrated websites’ pages. (PMT-4095)
Fixed the issue where website migration from servers with vsftpd installed was impossible if FTPS support was not configured for it. (PMT-4130)
Fixed the issue where Plesk Migrator occasionally failed when migrating multiple subscriptions to Plesk for Windows at once. (PMT-4170)
Fixed the issue where, if the document root directory contained there a directory with no “read” permissions, the path to the document root directory had to be specified manually. (PMT-4184)
Fixed the issue where, if the hosting description file was written in YAML, the number of domains to be migrated was very high, and multiple subscriptions were being migrated at once, migration could fail due to Plesk Migrator running out of memory. (PMT-4132)

Linux

Fixed the issue where databases could not be migrated during website migration if the /var/www/ directory was mounted to a different partition on the target server. (PMT-4128)
Fixed the issue where databases could not be migrated during website migration if on the target server a remote MySQL server was configured as the default database server. (PMT-4199)

Windows

Added the ability to specify the path to the Microsoft SQL Server temporary directory by specifying the remote-mssql-session-dir option in the configuration file.
Fixed the issue where migrating content via rsync could be interrupted (for example, due to network connectivity issues or packet loss), which resulted in the migration stalling. (PMT-4163)
Fixed the issue where files and folders with names containing national characters were not migrated during website migration. (PMT-3706)
Fixed the issue where website migration could not start if a directory containing a symbolic link to itself was present on the source server. (PMT-4200)

Plesk Onyx 17.5.3 Update 36

25 December 2017

Third-Party Component Updates

Windows

Node.js 7 was replaced with Node.js 8.9.
Node.js 6 was updated to version 6.12.
Node.js 4 was updated to version 4.8.

Plesk Onyx 17.0.17 Update 44

25 December 2017

Third-Party Component Updates

Windows

Node.js 6 was updated to version 6.12.
Node.js 4 was updated to version 4.8.

Ruby 1.3.5

25 December 2017

Ruby 2.4 was updated to version 2.4.3.
Ruby 2.3 was updated to version 2.3.6.
Ruby 2.2 was updated to version 2.2.9.
Fixed the issue where additional users could not change the “Document root” setting even if they were assigned a user role with full permissions. (EXTRUBY-54)

Node.js 1.3.3

25 December 2017

Node.js 7.x was replaced with version 8.9.3.
Node.js 6.x was updated to version 6.12.2.
Fixed the issue where all user-specified environment variables were silently reset when their total length exceeded 255 characters. (EXTNODEJS-50)
Fixed the issue where additional users could not change the “Document root” setting even if they were assigned a user role with full permissions. (EXTNODEJS-73)
Fixed the issue where clicking “NPM install” did not produce an error message even if the execution of the nmp install command failed. (EXTNODEJS-45)

Plesk Onyx 17.5.3 Update 35

19 December 2017

Extension vendors can now add upsell opportunities to their extensions by using the newly added getUpgradeLicenseUrl(); method. This displays an “Upgrade” button inside the extension.

Linux

Fixed the issue where the “OK” and “Apply” buttons disappeared from the file editor as a file was being edited if the subscription’s FTP user was changed. (PPPM-7592)

Plesk Onyx 17.5.3 Update 34

12 December 2017

Linux

The pm PHP-FPM directive of a domain created under a default service plan took the static value instead of default ondemand, resulting in high memory usage by Apache or PHP-FPM process. (PPPM-7647)
Installed PHP 7.2 was not displayed in the list of server components (Tools & Settings > Updates and Upgrades > Add/Remove Components). (PPP-34001)
Under certain circumstances, creating or deleting domains on a server with a large number of subscriptions (more than 100) could throw Apache configuration error. (PPPM-7236)

Plesk Onyx 17.0.17 Update 43

11 December 2017

Third-Party Component Updates

Windows

Kaspersky Anti-Virus was updated to version 8.6.1.

Note: the previous version is reaching its End оf Life at 1st of January, 2018. It won’t be receiving updates and support since then.

We encourage all Plesk 17.0.17 for Windows users to upgrade Plesk.

Let’s Encrypt 2.5.0

7 December 2017

Let’s Encrypt extension can now automatically keep all subscription’s websites secured. It finds subscription’s add-on domains, subdomains, aliases, www, or webmail domains without a certificate, or with a self-signed or expired certificate, and secures them with a free Let’s Encrypt certificate.

To enable this feature, open the hosting plan or subscription settings, “Additional Services” tab, and select “Keep websites secured with free SSL Certificate” in the list next to “Let’s Encrypt”.

The check runs each hour by default, which can be configured in Tools & Settings > Scheduled Tasks > “Extension letsencrypt” task.
Email address on an IDN domain could not be used to issue a Let’s Encrypt certificate for Plesk Panel or a domain. (EXTLETSENC-372, EXTLETSENC-399)
In email notifications, IDN domains were written in punycode. (EXTLETSENC-389)
IDN domain used for Plesk Panel could not be secured. (EXTLETSENC-371)
When automatically renewing a certificate, the extension attempted and failed challenges on disabled domain aliases, included in the current certificate. This resulted in excessive email notifications. Now the extension detects such domain aliases and does not attempt challenges on them. (EXTLETSENC-391)
The extension attempted to automatically renew certificates for suspended and disabled domains, which failed and caused excessive email notifications. (EXTLETSENC-375, EXTLETSENC-387)
Domains without SSL/TLS support had the Let’s Encrypt button, allowing users to issue certificates, which could not be used afterwards. (EXTLETSENC-127)
Disabled domain aliases had the Let’s Encrypt button, allowing users to attempt to issue a certificate. (EXTLETSENC-397)
Securing Plesk Panel with CLI command did not complete: the certificate was issued and saved to server storage, but was not applied. (EXTLETSENC-374)

WordPress Toolkit 2.4.2

5 December 2017

WordPress instances could not be secured via WordPress Toolkit on Plesk 17.8 Preview 8. (EXTWPTOOLK-1004)
It wasn’t possible to install WordPress in the same place three times, overwriting previous installations. We believe that persistence should be rewarded, so we have fixed this issue. (EXTWPTOOLK-1013)

Plesk Onyx 17.5.3 Update 33

4 December 2017

Plesk is now shipped with PHP 7.2.0 for customers’ websites.
Security improvements.
In Service Provider View, the “Previous” and “Next” links on the promoted extensions panel were moved to the bottom of the panel to improve page layout on mobile phones. (PPPM-7540)

Linux

On Lightsail, a new instance, created from a snapshot of Plesk on Ubuntu 16.04 instance, had wrong IP mapping, which made websites on the instance unavailable. (PPPM-7591)
Under certain circumstances, the packagemng utility returned an empty output resulting in the empty list in “Tools & Settings” > “Server Components”. (PPPM-4817)

Windows

Backup log warnings about errors in PSAMailbackup.exe did not include the error messages. (PPPM-7595)

Security Advisor 1.6.0

29 November 2017

Security Advisor is now available for Windows.
Each domain on the “Domains” tab now has a Secure button, allowing users to install a free or paid Symantec SSL/TLS certificate on the domain. This can be turned off with the following setting in panel.ini:
```
[ext-security-advisor]
promoteSymantec = false
```
Customers and resellers can now use the following tabs in Security Advisor:
- “Domains” tab, showing domains not secured with an SSL certificate.
- “Wordpress” tab, showing instances without HTTPS enabled.
Each domain name in the list of domains now has a link to the domain details page.
On the “WordPress” tab, each instance in the list now has a link to instance details page.
The “Domains” tab now also shows IDN domains.
Detached WordPress instances were indeed present on the “WordPress” tab. (EXTPLESK-350)
“Valid from” and “Valid to” dates of Certificate Authority were shown instead of dates of the SSL/TLS certificate. (EXTPLESK-315)

Linux

When customers issued Let’s Encrypt certificates from Security Advisor, administrator’s email was passed to Let’s Encrypt, which resulted in customers unable to receive notifications about expired or compromised domain SSL/TLS certificates. Now customers’ emails are passed. (EXTPLESK-345)
URL for WordPress instance installed on an IDN domain was shown encoded in Punycode, making it harder for user to match domain and WordPress instance. (EXTPLESK-334)

Plesk Onyx 17.5.3 Update 32

28 November 2017

The PHP-FPM setting max_children can now be customized.

Linux

On servers with with WordPress Toolkit, having both customer and reseller accounts, creating full server backup completed with warnings. (PPP-33003)

Windows

During backups creation, failed attempts to remove temporary files terminated the backup process. (PPPM-7412)

Third-Party Component Updates

PHP 7.0 was updated to version 7.0.26.
PHP 7.1 was updated to version 7.1.12.

Plesk Onyx 17.0.17 Update 42

28 November 2017

Third-Party Component Updates

PHP 7.0 was updated to version 7.0.26.
PHP 7.1 was updated to version 7.1.12.

Cloud Images Updates

27 November 2017

Plesk Onyx WebPro images bundled with Alibaba Cloud were rebuilt: Fail2Ban, Plesk Firewall, and ModSecurity are now installed by default.

Plesk Onyx 17.5.3 Update 31

23 November 2017

Linux

On AWS, a new instance, created from a snapshot of Plesk on Ubuntu 16.04 instance, had wrong IP mapping, which made websites on the instance unavailable. (PPPM-7517)

WordPress Toolkit 2.4.1

21 November 2017

The option to turn off rsync usage for synchronization on Linux was added to Global Settings.
Addendio service was displaying detached WordPress instances in its drop-down menu. (EXTWPTOOLK-899)
Successful server backup was adding a warning in the log. (EXTWPTOOLK-991)

Plesk Onyx 17.5.3 Update 30

16 November 2017

Linux

On CentOS 7, Red Hat Enterprise Linux 7 and CloudLinux 7 with Roundcube webmail, files could not be attached to mail messages. (PPPM-7470)

Plesk Onyx 17.0.17 Update 41

16 November 2017

Linux

On CentOS 7, Red Hat Enterprise Linux 7 and CloudLinux 7 with Roundcube webmail, files could not be attached to mail messages. (PPPM-7470)

WordPress Toolkit 2.4.0

16 November 2017

Users can specify custom administrator login URL on the “Login Settings” page. This complements various WordPress plugins that change the login URL for security reasons.
Server Administrator can create sets of themes and plugins for preinstallation with WordPress on new subscriptions.
On Linux, rsync is now used to synchronize files between instances. This improves performance and adds two more sync options: one allows replacing newer files modified on target (enabled by default), another allows removing files from target that were removed from the source.
Hosting plans have a new option to preinstall WordPress with an optional predefined set of themes and plugins on newly created subscriptions.
Multiple WordPress Toolkit settings previously available only via editing panel.ini file can now be changed by the server administrator on the Global Settings page of WordPress Toolkit.
WP-CLI utility was updated to version 1.4.
WordPress Toolkit could not update secret keys in wp-config.php if some of the keys were missing. (EXTWPTOOLK-795)
Mass update procedure was stopped if a single theme or plugin could not be updated. We have convinced the procedure to continue as usual in this case, and display a warning instead. (EXTWPTOOLK-943)
Broken WordPress instances registered in WPT could not be repaired by performing data sync from a working instance. (EXTWPTOOLK-904)
WordPress Drop-Ins were displayed on the “Manage Plugins” page as inactive plugins without descriptions. Attempting to activate them from this page resulted in errors. Now Drop-Ins are not displayed in the plugin list. (EXTWPTOOLK-967)
When securing database for a WordPress instance, wp_ substring was replaced not only in the beginning, but also in the middle of table names. (EXTWPTOOLK-905)
Some operations performed by customers were logged as if they were performed by the server administrator. (EXTWPTOOLK-774)
On Windows servers it was impossible to clone WordPress instances with files that had spaces in their names. (EXTWPTOOLK-785)
Under certain circumstances, switching languages took up to several minutes. (EXTWPTOOLK-797)
After removing a domain that had a subdomain with a WordPress instance registered in WordPress Toolkit, the user could still see this instance in WordPress Toolkit. (EXTWPTOOLK-784)
Setting skip_name_resolve = on in the MySQL server configuration resulted in failure to clone instances. (EXTWPTOOLK-806)
In some cases WordPress Toolkit did not detect and notify users that a website stopped responding after WordPress instance synchronization. (EXTWPTOOLK-778)
Addendio service sometimes tried to install Addendio PLUS plugin when it was already installed, which resulted in a warning in the panel.log file. (EXTWPTOOLK-913)
When Resellers used system-wide search, they could see WordPress instances that did not belong to them or their customers. (EXTWPTOOLK-917)

Plesk Onyx 17.5.3 Update 29

14 November 2017

Users logging in to a cloud service Plesk instance that is being deployed will now be greeted by a maintenance screen. They can start using Plesk once the deployment is finished and the maintenance screen is removed.

Third-Party Component Updates

Linux

Roundcube was updated from version 1.2.5 to 1.2.7. This is a security update, related to a serious vulnerability in Roundcube (see the details).

We encourage all Plesk for Linux users to upgrade Plesk.

Plesk Onyx 17.0.17 Update 40

14 November 2017

Third-Party Component Updates

Linux

Roundcube was updated from version 1.2.5 to 1.2.7. This is a security update, related to a serious vulnerability in Roundcube (see the details).

We encourage all Plesk for Linux users to upgrade Plesk.

Plesk Onyx 17.5.3 Update 28

7 November 2017

Users now can add, remove, and replace plan items on demand using the extensions SDK.
Under certain circumstances, an attempt to move directory or file in File Manager resulted in an error. (PPPM-6398)

Linux

The Cgroups Manager did not allow to set the CPU limit value above 999% on machines with 10 or more CPU threads. (PPPM-5953)
In File Manager, copying directory to a path where another directory with the same name existed resulted in former directory added as a subdirectory of the latter, instead of overwriting it. (PPPM-6398)
A subscription, having invalid v4 and v6 IP’s assigned to it, was shown twice on the subscriptions page. (PPPM-6950)

Windows

Under certain circumstances, the C:\Program Files (x86)\Plesk\admin\repository\registry.xml file became empty, which resulted in Plesk becoming inaccessible. (PPPM-7233)
Under certain circumstances, the plesksrv service crashed with an unhanded exception 0xE06D7363 resulting in Plesk becoming inaccessible. (PPPM-7135)

Plesk Onyx 17.0.17 Update 39

7 November 2017

Users now can add, remove, and replace plan items on demand using the extensions SDK.

Linux

The Cgroups Manager did not allow to set the CPU limit value above 100%. (PPPM-5953)

Plesk Migrator 2.12.0

2 November 2017

Now you can run pre-migration checks in the advanced migration mode. Successfully passing all checks automatically starts a migration.
Performance of scanning source server contents before importing sites has been drastically improved.
When preparing for a site import, one of the applications being unavailable resulted in failure to detect other applications and list them on the site import page. (PMT-4061)
When transferring a subscription from Plesk Onyx, only a single scheduled task was transferred to the target server. (PMT-3894)
When migrating a subscription from Plesk 11.5 or later, the password for site application database was not decrypted on the target server, which resulted in the application unable to work on the target server. (PMT-4026)
When migrating from a Linux server with Plesk Onyx, pre-migration checks did not detect it when the webmail, used on the source server, was missing on the target server. (PMT-3145)
A component, required by Plesk Migrator, was not bundled with it but instead downloaded before first site import. This could result in migration failure in case of network problems. Now the component is a part of Plesk Migrator and does not require separate downloading. (PMT-3735)
When migrating from Plesk servers, the APS applications were transferred only as content and not registered in Plesk. (PMT-4000)

Linux

The migration process was aborted if any customer’s login name did not conform to the Plesk requirements (only alphanumeric characters and -.'%_). Now subscriptions owned by such customers are skipped during the migration. (PMT-3959)
Migration to a server with administrator’s id different than the default one (1) resulted in failure to repeatedly migrate subscriptions or synchronize their content. (PMT-3078)
When migrating from Confixx, each transferred SSL certificate was installed as default certificate for all domains on the IP address, which resulted in all domains using the certificate of the latest migrated domain. (PMT-4043)

Windows

When migrating a subscription with a database and ODBC DSN (Data Source Name) from Plesk for Windows of version 12.5 or later, the DSN was not migrated. (PMT-3891)
Migration failed from a server having IP addresses with netmask set in short notation. (PMT-4048)
When migrating a subscription with web.config containing non-ASCII characters from a server with .NET 2.0 or 3.x to a server with only .NET 4.x, adjusting the web.config to the target server failed. (PMT-4029)

Plesk Onyx 17.5.3 Update 27

30 October 2017

Third-Party Component Updates

PHP 7.1 was updated to version 7.1.11.
PHP 7.0 was updated to version 7.0.25.
PHP 5.6 was updated to version 5.6.32.

According to php.net, PHP 7.0.25 and PHP 5.6.32 are security releases. We encourage all Plesk users to upgrade PHP to the latest version.

Plesk Onyx 17.0.17 Update 38

30 October 2017

PHP 7.1 was updated to version 7.1.11.
PHP 7.0 was updated to version 7.0.25.
PHP 5.6 was updated to version 5.6.32.

According to php.net, PHP 7.0.25 and PHP 5.6.32 are security releases. We encourage all Plesk users to upgrade PHP to the latest version.

Plesk Onyx 17.5.3 Update 26

24 October 2017

Linux

Phusion Passenger was updated to version 5.1.11, which includes a fix for a major security issue. We thank our colleagues from cPanel for discovering the vulnerability.

We highly recommend you to update Plesk.

Plesk Onyx 17.0.17 Update 37

24 October 2017

Linux

Phusion Passenger was updated to version 5.1.11, which includes a fix for a major security issue. We thank our colleagues from cPanel for discovering the vulnerability.

We highly recommend you to update Plesk.

Let’s Encrypt 2.4.0

17 October 2017

The customers are now notified by email about automatic certificate renewal, both successful and failed. This behaviour can be configured in Tools & Settings – Notifications.
The certificate used for securing mail service will now be renewed and applied automatically. Several issues with renewing certificates were fixed.
In error reports, technical details are now grouped together in a collapsed text block.
When creating a subscription or domain with an internationalized domain name, automatic installation of a Let’s Encrypt certificate failed. (EXTLETSENC-329)
The certificate used for securing Plesk Panel was not shown in the certificate repository. (EXTLETSENC-187)
If Let’s Encrypt Authority rejects the request with “Policy forbids issuing for name”, the error message now provides relevant information and a reference link. (EXTLETSENC-202)

Linux

When issuing a certificate for a webmail addon domain, if an error occurred, the error message did not provide a relevant explanation. (EXTLETSENC-321)
Under certain circumstances, the certificate for Plesk Panel was not renewed upon updating the Let’s Encrypt extension from versions earlier than 2.0. (EXTLETSENC-322)

Windows

Domain certificates used for securing Plesk Panel are now actually renewed instead of removing old certificate and issuing a new one. (Only for Plesk 17.8 and later.)
Symbolic links to certificates were created with extra \ symbols, which prevented opening them with some applications, for example with notepad.exe. (EXTLETSENC-315)

Plesk Onyx 17.5.3 Update 25

16 October 2017

Security improvements.
Sending an XML API request with a non-existent secret key resulted in response with message ‘invalid protocol version’. Now a relevant error message is returned. (PPPM-7176)

Linux

Using the mchk utility on a mailbox with non-empty Trash resulted in the ‘Email Addresses’ tab on the domain page showing a miscalculated size of this mailbox. (PPPM-6617)
Running plesk bin init_conf --init on a Plesk instance with a preset administrator password resulted in resetting this password. (PPP-31393)

Plesk Onyx 17.0.17 Update 36

16 October 2017

Security improvements.
Sending an XML API request with a non-existent secret key resulted in response with message ‘invalid protocol version’. Now a relevant error message is returned. (PPPM-7175)

WordPress Toolkit 2.3.1

12 October 2017

Addendio service is now used by default for installing plugins and themes. Enjoy flexible filtering and additional plugin / theme catalogs to choose from.

Note: if you have Addendio Plesk Extension installed, please uninstall it to avoid conflicts.
When users perform custom WordPress installation, WordPress Toolkit now asks users if they want help with installing plugins.
After the discussion with WordPress Security team, the ‘Version information’ security check was removed because it wasn’t useful and generated issues in certain cases. (EXTWPTOOLK-852)
After synchronizing instances, the source instance page had information about the target instance. (EXTWPTOOLK-922)

Plesk Mobile 1.1.0 for Android

9 October 2017

User interface was adapted for tablets.
Server and domain widgets can now be added to the home screen.

Plesk Mobile is available at the Apple App Store and Google Play.

Ruby 1.3.4

5 October 2017

Ruby 2.4 was updated to version 2.4.2.
Ruby 2.3 was updated to version 2.3.5.
Ruby 2.2 was updated to version 2.2.8.

Plesk Onyx 17.5.3 Update 24

2 October 2017

Security improvements.
Restricting administrative access with ‘IP Access Restriction’ resulted in access being restricted for customers and resellers as well. (PPPM-6498)

Linux

On CentOS 7 servers, SELinux module restricted Plesk Update Manager from running rpm package scripts, which resulted in failure to update certain packages. (PPPM-6338)
On CloudLinux servers with enabled cagefs, the cron job for renewing Let’s Encrypt certificates failed with message ‘this program can not be run as root’. (PPPM-7018, PPP-31798)
Plesk used a Postfix-specific version of sendmail-wrapper, which resulted in cron tasks failing due to non-empty output of plesk sendmail command. (PPPM-7138, PPPM-7148)
On CentOS 7 servers, sendmail-wrapper reported errors when resolving mail aliases. (PPPM-7139)

Windows

Creating server backup failed, if the server had a domain with a Let’s Encrypt certificate. (PPPM-6126)

Third-Party Component Updates

PHP 7.0 was updated to version 7.0.24.
PHP 7.1 was updated to version 7.1.10.

Plesk Onyx 17.0.17 Update 35

2 October 2017

CentOS 7.4 and Red Hat Enterprise Linux 7.4 are now supported.
Security improvements.
Restricting administrative access with ‘IP Access Restriction’ resulted in access being restricted for customers and resellers as well. (PPPM-6498)

Linux

On CentOS 7 servers, SELinux module restricted Plesk Update Manager from running rpm package scripts, which resulted in failure to update certain packages. (PPPM-6338)

Third-Party Component Updates

PHP 7.0 was updated to version 7.0.24.
PHP 7.1 was updated to version 7.1.10.

Virtuozzo ReadyKernel

28 September 2017

The ReadyKernel extension will not be suggested to install, because Virtuozzo has announced that it stops supporting ReadyKernel for RedHat Enterprise Linux, CentOS and Ubuntu.

Security Advisor 1.5.0

28 September 2017

The list of domains in the Security Advisor can now be filtered.
The subscription screen now has a Security Advisor button, which opens Security Advisor with a filtered list of domains for the corresponding subscription.
The Home screen now has a Security Advisor button, which opens Security Advisor with a list of all available domains.

Ruby 1.3.3

28 September 2017

The extension is now available for Debian 9.
The extension’s description on the catalog was revised and updated.

DataGrid → Opsani

28 September 2017

The DataGrid extension was renamed to Opsani, because the product name has changed.

Plesk Onyx 17.5.3 Update 23

25 September 2017

CentOS 7.4 and Red Hat Enterprise Linux 7.4 are now supported.
Under certain circumstances, subscription backups could not be restored on Web Admin Edition. (PPPM-6865)

Linux

If the mailbox size was set to unlimited, running plesk repair mail for a domain resulted in overwriting size settings for particular mailboxes under that domain. (PPPM-6140)
A warning message about changing hosting type to Forwarding was incorrectly localized, which resulted in variable name appearing in the message text. (PPPM-7050)
Sending an email to multiple recipients via Postfix server with SPF enabled resulted in multiple “Received-SPF…” lines instead of one line. (PPPM-3456)
Under certain circumstances, Postfix failed to resolve short system email aliases, such as “root” or “postmaster”, which resulted in emails being rejected with message “Unable to get sender domain by sender mailname”. (PPPM-6939, PPP-27696)
Under certain circumstances, DMARC service encountered segmentation fault errors. (PPPM-6847)

Plesk Migrator 2.11.4

20 September 2017

Plesk Migrator now supports importing websites with Joomla, Drupal, and Prestashop installed (with certain limitations, to learn more, read Migrating Applications).
Users can now view the migration log in real time and search the log for key phrases in the Plesk Migrator interface.
The reliability of migrations from servers with non-English locale has been improved.
Re-syncing a subscription that was reassigned to a different owner during migration flooded the migration log with PHP notices, and could corrupt the Plesk Migrator interface if the display_errors PHP option was enabled. (PMT-3887)
Migration from Plesk failed if one or more customer passwords on the source server decrypted to ‘none’. (PMT-3876)
When migrating a subscription with Magento installed, the Magento configuration file was not updated if the Magento database was renamed during migration. (PMT-3513)
When migrating a subscription with Prestashop, the Prestashop configuration file was not updated if the Prestashop database was renamed during migration. (PMT-3520)
When importing an application, the contents of all application files were lost if the specified domain name belonged to a domain already hosted on the target server. (PMT-3967)
Migration from Plesk failed if MariaDB 10.0.32 or later was installed on the source server. (PMT-3916)

Linux

When migrating from Ubuntu or Debian to CentOS or Red Hat Enterprise Linux (or vice versa), subscriptions with files owned by the web server that contained non-UTF-8 characters could be assigned to incorrect owners. (PMT-3860)
Migration could not be started if one or more secret keys in the Plesk database could not be decrypted correctly. (PMT-3298)
Plesk Migrator could not set the correct permissions for statistics and logs directories. (PMT-3934)

Windows

When migrating from Helm via the command line, the shallow-dump.xml file was created anew during each migration stage, which considerably prolonged the migration. (PMT-3921)
Migration from Helm failed if one or more packages had enabled features whose parent plan was deleted. (PMT-3912)
The post-migration report did not contain information about missing DNS records for domains whose names contained IDN characters. (PMT-3906)
Migration from Helm failed if one or more identical IP addresses were registered as both shared and dedicated on the source server. (PMT-3878)
Under specific circumstances, copying of mail content for individual mailboxes could fail. (PMT-3868)
Copying of mail content could fail when migrating MailEnable accounts with a large number of mails. (PMT-3866)
On servers with the Chinese locale, under specific circumstances, syncing Microsoft SQL Server databases could result in an error. (PMT-3832)
Migration from a server with Japanese locale could fail with a misleading error message when copying website content. (PMT-3705)
When importing an application to Plesk for Windows, the import could fail if the application had an exceedingly large number of files. (PMT-3975)

Plesk Onyx 17.5.3 Update 22

18 September 2017

Plesk Server Health Monitor received a series of improvements:
- CPU total usage statistic now includes the number of CPU cores and maximum available usage.
- Notification thresholds for CPU usage were corrected.
The extensions are now updated daily if automatic update is enabled on the server.
Security improvements.

Plesk Onyx 17.0.17 Update 34

18 September 2017

Security improvements.

Plesk Onyx 17.5.3 Update 21

5 September 2017

Clicking the “Backup Manager” breadcrumb on the “Websites&Domains” > “Backup Manager” > “Back Up” screen took the user to the “My Account” > “Backup Manager” screen if Plesk was behind an UI proxy. (PPPM-6577)

Linux

Updating the administrator’s default SSL/TLS certificate via CLI corrupted the web server configuration. (PPPM-6136)
Users could not restore from full backups stored in the FTP repository if the ‘/usr/local/psa/PMM/tmp’ directory was missing. (PPPM-6591)
The ‘ifmng’ CLI utility was unable to correctly parse IPv6 addresses without a netmask. (PPPM-6373)

Windows

SmarterMail 16 is now supported.
Certain operations with virtual hosts could not be performed in Plesk if an external drive was mounted to the the %plesk_vhosts% directory. (PPPM-6615)

Third-Party Component Updates

PHP 7.1 was updated to version 7.1.9.
PHP 7.0 was updated to version 7.0.23.

Plesk Onyx 17.0.17 Update 33

5 September 2017

Third-Party Component Updates

PHP 7.1 was updated to version 7.1.9.
PHP 7.0 was updated to version 7.0.23.

Let’s Encrypt 2.3.0

31 August 2017

When creating a subscription, add-on domain, or subdomain, it can be immediately secured with a Let’s Encrypt certificate. The corresponding checkbox on the subscription or domain creation page is not selected by default. To make it selected by default, add the following setting in the panel.ini:
```
[ext-letsencrypt]
secure-new-domain = true
```
The Let’s Encrypt extension now explains common errors that can happen when issuing a certificate and gives instructions on resolving them.
When using Let’s Encrypt CLI for issuing a certificate, the alternative domain names, passed as command parameters, were not included in the cerfificate. (EXTLETSENC-104)
An error message was shown when the extension could not clean up certain temporary files after issuing a certificate. Now a warning message is shown instead. (EXTLETSENC-106)
Under certain circumstances, on Plesk 12.5 servers, issuing a certificate on a subscription with incorrect DNS configuration resulted in a ‘PHP fatal error’. (EXTLETSENC-256)
Under certain circumstances, if the web server restarted during the process of issuing a certificate, it could not access the certificate file, which resulted in failure to restart. (EXTLETSENC-213)

Linux

Under certain circumstances, on Plesk 12.5 servers, a certificate renewal task failed with ‘DEBUGGER DETECTED’ message. (EXTLETSENC-255)

Windows

The symbolic links to issued certificates were created with Unix-style path separator, which resulted in them being unreadable. (EXTLETSENC-235)

Plesk Onyx 17.5.3 Update 20

28 August 2017

When regenerating webserver configuration, Plesk now detects domains mapped to unavailable IP addresses and proposes to fix each domain by either remapping it to an available IP or excluding it from the conifiguration. This ensures that the regenerated configuration is valid and the webserver succeeds to start.
Removing all licenses from a Plesk instance resulted in logging in to the Plesk Panel via browser failing with a “PHP fatal error”. (PPP-30145)

WordPress Toolkit 2.3.0

24 August 2017

A restoration point can now be created for a WordPress instance before running operations that have a risk of damaging the instance, such as upgrading it or syncing data. After such operation the instance can be rolled back to the restoration point.
A new security check ‘Disable pingbacks’ was added. It prevents attackers from exploiting the WordPress Pingback API to send spam and launch DDoS attacks.
A link to the list of WordPress instances was added to the left navigation pane in Power User view and Customer panel.
A confirmation dialog is now shown before updating multiple WordPress instances.
A confirmation dialog is now shown before installing a WordPress instance to a database which is already used by another instance.
A confirmation dialog is now shown if WordPress installation can overwrite certain files, created by some other CMS.
Now the WordPress Toolkit does not allow synchronizing databases between WordPress instances that share a single database.
The message about synchronizing an instance with an older WordPress version to an instance with a newer version was corrected. (EXTWPTOOLK-736)
The string placeholder was used instead of the domain name on the clone page when German language was used in the user interface. (EXTWPTOOLK-771)
WordPress Toolkit could not work with instances where the is_admin function was used in wp-config.php. (EXTWPTOOLK-722)
Changing the Plesk encryption key after a failed attempt to clone a WordPress instance could result in all further attempts failing. (EXTWPTOOLK-657)
When cloning a WordPress instance, an error on the database migration step, could result in file transfer step marked as failed. (EXTWPTOOLK-701)
When cloning an instance, the WordPress Toolkit searched for possible locations of wp-config.php in a wrong order, which could result in a failure to clone the instance. (EXTWPTOOLK-704)
A customer having no access to the WordPress toolkit could indeed have an ‘Install Wordpress’ button, which actually did not perform any action. (EXTWPTOOLK-721)
The “Administrator’s username” security check was displayed in a wrong section of the Secure WordPress dialog. (EXTWPTOOLK-695)

Windows

Cloning or synchronizing WordPress instances could fail due to unquoted escape sequences in file paths. (EXTWPTOOLK-749)

Plesk Onyx 17.5.3 Update 19

21 August 2017

The Fail2ban white list is now automatically updated with Plesk server IPs when they are created, updated or removed.

Note: To add IPs created before this Plesk update to the Fail2ban white list, open the IP Addresses page in Tools & Settings and click the ‘Reread IP’ button.
A DNS SRV record with empty target can now be added.
Under certain circumstances, the ‘Share your opinion’ form was shown on each page and could not be postponed. (PPPM-6891)
An FTP bakup storage having incorrect or missing settings was not shown on the backup screen, and a backup attempt resulted in an error. (PPPM-6021)

Plesk Onyx 17.0.17 Update 32

21 August 2017

An FTP bakup storage having incorrect or missing settings was not shown on the backup screen, and a backup attempt resulted in an error. (PPPM-6870)

Linux

The libdbd-mysql-perl package could be removed from the Plesk server, which disrupted the functioning of subscription backups. (PPPM-6798)
Under specific circumstances, uninstalling Postfix mailserver resulted in removing basic Plesk packages. (PPPM-6091)

Plesk Onyx 17.5.3 Update 18

14 August 2017

The domain alias for a subscription, assigned to an external IP, was displayed as assigned to an internal IP. (PPPM-6322)

Linux

The libdbd-mysql-perl package could be removed from the Plesk server, which disrupted the functioning of subscription backups. (PPPM-6764)
SPF handler could not add email headers for an authorized SMTP session, which resulted in failure to pass DMARC verification. (PPPM-6824)
Under specific circumstances, uninstalling Postfix mailserver resulted in removing basic Plesk packages. (PPPM-6091)
Scheduled tasks were added according to the default time instead of server time. (PPPM-6381)
Mail from specific senders, including amazon.de and husqvarnagroup.com, could not pass DMARC verification. (PPPM-6847)

Plesk Onyx 17.5.3 Update 17

7 August 2017

Download URLs for installing Atomicorp packages have been updated.
Security improvements.
The DNS settings page for a DNS zone with thousands of records took 5-10 minutes to load. (PPPM-6751)
After closing the ‘Change View’ menu, the link for managing views did not appear in the ‘Tools & Settings’. (PPPM-6749)

Linux

When renaming a domain alias, the DNS zone for the previous alias name was not removed. (PPPM-6748)
The server_pref utility could not set SSL protocols and cyphers for FTP service. (PPPM-6572)

Third-Party Component Updates

PHP 7.0 was updated to version 7.0.22.
PHP 7.1 was updated to version 7.1.8.

Windows

MySQL Server 5.5 was updated to version 5.5.55.
MySQL Server 5.6 was updated to version 5.6.36.

Plesk Onyx 17.0.17 Update 31

7 August 2017

Download URLs for installing Atomicorp packages have been updated.
Security improvements.

Third-Party Component Updates

PHP 7.0 was updated to version 7.0.22.
PHP 7.1 was updated to version 7.1.8.

Plesk Manager & Plesk Monitor

3 August 2017

Plesk Manager and Plesk Monitor, both 32-bit apps, have been discontinued. To continue managing your servers, websites and customers on the go, install the brand new 64-bit Plesk Mobile App. Plesk Mobile is available now at the Apple App Store and Google Play.

Plesk Onyx 17.5.3 Update 16

31 July 2017

Security enhancements.
Database dumps were not downloaded automatically even if the ‘Automatically download dump after creation’ checkbox was selected when exporting the dump. (PPPM-6341)

Linux

Web Presence Builder websites could not be published if the information about installed packages was missing from the Plesk database. (PPPM-6776)
Updating the default SSL/TLS certificate in the Plesk administrator’s repository via the CLI resulted in an error. (PPPM-6775)

Windows

Trying to customize a subscription or to open the ‘Websites & Domains’ > ‘PHP Settings’ page resulted in an error if no PHP handlers were configured in Plesk. (PPPM-6127)

Plesk Onyx 17.0.17 Update 30

31 July 2017

Security enhancements.
Under specific circumstances, changing mail server settings resulted in an error if the Plesk interface language was set to Italian. (PPPM-5761)

Linux

Web Presence Builder websites could not be published if the information about installed packages was missing from the Plesk database. (PPPM-6777)
Updating the default SSL/TLS certificate in the Plesk administrator’s repository via the CLI resulted in an error. (PPPM-6137)

Plesk Onyx 17.5.3 Update 15

24 July 2017

Linux

Confirming a finished update of Plesk components resulted in Plesk Autoinstaller becoming unresponsive. (PPPM-6723)

Third-Party Component Updates

RkHunter was updated to version 1.4.4.

WordPress Toolkit 2.2.1

20 July 2017

Some parts of the security check screen didn’t show proper text in the Special Edition of the WordPress Toolkit if non-English locale was used. (EXTWPTOOLK-699)
The buttons on the maintenance mode setup screen had no labels and performed no actions if non-English locale was used. (EXTWPTOOLK-700)

Plesk Migrator 2.10.10

20 July 2017

A running site importing can now be stopped.
When migrating from Plesk versions 11.0 to 12.5, if a certain password can not be decrypted, migration does not stop, but a new random password is generated instead.
When importing directories, the path on the target server is shown on the import screen.
Migrating to Plesk Multi Server configured to use a non-standard SSH port resulted in failing to copy content with an ‘Unable to connect’ error. (PMT-3816)
After consecutively running Switch DNS and Revert DNS on a migrated subscription, the subscription’s checkbox on the advanced mode screen was still selected. (PMT-3835)
If the target server’s Plesk license did not include reseller accounts, migrating accounts with reseller privileges resulted in errors. Now Plesk Migrator handles such accounts in the following way:
- all customer accounts, belonging to the reseller, become regular customer accounts;
- all subscriptions, belonging to the reseller, are assigned to the administrator account;
- the reseller account itself is not migrated. (PMT-3795)
The websites’ files with names, starting with a dot, were not imported. (PMT-3817)
A customized subscription expiration date was not migrated from Plesk 17.0 or later. (PMT-3843)
Report about failure to transfer a file by FTP during site importing contained unnecessary information from program logs. Now only a short report is shown with a list of such files. (PMT-3713)
When migrating from Plesk 17.0 or later, encrypted passwords of additional FTP accounts were replaced with new random passwords. Now such passwords are migrated without changing. (PMT-3689)
Java applications could not be migrated between Plesk servers. (PMT-3779)
The results of post-migration checks were always marked as ‘Errors’, even when all checks succeeded. (PMT-3820)
Plesk Migrator failed to find the document root of an IDN subscription, which resulted in website import failing with an error. (PMT-3809)

Linux

When migrating to Plesk Multi Server, skipping pre-migration checks for a subscription resulted in failure to migrate such subscription. (PMT-3822)
When migrating from a server with Horde webmail to a server with different webmail, Plesk Migrator attempted to restore the mail address book, which resulted in an error. Now Plesk Migrator detects such situations and does not try to restore the address book. (PMT-3806)
When migrating from DirectAdmin, some subscription limits could be migrated incorrectly. (PMT-3794)
If the source server was configured to produce any output in a non-interactive shell (such as an SSH welcome message), migration failed with an error. Now Plesk Migrator detects such configurations and shows a comprehensive message, explaining how to fix the issue. (PMT-3823)
If an attempt to perform DNS Switch with UI failed due to some problem, the following attempts resulted in errors even if the problem was resolved. (PMT-3845)
When migrating websites from a Confixx server, the SSL certificates were transferred to the subscription’s certificate pool and were not available for the subscription’s domains. As a result, after any webserver reconfigration the websites became unable to use their certificates and had to use the default Plesk certificate. (PMT-3818)

Windows

Sample configurations for migrating from and to Plesk servers with remote SmarterMail were added.
If the source system had services with names or descriptions, containing non-ASCII characters, the whole server migration failed with message ‘Failed to remove missing Python and Perl scripting options from backup dump’. (PMT-3704)
Under certain circumstances, dumping MySQL databases when migrating IDN subscriptions failed with ‘Unicode Encode Error’. (PMT-3825)
Restoring MS SQL databases on IDN subscriptions failed. (PMT-3840)
Synchronizing or repeated migration of subscription’s business objects (like databases, email accounts or domains) to a server with remote SmarterMail failed. (PMT-3819)
Subscriptions migration from Helm 3 servers failed, if the subscriptions were using web forwarding and had mailboxes and/or databases. (PMT-3859)
Migration from Windows 2003 x64 servers with non-English locale failed while copying files with message ‘Failed to copy web files for subscription’. (PMT-3027)
Migration GUI missed a link for downloading the RPC Agent installation package. (PMT-3829)
If a subscription on Helm 3 server had a mail service enabled, but no mail IP available, migration of the subscription failed. (PMT-3856)
When migrating from Helm 3, subscriptions of customers with login name longer than 15 characters were skipped without notification. (PMT-3849)

Let’s Encrypt 2.2.2

20 July 2017

To prevent Let’s Encrypt extension from automatically securing Plesk Panel on installation, add the following setting in panel.ini before installing or updating the extension:
```
[ext-letsencrypt]
disable-panel-auto-securing = true
```
Setting the verify option to true in panel.ini config section for Let’s Encrypt extension resulted in inability to connect to the Let’s Encrypt CA servers. (EXTLETSENC-223)
The command line interface did not allow to issue certificates for domains with www prefix. (EXTLETSENC-226)
In certain cases, when installing or upgrading the extension, a valid certificate used for securing Plesk Panel was detected as insecure and replaced with Let’s Encrypt certificate. Now the extension automatically replaces only self-signed certificates. (EXTLETSENC-222)

WordPress Toolkit 2.2.0

19 July 2017

The Special Edition of WordPress Toolkit is now available for all users of Plesk Web Admin edition. This version offers the basic features of WordPress Toolkit for free.
Improved handling and reporting of WordPress upgrade errors.
The built-in help for command-line utility has been improved and updated.
The dialog for removing a broken instance had no text. (EXTWPTOOLK-671)
After detaching an instance, WordPress Toolkit did not properly set the instance’s autoupdate settings. (EXTWPTOOLK-653)
Spaces were missing in the text on the cloning page for some languages. (EXTWPTOOLK-660)
When user performed a custom WordPress installation and specified ‘admin’ as a WordPress administrator username, this username was replaced on the Securing Instance step of the installation. Now the ‘admin’ username is not replaced if explicitly specified, and the instance is marked as insecure instead. (EXTWPTOOLK-507)
During the upgrade, the default WordPress maintenance page was used instead of the maintenance page configured in WordPress Toolkit. (EXTWPTOOLK-644)
Manually removing a WordPress database without using Plesk could result in inability to install or clone WordPress instances. (EXTWPTOOLK-471)
WordPress Toolkit could not work with an instance that had any code requiring ‘wp-settings.php’ in ‘wp-config.php’. Now WordPress Toolkit ignores such code when working with the instance and provides improved error reporting for ‘wp-config.php’ issues. (EXTWPTOOLK-638)
If a theme or a plugin failed to update, no error message was shown. Now WordPress Toolkit shows a comprehensive error message in such case. (EXTWPTOOLK-489)
Some plugins dependent on other plugins (such as WooCommerce Germanized plugin) could not be activated via the WordPress Toolkit. (EXTWPTOOLK-621)
Repeating previously failed clone procedure for a WordPress instance failed again if the database user was linked to another database due to database user with the same name already existing. (EXTWPTOOLK-658)
Removing the database of a cloned website resulted in inability to clone it again to the same domain and with the same database name. (EXTWPTOOLK-669)
If user was cloning a subdomain-based WordPress multisite when no valid domains were available, WordPress Toolkit displayed an ugly-looking error without even opening the Clone screen. To avoid hurting the aesthetic sensibilites of users, the error is now displayed properly on the Clone screen and is looking quite fabulous. (EXTWPTOOLK-639)
If cloning of a WordPress installation was blocked by database import or export errors, the WordPress Toolkit reported that the installation was not configured, but did not explain the actual problem. Now it correctly detects and reports the problem that caused the error. (EXTWPTOOLK-636)
Themes with descriptions containing non-ASCII characters were breaking the functioning of theme search in WordPress Toolkit. (EXTWPTOOLK-579)
When synchronizing data between two WordPress instances, the maintenance mode page displayed on the target instance tried to use the resources located on the source instance. (EXTWPTOOLK-631)
Trying to enable maintenance mode on a WordPress instance of version earlier than 4.3 resulted in an error. (EXTWPTOOLK-686)

Plesk Onyx 17.5.3 Update 14

17 July 2017

Health Monitor is now available in Power User view as well as in Service Provider view. (PPPM-278, PPPM-2857)
Trying to configure FTP storage resulted in an error if the FTP server did not allow to resume uploads and downloads, or to upload the .ftpaccess file. (PPPM-6502)
Trying to configure FTP storage resulted in an error if the path to the directory for storing backup files contained one or more whitespace characters. (PPPM-6236)

Linux

Restoring a subscription from backup using the “Only configuration of the selected objects” option failed to restore Apache and nginx settings for the subscription. (PPPM-6530)

Third-Party Component Updates

Linux

Roundcube was updated to version 1.2.5.

Let’s Encrypt 2.2.1

12 July 2017

The extension incorrectly handled errors when communicating with Plesk Panel, which disrupted the functioning of extension itself. Now it correctly handles such errors, shows an explaining message and continues working when possible. (EXTLETSENC-221)

Security Advisor 1.4.1

11 July 2017

This update contains changes, affecting both Let’s Encrypt and Security Advisor extensions. Please also update Let’s Encrypt to version 2.2.0 or later.
Now Security Advisor delegates obtaining free certificates for securing Plesk Panel from Let’s Encrypt CA to the Plesk Let’s Encrypt extension, which excels in this task.

Let’s Encrypt 2.2.0

11 July 2017

This update contains changes, affecting both Let’s Encrypt and Security Advisor extensions. Please also update Security Advisor to version 1.4.1 or later.
Plesk Panel can now be secured with a Let’s Encrypt certificate. The corresponding setting is now available at the SSL/TLS Certificates page.
Upon installing or upgrading (either at Plesk installation or separately), the extension checks that a trusted certificate is used for Plesk Panel. If the extension detects a non-trusted (for example, self-signed) certificate, it automatically attempts to replace it with a trusted certificate from Let’s Encrypt CA. Thus, in most cases, a fresh installation of Plesk Panel is secured since the first login.
The extension now detects and renews Let’s Encrypt certificates, obtained with Security Advisor for securing Plesk Panel.
Renewing the Let’s Encrypt certificates is now done at a random time within the day when the certificate is due to renewal. This helps evenly spreading the load on Let’s Encrypt Certificate Authority and enables issuing more free certificates.
Cases, when IPv6 was disabled for a subscription but an external DNS resolved the domain name to an IPv6 address, were not detected. This resulted in failing attempts to create a certificate. Now Plesk correctly detects such cases and shows a message, explaining the problem. (EXTLETSENC-182)
The extension was not able to renew certificates, issued before updating the extension to version 2.0 for domain names with uppercase letters. (EXTLETSENC-211)
The subscription’s certificate README file was missing a link to the Certbot documentation. (EXTLETSENC-166)
On Windows servers, renewing certificate for webmail failed. (EXTLETSENC-164)
A failed certificate installation led to exhausting the Let’s Encrypt rate limits for a domain, which resulted in inability to renew the certificate. (EXTLETSENC-198)

Plesk Onyx 17.5.3 Update 13

10 July 2017

Linux

Adding DNS TXT records longer than 255 characters resulted in inability to start the DNS service. (PPPM-3170)
On Ubuntu 14.04 x64 servers installed in a Virtuozzo container, the PHP FPM processes were not restarted after minor PHP updates, which could result in unexpected behaviour of PHP applications on the server. (PPPM-6296)
On CentOS 7 x64 servers, the Dovecot component, when already updated to the latest version, was incorrectly marked with an ‘updates available’ label. (PPPM-6605)

Third-Party Component Updates

PHP 7.0 was updated to version 7.0.21.
PHP 5.6 was updated to version 5.6.31.
PHP 7.1 was updated to version 7.1.7.

Plesk Onyx 17.0.17 Update 29

10 July 2017

Linux

On Ubuntu 14.04 and Debian 7 servers installed in a Virtuozzo container, the PHP FPM processes were not restarted after minor PHP updates, which could result in unexpected behaviour of PHP applications on the server. (PPPM-6296)

Third-Party Component Updates

PHP 7.0 was updated to version 7.0.21.
PHP 5.6 was updated to version 5.6.31.
PHP 7.1 was updated to version 7.1.7.

Plesk Onyx 17.5.3 Update 12

3 July 2017

Plesk Onyx 17.5.3 Update 12 is a stable (late adopter) release.
Starting with this update, Perigon Control Suite is no longer supported.
The -forwarding true parameter of the plesk bin mail --create command was ignored, which resulted in creating a mailbox with disabled forwarding. (PPPM-6038)

Linux

If the PHP handler was changed to “FPM application served by nginx”, the setting was not displayed on the PHP Settings page. (PPPM-6171, PPPM-6532)
If nginx proxy mode was turned off for a subscription, the Apache-based options for PHP handler were indeed available on the PHP Settings and Hosting Setings pages. (PPPM-6550)
Trying to log in to Roundcube with an incorrect password resulted in an HTTP response code 500. (PPPM-6104)

Windows

Backup to an FTP storage failed if the field “Directory for backup files storage” was empty. (PPPM-6466)

WordPress Toolkit 2.1.2

29 June 2017

Repeatedly scanning a subscription for WordPress instances resulted in autoupdate turned off for all found instances. (EXTWPTOOLK-652)

Plesk Onyx 17.5.3 Update 11

26 June 2017

Improved stability for Plesk license key renew operation.
Creating a subscription with specific web server settings with an API-RPC request resulted in error ‘Unable to update hosting preferences. The user example.tld already exists. Incorrect fields: “login”’. (PPPM-6547)

Plesk Onyx 17.5.3 Update 10

19 June 2017

CLI for managing ModSecurity was significantly enhanced and now supports most features, available in Plesk Panel, including:
- Applying predefined firewall configurations,
- Uploading custom rulesets,
- Setting the active ruleset and update frequency,
- Setting the web application firewall mode.
Additional HTTP headers can now be configured in Apache and nginx settings.
Plesk 17.5.3 locales were updated.
Pressing ‘Download Backup’ several times in a row caused Plesk to consume extra disk space. (PPPM-4941)

WordPress Toolkit 2.1.1

15 June 2017

If the subscription was configured to use PHP 5.3 or earlier, WordPress Toolkit erroneously detected subscription’s WordPress instances as broken. (EXTWPTOOLK-632)

WordPress Toolkit 2.1.0

14 June 2017

Users can now protect their WordPress websites with a password. Anyone browsing a password-protected website receives the “401 Unauthorized” response unless they provide the correct login and password.
Users can now manually put their WordPress websites into maintenance mode. Users are also able to edit the placeholder page that is displayed to those visiting a WordPress website under maintenance.
The “WordPress register” event can now be used with Plesk event handlers. The event triggers every time a WordPress website is registered in the WordPress Toolkit after performed scan for WordPress installations or after installation via the Application catalog.
The WordPress installation procedure was simplified and streamlined.
The procedure for the installation of WordPress plugins and themes on newly created WordPress websites was simplified and streamlined.
Under certain circumstances, the administrator’s webmail address was displayed incorrectly in WordPress Toolkit. (EXTWPTOOLK-490)
Importing a WordPress website resulted in an error if no hosting was configured for the parent domain. (EXTWPTOOLK-558)
In case of available major updates, administrators of WordPress websites with minor automatic updates enabled received daily notifications about installed updates even though these updates were not actually installed. Meanwhile, notifications about available updates were not delivered. (EXTWPTOOLK-561)
Cloning WordPress websites failed to preserve the source website’s automatic update settings. (EXTWPTOOLK-600)

Plesk Onyx 17.5.3 Update 9

13 June 2017

Please note that Plesk Panel service will restart after updating.
Restoring or migrating a multi-line catch-all bounce message failed. (PPPM-6417)
A multiline mail bounce message could not be set via CLI. (PPPM-6416)
Removing additional domains or subdomains from Power User view failed with a ‘Permission denied’ message. (PPPM-6142)
If the name of a customer’s subscription was the same as the server’s hostname, the customer could not save changes in the domain hosting settings. (PPPM-6420)
Log Browser failed to properly parse certain ModSecurity logs. (PPPM-5872)

Linux

If the PHP handler was changed to “FPM application served by nginx”, the setting was not displayed on the PHP Settings page. (PPPM-6171)
Opening Plesk Panel by URL with port 8443 and no protocol specified resulted in returning an HTTP response code 400 instead of redirecting to HTTPS. (PPPM-6366)

Third-Party Component Updates

PHP 7.1 was updated to 7.1.6.
PHP 7.0 was updated to 7.0.20.

Plesk Onyx 17.0.17 Update 28

13 June 2017

Security improvements.
Adding an FTP storage in Backup Manager failed with message ‘Curl error: (35) SSL connect error’. (PPPM-6165)
Having extra data in DUMP_D directory resulted in calculating disc usage of dumps with ppm-ras running too slow. (PPPM-6361)
When opening a backup restoration page, ppm-ras --get-dump-list was called twice, which was logged in pmmcli.log. (PPPM-6358)

Third-Party Component Updates

PHP 7.1 was updated to 7.1.6.
PHP 7.0 was updated to 7.0.20.

Plesk Migrator 2.9.2

7 June 2017

An option to migrate a reseller with all accounts and subscriptions has been implemented.
Now when a subscription, owner or subscription plan is already migrated, it can be hidden from the ‘List of subscriptions’ tab.
The DirectAdmin migration agent now checks the data consistency on the source side. It correctly performs migration even when there are errors in the configuration of some domains. The overall fault tolerance of the agent has been improved.
The ‘List of subscriptions’ tab was added to the migration screen. It replaces the ‘Add subscriptions’ tab in simple mode, or the ‘Subscriptions list’ tab in advanced mode.
When migrating sites from cPanel, the Plesk Migrator detected a single WordPress instance as two separate instances. (PMT-3672)
MySQL events were not transferred during migration. (PMT-3677)
In certain circumstances it was impossible to import a website, if its webspace had files with names, containing non-ASCII characters. (PMT-3703)

Linux

When migrating from cPanel, there is an option to choose whether to migrate subdomains and domain aliases as addon domains, thus preserving the related email accounts.
Now, if the target database has earlier version and does not support some features of the source database, a comprehensive message is shown at the end of migration. (PMT-3241)
MySQL databases could not be migrated if a database’s admin password did not match the password stored in the PSA database. (PMT-3778)
Migration of mail content from cPanel failed, if the home directory on source was different from /var/home/ (PMT-3212)
Several domain aliases, created by cPanel for internal purposes, were migrated as domain aliases in Plesk. Now Plesk Migrator recognizes and ignores such technical aliases. (PMT-3506)
Plesk Migrator did not set a password for the source server’s user that it creates for copying content. Some servers’ configurations forbid SSH authorization of such users, thus making copying unavailable. (PMT-3558)
Additional Apache and nginx directives of subscriptions were not transferred. (PMT-3072)

Plesk Onyx 17.5.3 Update 8

5 June 2017

Adding an FTP storage in Backup Manager failed with message ‘Curl error: (35) SSL connect error’. (PPPM-6165)
Having extra data in DUMP_D directory resulted in calculating disc usage of dumps with ppm-ras running too slow. (PPPM-6361)
When opening a backup restoration page, ppm-ras --get-dump-list was called twice, which was logged in pmmcli.log. (PPPM-6538)
Under certain circumstances, trying to change the PHP settings or version resulted in an error. (PPPM-6030)

Windows

Creating more than two domain aliases resulted in records being removed from the parent DNS zone. (PPPM-6148)

Plesk Onyx 17.5.3 Update 7

29 May 2017

Redirects from HTTP to HTTPS on domain aliases have been improved to make a single SEO-safe redirect with HTTP response code 301.
A detailed message explaining the changes and consequences is now shown when changing the hosting type. This message contains a complete list of folders that are going to be removed.
Security improvements.
Starting multiple backup processes within a minute of each other caused one of them to fail. (PPPM-5728, PPP-27889)

Linux

Under specific circumstances, a request for static files on a WordPress site returned the HTTP response code 404. (PPPM-6309)

Windows

Plesk now properly detects the platform when hosted on Google Cloud.
Enabling mail service for a domain via an XML API request resulted in webmail becoming unavailable for that domain. (PPPM-6263)

Plesk Onyx 17.0.17 Update 27

29 May 2017

Security improvements.
Changing the PHP handler or version for a domain caused the same change for a subdomain. (PPPM-4617)

Linux

Under specific circumstances, a request for static files on a WordPress site returned the HTTP response code 404. (PPPM-6310)
On Ubuntu 16.04 servers, changing the PHP handler for a domain with multiple subdomains could result in an error if all of them were configured to use the “FPM application served by Apache” handler and the same version of PHP. (PPPM-5142)

Windows

Enabling mail service for a domain via an XML API request resulted in webmail becoming unavailable for that domain. (PPPM-5715)

Virtuozzo ReadyKernel 1.1.0

29 May 2017

Ubuntu 14.04 and Ubuntu 16.04 are now supported.

Plesk Migrator 2.8.7

24 May 2017

When importing sites, databases, or directories, the actual status of each item is displayed. If import of an item failed or generated a warning, a detailed list of issues is available.
Removing an additional domain that was previously imported from another server resulted in an error in Plesk panel. (PMT-3701)
In case of a database name or database user name conflict during site import, if there were additional spaces between the names and values of corresponding variables in the wp-config.php file, the WordPress application did not work after import. (PMT-3673)
Passwords for accounts with names, containing Unicode characters outside of ASCII range, could not be decrypted after migration. (PMT-3667)
If the source FTP server did not support TLS, this negatively affected the performance during import. (PMT-3643)
When migrating from Plesk Onyx, an error in decrypting a password for an account could result in resetting passwords for all accounts. (PMT-3604, PMT-3605)
Extension data on the target server could be overwritten by data from the source server. Now by default the server-wide extension settings are not migrated. (PMT-3586)
Overuse policy for reseller accounts was not migrated and instead was reset to ‘Overuse of disk space and traffic is allowed’. (PMT-3469)
Database import failed if the PHP process had no write permission on the source server. (PMT-3682)

Linux

Copying a MySQL database from Plesk Onyx on a Linux server failed if the database server password was stored in plain text format. (PMT-3759)
Protected directories on subdomains were not migrated from DirectAdmin. (PMT-3764)
When using PureFTD on the source server, the site import performance was lower than expected. (PMT-3679)
Under certain circumstances, migration from a Plesk for Linux server could fail with an error message “Cause: ‘int’ object has no attribute ‘isdigit’”. (PMT-3621)
SSL Certificate Authority certificates were not migrated from DirectAdmin. (PMT-3613)
When migrating mail messages to Plesk for Linux via IMAP, if a mailbox name contained an uppercase character, the messages in it were not migrated. (PMT-3607)
When migrating from DirectAdmin, a cron task with a certain syntax could not be parsed. (PMT-3544)
When migrating from DirectAdmin, if a mailbox had an automatic reply set up, but the corresponding template file did not exist, the migration could not be performed. (PMT-3542)

Windows

When migrating from or to a Plesk server with a remote SmarterMail server: the type ‘A’ DNS records for mail (mail.*) were migrated incorrectly. (PMT-3725)
When migrating from Plesk with a remote SmarterMail server to Plesk with a local SmarterMail server, or vice versa, the webmail settings for hosting plans and subscriptions were not converted as intended. (PMT-3723)

Plesk Multi Server 1.2.0

19 May 2017

A Plesk server having active subscriptions can now be added to a Plesk Multi Server infrastructure as a new service node.
A Plesk server having active subscriptions and being a service node in a Plesk Multi Server infrastructure can now be removed from it and turned into a separate Plesk server.
A service node could not be added if mail service was not installed on the management node. (EXTPMS-1333)
A service node could not be added if DNS server was not installed on the management node. (EXTPMS-1334)
Under certain circumstances, an error occurred on the Plesk Multi Server Settings page, making it unavailable. (EXTPMS-1315)
A task ‘Sync DNS records with DNS template’, running for a long time, could fail by timeout, returning HTTP response code
1. (EXTPMS-1162)
Earlier, the back synchronization process created a separate task to fetch statistics for each subscription, which caused an additional load on the server and slowed the process. (EXTPMS-1343)

Now, by default, statistics for all subscriptions are fetched in a single task, which is run once a day. This behaviour can be configured in panel.ini:
```
[ext-plesk-multi-server]
statistics.period = 'backsync'
```

Let’s Encrypt 2.1.0

18 May 2017

It is possible to include webmail to a certificate request and secure both the domain and webmail with this certificate.
Let’s Encrypt custom settings can be configured via the panel.ini file.
After a certificate for a subdomain had been issued, it was impossible to renew the certificate for the parent domain. (EXTLETSENC-105)

Plesk Onyx 17.5.3 Update 6

15 May 2017

Windows

If Plesk data directory and Plesk installation directory were different, upgrading from Plesk 17.0 to a later version failed with an “Access is denied” message. (PPPM-6138)
Under certain circumstances, the functionality of Plesk utilities linked with C++/CLI assemblies was disrupted. (PPPM-6025)

Third-Party Component Updates

PHP 7.1 was updated to version 7.1.5.
PHP 7.0 was updated to version 7.0.19.

Windows

.NET Core 1.1 was updated to version 1.1.1.
.NET Core 1.0 was updated to version 1.0.4.

Plesk Onyx 17.0.17 Update 26

15 May 2017

Third-Party Component Updates

PHP 7.1 was updated to version 7.1.5.
PHP 7.0 was updated to version 7.0.19.

Plesk Onyx 17.5.3 Update 5

8 May 2017

Domain management operations sometimes failed with the “Exception: Access is denied for domain <ID>” error. (PPPM-6194)

Plesk Onyx 17.0.17 Update 25

8 May 2017

Domain management operations sometimes failed with the “Exception: Access is denied for domain <ID>” error. (PPPM-6194)

WordPress Toolkit 2.0.4

4 May 2017

The WP-CLI utility was updated to version 1.1.
Commands “list” and “info” were added to the WP-CLI utility. WordPress instances can be identified by the combination of “path” and “main-domain-id” (via WP-CLI as well).
Titles of WordPress toolkit pages now display WordPress instance URL along with its name.
If there were a large number of WordPress instances, during cloning, it took WordPress toolkit a lot of time to generate the list of available domains and subdomains. (EXTWPTOOLK-505)
There was no warning message that the destination WordPress instance will be replaced by the source one during synchronization. (EXTWPTOOLK-493)
During synchronization, database tables prefixes were changed even if users selected to synchronize only files. (EXTWPTOOLK-457)
Error messages were displayed in the panel log after the first WordPress instance installation. (EXTWPTOOLK-454)
If autoupdate settings were turned on in WordPress toolkit, and later they were changed manually in the configuration file, WordPress toolkit autoupdate settings were not changed accordingly. (EXTWPTOOLK-452)
During new APS WordPress installations, the instances were marked as not secure because database tables prefixes were also marked as not secure. (EXTWPTOOLK-395)
If during WordPress installation the page was refreshed, WordPress installation started again. (EXTWPTOOLK-365)
If during WordPress installation wordpress.org was not accessible from the Plesk server and the necessary data was not stored in WordPress toolkit cache, Plesk displayed an error message that was not explicit. (EXTWPTOOLK-361)
WordPress Toolkit was able to generate invalid database table prefixes starting with numbers in exponential notation (for example, 0E70IaqpI). (EXTWPTOOLK-111)
Context help from all WordPress toolkit screen states did not redirect users to the WordPress related pages in Documentation and Help Portal. (EXTWPTOOLK-6)

Linux

If WordPress Toolkit scanned for new WordPress instances and at least one of new instances was corrupt, scanning was performed with errors and not all new instances were found. (EXTWPTOOLK-477)

Plesk Migrator 2.7.9

27 April 2017

Site migration was blocked if the source web server rejected requests without the User-Agent header. (PMT-3698)

Windows

Subscriptions migration failed and the subscriptions were marked as migrated with errors during migration from Plesk 8.6, 9.5, 10.4 for Windows. (PMT-3702)

Plesk Onyx 17.5.3 Update 4

26 April 2017

Incremental backups of IDN domains could not be created. (PPP-28673)
Subcscription-level users could not login to Plesk because of DNSSEC error. (PPP-29072)
When a customer used the file-sharing option for public files and clicked ‘Link to This Folder’, the generated public URL for read-only visitors did not have the ‘www’ prefix. (PPP-28753)
Backup creation failed if the time of backup creation and upload exceedeed FTP SessionTimeout and the FTP repository did not support APPE/REST commands. (PPP-28922)
Wildcard subdomains could not be renamed in UI. (PPP-29073)
Extesions catalog could not be loaded in UI in case of slow network connection. (PPP-29074)

Linux

Plesk 17.5 locales were updated. (PPP-28821)
FastCGI PHP handler in the Service Plan was displayed in GUI as FPM by Apache. (PPP-29075)
A subscription could not be restored from backup archives on an FTP repository if the backup contained one or more files larger than 8 GB. (PPPM-6039)
Server backup was completed with a warning if Skins & Color extension had been installed. (PPPM-6034)

Windows

Plesk 17.5 locales were updated. (PPP-28813)
Backup restoration from the FTP repository failed if the backup contained one or more files larger than 4 GB. (PPP-28881)
In some cases, micro-updates installation failed during installation of the base locale package. (PPP-28736)
Under specific circumstances, web statistics was not calculated for one domain either by Daily Maintenance Script or manually. (PPP-28679)
Under specific circumstances, incremental multi-volume backup failed because of the plesk_agent_manager.exe buffer overflow. (PPP-28921)

Plesk Onyx 17.0.17 Update 24

24 April 2017

Security enhancements.
A backup rotation from an FTP storage was not working if an FTP server did not support REST commands. (PPPM-5902)

Linux

A subscription could not be restored from backup archives on an FTP server if there were any content files larger than 8GB. (PPPM-6039)

Windows

Data could not be restored from backup archives on an FTP server if there were any content files larger than 4GB. (PPPM-6052)
In Plesk 17.0 micro-updates installation failed if all previous micro-updates had been installed before. (PPPM-6012)

Third-Party Component Updates

Roundcube was updated to version 1.2.4. (PPPM-5950)

Plesk Migrator 2.7

20 April 2017

When migrating to a Plesk server using a non-English locale, a confusing error message was displayed if the name of one or more files or directories on the source server contained national characters. (PMT-3294)
The lack of notifications or a progress bar during post-migration checks could confuse the user. (PMT-3309)
Migration could fail if multiple perl versions were installed on the source server and the PATH environment variable pointed to a custom perl version. (PMT-3376)
Web content was not copied if SSH access to the source server was limited to specific users and the users ‘plesk-migrator*’ were not allowed access. (PMT-3385)
PostgreSQL databases could not be migrated if PostgreSQL server version 9.5 or later was installed on the source server. (PMT-3391)
Under specific circumstances, the “Failed to remove temporary user” error was displayed during migration even if the temporary user was removed. (PMT-3399)
Entries in the subscription log were not sorted by date. (PMT-3525)
Microsoft SQL Server databases could not be migrated if the Microsoft SQL Server instance on the source server was configured to use a nonstandard port. (PMT-3547)
The header on the migration screen was corrupted if the Plesk interface language was set to Italian. (PMT-3548)
When migrating from DirectAdmin, quota for mailboxes was set to 100 MB even if it was set to unlimited on the source server. (PMT-3550)
Trying to re-sync business objects after deleting a mail account on the source server produced a confusing error message. (PMT-3552)
During site migration, WordPress sites using a remote database were not re-configured to use the database migrated to the destination server’s MySQL server. (PMT-3562)
Removing the session folder created after initiating a site migration resulted in empty session folder and configuration file getting created. (PMT-3579)
If during migration names of some databases and database users were changed, after upgrading Plesk Migrator to the latest version and restarting the migration, the name changes were not preserved. (PMT-3582)
When migrating from DirectAdmin, if a mailbox and a forwarder with the same name were present on the source server, only the forwarder was migrated. (PMT-3585)
When migrating from Plesk Onyx, extension files stored in the “/usr/local/psa/var/modules/” directory were assigned incorrect ownership. (PMT-3587)
Migration from DirectAdmin failed if a DNS zone contained a white space character as a separator. (PMT-3600)
When migrating from Plesk, the “Restrict the ability to follow symbolic links” hosting plan setting was disabled on destination server even if it was enabled on the source. (PMT-3602)
Migration from DirectAdmin failed if a protected directory created in DirectAdmin was not physically present on the file system. (PMT-3618)
Migration from DirectAdmin failed if one or more mail users on the source server did not have a home directory configured. (PMT-3645)
Migration to Plesk Onyx could fail if one or more customers on the source server had unicode characters in their name. (PMT-3646)

Plesk Onyx 17.5.3 Update 3

17 April 2017

Third-Party Updates

PHP 7.1 was updated to version 7.1.4.
PHP 7.0 was updated to version 7.0.18.

Plesk Onyx 17.0.17 Update 23

17 April 2017

Third-Party Updates

PHP 7.1 was updated to version 7.1.4.
PHP 7.0 was updated to version 7.0.18.

WordPress Toolkit 2.0.3

13 April 2017

A WordPress site could not be cloned if wp-config.php file had non UTF-8 encoding. (EXTWPTOOLK-492)
A WordPress site was cloned incorrectly (some URLs of the cloned site referred to the source) if values of siteurl and home were not the same. (EXTWPTOOLK-488)

Let’s Encrypt 2.0.3

13 April 2017

The extension now logs its communication with the Let’s Encrypt servers in the panel.log. This enables better troubleshooting when there are some issues with requesting a certificate.

Git 1.1.0

13 April 2017

When checking out a repository, users could only select existing directories for the deploy path. (EXTGIT-34)
Users could not create subdomains for addon domains with hosting type set to “Forwarding”. (EXTGIT-38)
Under specific circumstances, if more than one repository was checked out for a single domain, trying to remove a repository resulted in a different repository being removed instead. (EXTGIT-39)
Git repositories could not be created if deployment mode was set to “No Deployment”. (EXTGIT-40)
After changing the deployment mode of an existing repository from “No Deployment” to “Automatic Deployment”, an absolute deploy path was displayed instead of one relative to the subscription’s root. (EXTGIT-41)
Users could not authenticate with local Git repositories belonging to subdomains after the subscription’s system user password was changed. (EXTGIT-45)

Plesk Onyx 17.0.17 Update 22

8 April 2017

Linux

After the latest Kaspersky virus database update, mail was no longer being scanned for viruses, and mail notifications were sent for every unprocessed email. (PPPM-6041)

Let’s Encrypt 2.0.2

6 April 2017

Before requesting a certificate for multiple domain names, the extension verifies the ownership of each domain name included in the request. If a domain name passes the verification but its “www” counterpart fails it, the latter is excluded from the certificate signing request. After verification is finished, a warning message listing the excluded domain names is displayed.
For each secured domain, the extension creates a symbolic link to the certificate. When the extension renews the certificate, it updates the link, so that the link always points to the latest certificate.
On Windows 2012 and Windows 2016 servers, renewed certificates were not added to IIS.

Plesk Onyx 17.5.3 Update 2

5 April 2017

Several security issues were fixed. (PPP-27022)
If the FTP server did not support the REST command, backup rotation from an FTP storage could consume extra disk space. (PPP-28593)
When attempting to export a MS SQL database, Plesk provided a wrong download link. (PPP-28485)
If the extension catalog was inaccessible due to network connectivity, it was not possible to access the list of already installed extensions. (PPP-28510)

Linux

If DMARC reports were disabled, Plesk still executed the daily report task, which reported an error if the DMARC check history was empty. (PPP-28428)

Windows

Under specific circumstances, parallel execution of websrvmng.exe сaused an error “Cannot commit configuration changes because the file has changed on disk”. (PPP-28478)

Third-Party Component Updates

Roundcube was updated to version 1.2.4, including a fix for a vulnerability to an XSS attack.

Cgroups Manager

5 April 2017

The Cgroups Manager did not allow to set the CPU limit value above 100%. (PPP-28283)

WordPress Toolkit 2.0.2

31 March 2017

A WordPress site installed on a subdomain can now be cloned to a new subdomain of the same domain.
A WordPress site could not be displayed in browser without manual configuration after cloning to a domain with “Preferred domain” set to a WWW-prefixed URL. (EXTWPTOOLK-474)
A WordPress site could not be displayed in browser without manual configuration if it was installed on a domain with “Preferred domain” set to a WWW-prefixed URL. (EXTWPTOOLK-472)
Automatic login to WordPress failed if “Preferred domain” in the domain’s hosting settings was set to another URL than the URL of the WordPress instance (for example to a WWW-prefixed URL while the instance had an URL without WWW prefix). (EXTWPTOOLK-470)
WordPress sites could not be synchronized if proc_open was disabled in PHP settings of the source or destination domain. (EXTWPTOOLK-466)
A WordPress site could not be cloned if proc_open was disabled in PHP settings of the source or destination domain. (EXTWPTOOLK-456)

Plesk Migrator 2.6.11

29 March 2017

Migration of folders from a web site failed if an FTP server on the source server returned relative paths in the list of the folders. (MT-3563)
The list of folders for migration could not be obtained by Plesk Migrator if “.” or “..” were present in the folders list returned by the FTP server. (PMT-3569)
Migration of a web site content failed if the FTP connection was unexpectedly closed on copying the content. (PMT-3567)
Migration of a web site content failed after upgrading Plesk Migrator from version 2.1 or earlier to a later version. (PMT-3568)
The database of an imported WordPress site could not be migrated if the time of files migration exceeded the IDLE timeout of the source FTP server. (PMT-3575)
A WordPress site could not be migrated if redirection was enabled on the source domain. (PMT-3571)
Website migration could be blocked if the session folder was deleted after the migration. (PMT-3576)
Website migration failed with an uninformative error message if the document root could not be detected automatically. (PMT-3574)
The migration progress dialog got stuck if an error occurred while retrieving data from the source server. (PMT-3573)

Let’s Encrypt 2.0.1

28 March 2017

Let’s Encrypt certificates could not be issued if no list of trusted root CAs could be found on the server. (EXTLETSENC-82)

Plesk Onyx 17.0.17 Update 21

27 March 2017

Security improvements.
Uploading a backup to an FTP storage failed if APPE and REST commands were disabled on the FTP server and the uploading time exceeded the timeout session value. (PPPM-5919)
If uploading a backup to an FTP storage failed, the error message contained no details about the last response from the FTP server. (PPPM-5920)
Backups could not be updated to an FTP server via FTPS. (PPPM-5957)

Linux

nginx was updated to version 1.11.10. (PPPM-5963)
In some cases Plesk upgrade to version 17.0.17 from an earlier version failed and a confusing error message appeared. (PPPM-5897)

Windows

Extensions could not be installed via the extension.exe CLI utility. (PPPM-5904)

WordPress Toolkit 2.0.1

27 March 2017

A WordPress instance installed via the Application Catalog had a database prefix marked as non-secure. (EXTWPTOOLK-463)
Automatic login to WordPress failed if the instance was installed using non-secure HTTP and the “Permanent SEO-safe 301 redirect from HTTP to HTTPS” option was enabled in the hosting settings of the domain. (EXTWPTOOLK-462)
If an URL of a cloned WordPress instance ended with a slash after registering the instance in WordPress Toolkit, this URL did not change to a new one after cloning. (EXTWPTOOLK-461)
A page for managing a WordPress instance could not be opened in WordPress Toolkit if the instance used an external MySQL server database not registered in Plesk. (EXTWPTOOLK-460)
Slashes were present at the end of the URL of a WordPress instance installed via the Applications Catalog. (EXTWPTOOLK-458)
WordPress could not be installed if proc_open was disabled in a domain’s PHP settings. (EXTWPTOOLK-455)

Let’s Encrypt 2.0.0

27 March 2017

Domain aliases support was added.
IDN domains support was added.
Granular and reliable renew process: the extension now performs daily check for certificates which are about to expire and renews them not earlier than 30 days before their expiration.
Replaced Python-based certbot with PHP-based client.
Fixed installation issues with python dependencies when 3rd-parties upgrade broke compatibility.
Fixed python-related issues (virtualenv and so on) on Windows.

Plesk Onyx 17.5.3

23 March 2017

Extension Catalog improvements:
- Browse extensions in style with a redesigned Extensions Catalog interface.
- User-friendly and intuitive, it helps you get things done faster.
- Use categories to filter available extensions and find the ones you need.
- Check out new and featured extensions to discover what is popular with other Plesk users right now.
- Request the creation of an extension if you could not find one to suit your needs.
- Rate your favorite extensions!
Incoming mail verification using SPF and DMARC.
Installation prefixes of web applications were not passed to event handlers. (PPPM-5303)
The “Upgrade 3rd party components” option in “Tools & Settings” > “System Updates” was not being enabled during upgrade to Plesk Onyx. (PPP-27030)
Retrieving information about resellers via an XML API call using the <reseller> operator failed if one or more mailboxes owned by a reseller had disk quota greater than 4 GB configured. (PPP-27207)
Attempting to restore a corrupted Plesk backup stored on an FTP repository or to create an incremental backup based on it rapidly consumed all available disk space on the server. (PPPM-5407)
Plesk failed to remove temporary extension files created during backup from the “DUMP_TMP_D” folder. (PPPM-5405)
Extensions were not included in Plesk backups if there were one or more symlinks in the folder containing the extension’s files. (PPPM-5480)
The “last updated” date on the Plesk Home page was displayed incorrectly in French locale. (PPPM-5496)
The wording of the “Maximum number of scheduled backup files to store” setting in “Tools & Settings” > “Backup Manager” was misleading. (PPP-27349)
Plesk did not ensure that FTP repositories used for storing backups supported APPE/REST commands, which could result in issues during backup to FTP. (PPP-27355)
File Manager could hang when trying to display the content of a directory containing a big amount of files. (PPPM-3718)
If a new product configuration was enabled for a license having been installed in Plesk, this configuration was not updated when retrieving the license key in Plesk. (PPP-26361)
File Manager could not be opened for a domain if the domain directory contained a file or a folder with non-UTF-8 characters in the name. (PPPM-5040)
In some cases, the “Call to a member function getDomain() on null” error message was displayed in the Plesk user interface. (PPPM-5095)
In some cases, the “Call to a member function getValue() on null” error message was displayed in the Plesk user interface. (PPP-26552)
It was impossible to create a database user with the dot character in the name. (PPP-26627)
It was impossible to add a DNS record of the “TXT” type longer than 255 characters. Now, this limitation is increased to 512 characters. (PPPM-4778)
PHP handler of a subscription’s subdomain changed after changing PHP handler of the subscription. (PPPM-5142)
During operations with domain aliases, the event handler did not reflect the “OLD_DOMAIN_NAME” and “NEW_DOMAIN_NAME” variables in the logs. (PPP-26699)
Tasks from rotated scheduled backups were displayed in Plesk Backup Manager. This could look confusing for users. (PPPM-5838)
After successful Plesk update, the notifications about the previous failed updates were still shown in the Plesk user interface. (PPP-26931)
Changing the PHP handler or version for a domain caused the same change for a subdomain. (PPPM-4617, PPPM-5547)
In German locale, the email template for notification about overusing resources had a typo. (PPPM-5706)
Plesk administrator could not change any settings on the “Tools & Setting” > “Mail Server Settings” screen in Italian locale. (PPPM-5761)
Retrieving the list of available PHP handlers in use via an XML API call using the <php-handler> operator took a long time if a large number of domains were hosted on the server. (PPPM-5621)
Backups could not be uploaded to an FTP repository via the FTPS protocol. (PPPM-5922)

Linux

Fail2ban was updated to version 0.9.6.
Dovecot was updated to version 2.2.27.
Roundcube was updated to version 1.2.3.
Horde was updated to version 5.2.13.
ProFTPD was updated to version to 1.3.5d.
nginx was updated to version 1.11.10.
On Ubuntu 16.04 servers using Dovecot, mail could not be delivered if apparmor was enabled on the server. (PPP-26959)
On CentOS 6 servers, running the plesk sbin mchk utility resulted in Postfix being removed from the list of services to be run on server startup. (PPP-27031)
Plesk administrator could not view or edit service plan settings if all fastcgi and PHP-FPM handlers were disabled on the server. (PPPM-5332)
Changing the PHP handler for a domain with multiple subdomains could result in an error if all of them were configured to use the “FPM application served by Apache” handler and the same version of PHP. (PPPM-5142)
Creating full server backups via the “Dropbox backup” extension sometimes resulted in backups consuming more disk space than expected. (PPPM-5475)
Updating the IP address of a subscription without hosting using the plesk bin subscription utility failed to update the subscription’s “*_webmail.conf” file. (PPPM-5464)
On Ubuntu 14.04 and Ubuntu 16.04 servers, AWStats web statistics could not be displayed. (PPP-27322)
On CentOS 7 servers, Apache failed to start if the “proxy.plesk” or the “proxy_fcgi.plesk” modules were enabled in Plesk. (PPPM-5490)
PostgreSQL databases could not be backed up if PostgreSQL version 9.5 or later was installed on the server. (PPP-27343)
Fail2ban hung when trying to monitor log files after restarting a server with many websites. (PPPM-4692, PPPM-5494)
On Plesk with Apache 2.4, a domain configuration could not be updated because Apache failed to restart. (PPPM-3904)
In some cases, a subscription could not be created via the Plesk user interface and a confusing error message appeared. (PPPM-4524)
It was impossible to upgrade Plesk from version 12.5 to Onyx if Plesk used MySQL server 5.7 with the strict mode enabled. (PPP-26650)
Logs were not rotated on an additional domain even if log rotation was enabled on the service plan of the additional domain’s subscription. (PPPM-5213)
The PHP memory limit could not be changed via an XML API request. (PPP-26819)
On Ubuntu 14.04 x64 servers, Apache failed to restart after the upgrade to Plesk Onyx. (PPPM-5510)
On CentOS 7.3 x64 servers, a customer could not set up a permanent 301 redirect from HTTP to HTTPS for their subscription. (PPPM-5813, PPPM-5434)
If the Outgoing Mail Control was enabled server-wide, it was not possible to forward messages from one local mailbox to another with the auto-reply option. (PPPM-5658)
Using permanent redirects both from HTTP to HTTPS and from domain.tls to www.domain.tld version caused a redirect chain. It was improved to redirect, for example, http://domain.tld to https://www.domain.tld. (PPP-27750)
Plesk Firewall could take too long to add a rule, probably causing a “Gateway timeout” error in Plesk GUI. (PPPM-5699)
If the website preview was switched from “Default Quick Preview” to “Quick Preview on an external domain name”, the server IP was removed from trusted_ips.inc. (PPPM-4051)
On CentOS 6 x64, changing the PHP version caused a change of PHP handler to FastCGI by Apache. (PPPM-5618)
Mistyping a Plesk URL in such a way that it ended with the word ‘login’ closed the current session and redirected the user to the Plesk login page. (PPPM-5736)
Plesk administrator could configure Apache and nginx in such a way that PHP files were not being handled even though PHP was enabled. (PPPM-5742)
Under specific circumstances, removing a subdomain in Plesk resulted in the PHP-FPM service starting to malfunction. (PPPM-4583)
Plesk administrator could not disable the “opcache” PHP extension. (PPPM-5769)
Apache sometimes failed to restart gracefully because a hardcoded timeout value was too small. (PPP-28181)
On Ubuntu 16.04 servers, the “php7” Apache module could not be enabled. (PPPM-5864)
Plesk failed to correctly respond to subscriptions exceeding the hard disk quota configured. (PPPM-5898)

Windows

MySQL was updated to version 5.6.35.
Upgrade to Plesk Onyx could fail if there were any *.xml_bak files in the %plesk_dir%\etc\disksecurity folder. (PPPM-5308)
Plesk backups could fail with the “Input string was not in a correct format” error if the data in the Plesk database were inconsistent. (PPPM-5341)
Health Monitor failed to display CPU and memory usage of “php-cgi” and “w3wp” processes. (PPPM-5424)
SmarterMail administrator password could no longer be changed in Plesk after changing it via the SmarterMail web interface. (PPPM-5467)
On Windows 2008 R2 servers, creating a domain with the “Prohibit the ability to override handlers via web.config” setting enabled in “Tools & Settings” > “Security Policy” could result in the website being inoperable. In such cases, disabling this option and reconfiguring the website via the plesk bin repair utility failed to restore the website to operation. (PPP-27345)
After upgrading to Plesk Onyx, websites could become inoperable if the “Prohibit the ability to override handlers via web.config” setting was enabled in “Tools & Settings” > “Security Policy”. (PPP-27346)
Certain functions of Plesk Reconfigurator were unavailable to users whose user account on the server was not named “administrator”, even if it was a member of the “Administrators” group. (PPP-27348)
After upgrading to Plesk Onyx, websites could become inoperable if custom permissions for the inetpub\vhosts folder were configured in the %plesk_dir%\etc\disksecurity\custom.xml file. (PPPM-5501)
Web Presence Builder displayed a confusing error message on the Documents tab. (PPPM-5235)
On Windows 2012 R2 servers, set as an IIS node, Dynamic Website Activation could disrupt the functioning of Plesk and all websites on the server. (PPP-27503)
A customer could not create a mail account for SmarterMail. (PPPM-5560)
Installing a Horde mail client did not require that the MySQL server was running, resulting in errors. (PPPM-5562)
Kaspersky Anti-Virus did not check mail messages to mailboxes that were created after setting it up as a default anti-virus. (PPPM-5619)
When Node.js was installed in a non-standard path, NPM install failed due to a missing permission. (PPPM-5651)
The service of SimpleDNS Plus v. 6.0.118.0 was erroneously detected as “Not Activated”. (PPPM-5678)
It was not possible to create a database with a name starting with an underscore. (PPP-27878)
Domain creation sometimes failed if one or more large files (700 MB or more) were present in the virtual host template. (PPPM-5773)
Plesk could not manage Microsoft SQL Server instances that were hardened in accordance with the PCI compliance guidelines. (PPPM-5802)
Plesk daily maintenance script failed to calculate website statistics. (PPPM-5827)
Running the plesk repair ftp utility produced confusing error messages if the path to an FTP user’s directory contained “/” characters instead of “". (PPPM-5839)
DKIM settings could not be managed if SmarterMail 14.x or earlier was installed on the server. (PPPM-5812)

WordPress Toolkit 2.0

23 March 2017

WordPress sites can now be cloned between domains or subscriptions.
A WordPress site’s data (including files and/or database) can be synchronized with another WordPress site.
A WordPress site can now be imported from another server. The Plesk Migrator extension is required for this functionality.
Search engine indexing can now be enabled or disabled for a WordPress site.
The events of creating and removing WordPress instances can now be processed by Plesk.
It is now possible to enable debugging options for a WordPress site.
Automatic updates can now be configured to install only the minor (security) updates.
The WordPress instance management page was improved to display more clear and detailed information.
The process of WordPress installation is now faster and has more detailed reporting.
During WordPress installation, WordPress Toolkit did not check if a database with the same name and database user already exists. (EXTWPTOOLK-423)
During installing WordPress on additional domains in Plesk for Windows, the “write/modify” permissions to the “wp-content” folder were not set automatically. As a result, images and themes of the WordPress installation could not be managed. (EXTWPTOOLK-419)
When switching to another WordPress instance from a WordPress instance settings dialog, the list of other instances was displayed without URLs. (EXTWPTOOLK-407)
In some cases, a confusing error message was displayed after WordPress installation was completed. (EXTWPTOOLK-343)
If MySQL server data directory in Plesk for Windows was changed so that it differed from the location of MySQL server executable files, WordPress could not be installed. (EXTWPTOOLK-326)
The “wp-config.php” file of a WordPress instance installed via WordPress Toolkit did not contain the “multisite” string, therefore it was inconvenient to enable multi-site WordPress. (EXTWPTOOLK-322)
When the Keychain for API Secret Keys and WordPress Toolkit extensions were installed in Plesk for Linux, reseller could not log in to Plesk. (EXTWPTOOLK-317)
Two quick WordPress installations run one by one on a domain, could lead to conflicts.(EXTWPTOOLK-288)
If an error occurred during WordPress installation, the full error description was not displayed in the maximized progress dialog. (EXTWPTOOLK-286)
During WordPress installation, the progress dialog was initially displayed minimized without showing information about the installation, and the list of WordPress instances did not refresh after the installation completion. (EXTWPTOOLK-285)
After renaming a domain with installed WordPress the “Site Address (URL)” parameter in WordPress was not changed. (EXTWPTOOLK-250)
If the value of the “Preferred domain” parameter was changed for the domain with installed WordPress, the automatic log in to WordPress from the Plesk user interface failed. (EXTWPTOOLK-249)
When access to WordPress Toolkit was restricted in Plesk configuration, an unclear error message was shown when trying to open WordPress Toolkit. (EXTWPTOOLK-237)
The “Update” and “View details” links were displayed merged in the Themes and Plugins tabs. (EXTWPTOOLK-141)
The “Owner” column in the list of WordPress installations contained a broken link if a subscription belonged to the Plesk administrator. (EXTWPTOOLK-33)
In some cases, WordPress sites were updated automatically even if automatic updates were disabled in their settings. (EXTWPTOOLK-20)

Plesk Multi Server 1.1.3

23 March 2017

Compatibility fixes with Plesk Onyx 17.5.
During upgrade of the Plesk Multi Server extension, service node synchronization was performed thus changing service nodes status to “Being activated” and making them unavailable for management. (EXTPMS-1293)
An administrator could not create a new subscription on a service node if a public IP address was assigned to the default shared IP address. (EXTPMS-1184)

Plesk Migrator 2.6

23 March 2017

Migration of files, databases, and WordPress sites from any server available via FTP is now supported.
Database content could not be synchronized in Plesk for Windows when different remote Microsoft SQL servers were used by the source and the target servers. (PMT-3509)
A database was duplicated during second migration of a subscription having capital characters in name. (PMT-3535)
During migration from DirectAdmin, content of administrator’s subscription became unavailable if the owner of the document root folder was incorrect. (PMT-3508)
Migration from DirectAdmin could not be started if a customer with non-unicode symbols in the name was present on the source server. (PMT-3540)
Migration from DirectAdmin could not be started if a mail auto-reply had been created for a domain on the source server and then the file with the auto-reply message had been deleted. (PMT-3542)
Migration from DirectAdmin was blocked if a cron task on the source server could not be parsed. (PMT-3544)
After migration from a custom panel, the Apache error log file could not be opened in the Log Browser because of incorrect permissions. (PMT-3460)
MySQL server databases could not be migrated from DirectAdmin if a remote MySQL server was used on the source server. (PMT-3545)

Plesk Onyx Update 20

20 March 2017

Third-Party Updates

PHP 7.1 was updated to version 7.1.3.
PHP 7.0 was updated to version 7.0.17.

Plesk Multi Server 1.1.2

20 March 2017

Multiple performance improvements related to task management were made.
A confusing error message appeared in the Plesk Multi Server user interface during operations with prohibited domain names. (EXTPMS-1274)
During synchronizing a subscription with its service plan, the “Permanent SEO-safe 301 redirect from HTTP to HTTPS” option became disabled in the subscription’s hosting settings, though, in the service plan’s settings, this option was enabled. (EXTPMS-1239)
The “Tasks” page loaded too slowly during operations with tasks in case of many tasks. (EXTPMS-1240)
After renaming a subscription, its name was not changed in the list of subscriptions on the management node. (EXTPMS-1214)
If a task on a service node failed by timeout, the service node was always set to the “Unavailable” status. (EXTPMS-1235)
A service node became unavailable in the case of a web server configuration error. (EXTPMS-1212)
When a service node was disabled and then enabled, DNS zone template synchronization started while the DNS zone templates of the service node and the management node were already in sync. (EXTPMS-1217)
When clicking the “Manage Node” link in the management node user interface, the HTTP connection was changed to HTTPS in the service node’s URL. (EXTPMS-1164)
If there were non-critical issues during service nodes synchronization, the administrator was not notified about them. (EXTPMS-1110)
The administrator could not search for tasks with the “New” and “Queued” statuses in the tasks list. (EXTPMS-1121)
The administrator could not sort tasks in the tasks list by the “Action” field. (EXTPMS-1109)

Plesk Onyx Update 19

15 March 2017

Third-Party Updates

The CVE-2015-8994 vulnerability in PHP 5.5, 5.6, 7.0, and 7.1 could lead to disclosure of sensitive data. To fix this vulnerability, the following configuration changes were made:
- For PHP 5.5: the OpCache extension was disabled, and the opcache.enable directive was set to 0 in /opt/plesk/php/5.5/etc/php.d/10-opcache.ini.
- For PHP 5.6, 7.0, and 7.1: the opcache.validate_permission directive was set to 1 in /opt/plesk/php/<PHP version>/etc/php.d/10-opcache.ini.

Note: Existing PHP configurations that had been changed by users will not be affected by those updates.

Ruby 1.3.2

14 March 2017

Minor improvements.

Node.js 1.3.2

14 March 2017

Node.js applications failed to operate correctly if a subdirectory inside the subscription’s virtual host directory was configured as the application’s document root. (EXTNODEJS-31)

Plesk Onyx Update 18

6 March 2017

Some error messages that appeared in the Plesk user interface during saving backup to an FTP storage, were not displayed in logs. (PPPM-5767)
If Fail2ban was installed, full server backup did not include the ‘fail2ban.local’ file. (PPPM-5400)

Linux

Backing up more than 1 GB to an FTP storage increased CPU load to 90%. (PPPM-5779)
Some error messages that appeared in the Plesk user interface during saving backup to an FTP storage, displayed “Broken pipe” instead of the text of the original error returned from the FTP storage. (PPPM-5686)
A PostgreSQL database could not be opened in phpPgAdmin if the Dropbox Backup extension was installed. (PPPM-5751)

Windows

It was impossible to secure MailEnable mail server with a Let’s Encrypt certificate. (PPPM-5781)
Let’s Encrypt certificate was not applied to MailEnable mail server after renewing. (PPPM-5853)
A Microsoft SQL Server 2016 database could not be restored from backup and a confusing error message was displayed in the Plesk user interface. (PPPM-5754)

Security Advisor 1.4.0

3 March 2017

The System tab now displays the promos of Virtuozzo ReadyKernel and KernelCare and allows installation of one of those tools.

Plesk Migrator 2.5

2 March 2017

Migration from DirectAdmin 1.51 is now supported.
Migrated databases are automatically renamed before restoration to avoid conflicts in cases of the same names of databases and database users.
Administrator can now configure the depth of checked web site links in post-migration checks.
Migration from Plesk 11.0 failed when a custom button with an icon in PNG format was configured on the source server. (PMT-3458)
Migration on Windows could not start if the path to the ‘plesk’ utility was not specified in the PATH variable of the target server. (PMT-3452)
Migration on Windows could not start if no PHP handlers were installed on the target server. (PMT-3472)
MySQL databases could not be migrated if an incorrect or empty password was set in the MySQL configuration file. (PMT-3394)
Adjusting application settings could work infinitely in case when the parent folder of a web site on the source server contained symbolic links. (PMT-3412)
If an additional domain’s IP address differed from the subscription’s IP address, the DNS records of the additional domain could not be migrated. (PMT-3445)

Ruby 1.3.1

21 February 2017

Ruby 2.4 is now supported.
Ruby 2.3 was updated to the version 2.3.3.
Ruby 2.2 was updated to the version 2.2.6.

Plesk Onyx Update 17

20 February 2017

Linux

PHP 7.0 packaged by Plesk is now shipped with the ‘redis’ and ‘xdebug’ PHP extensions.

Third-Party Updates

PHP 7.1 was updated to version 7.1.2.
PHP 7.0 was updated to version 7.0.16.

Plesk Onyx Update 16

13 February 2017

Sometimes, uploading Plesk backups to FTP failed because the stream cache size was being exceeded. (PPPM-5626)
Plesk always sent notifications whenever a scheduled full backup was created under a reseller account. (PPPM-5351)

Linux

On Ubuntu 16.04 servers, running the plesk repair fs -v command failed to correct permissions on file system objects. (PPPM-5712)
Under specific circumstances, full backups were created instead of incremental ones in Plesk. (PPPM-5447)

Virtuozzo ReadyKernel 1.0.1

8 February 2017

If multiple versions of kernel were installed in the operating system, the extension could display an error even if the patch was installed successfully. (EXTPLESK-159)
If no patches were available for the operation system kernel, the extension displayed a non-informative message. (EXTPLESK-160)

WordPress Toolkit 1.4.0

2 February 2017

WordPress is now installed directly from wordpress.org instead of the Applications Catalog.
Any WordPress installations (including manually installed ones) can now be removed via the WordPress Toolkit user interface.
Resellers now have access to a single screen that lists all WordPress installations that belong to them and their customers.
The default protocol during WordPress installation was HTTP. Now it is changed to HTTPS. (EXTWPTOOLK-245)
A non-informative message was displayed in the user interface for WordPress installations of earlier versions. (EXTWPTOOLK-238)
During custom installation, the prefix of database tables was different from the one specified in the installation settings. (EXTWPTOOLK-236)
If a WordPress site name contained special symbols (for example, apostrophe), HTML code was displayed instead of such symbols in the user interface. (EXTWPTOOLK-220)
The owner of a subscription without a permission to manage WordPress Toolkit could see an added installation in the WordPress Toolkit. (EXTWPTOOLK-206)
The “Synchronize” button name was confusing for the users, so this button was renamed to “Refresh”. (EXTWPTOOLK-199)
The display name of the WordPress administrator was displayed in the “Change Account on the WordPress Installation” dialog instead of the user name. (EXTWPTOOLK-185)
When trying to install WordPress 3.6 version (that is no longer supported) an incorrect version number was displayed in the error message. (EXTWPTOOLK-166)
When installing plugins or themes to all WordPress installations, broken WordPress installations were available for selection. (EXTWPTOOLK-135)
In some cases, the menu for selecting WordPress installations for installing plugins or themes was hidden in the user interface. (EXTWPTOOLK-134)
In some cases, WordPress installation settings could not be updated and a confusing error message was displayed. (EXTWPTOOLK-117)
If a WordPress installation was broken, no information about its domain was displayed in the list of WordPress installations. (EXTWPTOOLK-25)
If a WordPress installation had been manually removed, it could not be correctly removed from the list of WordPress installations. (EXTWPTOOLK-17)

Plesk Onyx Update 15

1 February 2017

Linux

On CentOS 6 and 7, CloudLinux 6 and 7, and Red Hat Enterprise Linux 6 and 7 servers, after installing Plesk Onyx update 14, mail retrieved via the POP3 protocol could not be read. (PPPM-5676)

Plesk Onyx Update 14

30 January 2017

API requests referring to a domain name including letters with umlauts or a number of other special symbols could not be completed successfully. (PPPM-5563)
Retrieving the list of available Plesk backups took a long time if the FTP repository was misconfigured. (PPPM-5438)

Linux

Plesk could not be updated if the Epel repository was enabled. (PPPM-5517)
Users could not create MariaDB database users via phpMyAdmin 4.6.5.1. (PPPM-5428)
On servers with phpMyAdmin version 4.6.5.1 installed, users could not execute routines. (PPPM-5413)
On servers with phpMyAdmin version 4.6.5.1 installed, exporting a MySQL database in the .sql format resulted in a malformed database dump that could not be imported. (PPPM-5418)
On servers with phpMyAdmin version 4.6.5.1 installed, database users could not be added via phpMyAdmin. (PPPM-5428)

Windows

Under specific circumstances, the creation of a subscription or a server backup failed with the “Unable to get file attributes. File will not be archived.” error. (PPPM-5575)
Creating an FTP or database user while a full server backup was being performed resulted in an error. (PPPM-5434)

Third-Party Component Updates

phpMyAdmin was updated to version 4.6.6.

Plesk Onyx Update 13

23 January 2017

A number of updates to the Plesk locale.
Plesk backups could not be managed in “Tools & Settings” > “Backup Manager”. (PPPM-5542)
When migrating via the command line, subdomains could not be migrated if the parent domain’s hosting type was set to “Forwarding”. (PPPM-5525)
Uploading a Plesk backup file 1 GB or greater in size to an FTP repository resulted in the backup process hanging and blocking further attempts to back up. (PPPM-5472)

Linux

Clicking “Retrieve Keys” in the Plesk interface failed to retrieve the Plesk Multi Server license from KA. (PPPM-5568)
Plesk backups stored if an FTP repository could not be restored if the size of user data for one or more subscriptions exceeded 2 GB. (PPPM-5532)
On CentOS 7 x64 servers, Plesk installed in a Virtuozzo 7 container incorrectly detected the environment as a physical server. (PPPM-5509)
Gracefully restarting Apache a number of times during a short period of time could result in the mod_fcgid process crashing. (PPPM-4567)

Windows

Plesk backups could not be created if certain information was missing from the Plesk database. (PPPM-5573)
Under specific circumstances, the creation of Plesk backups failed. (PPPM-5457)
Plesk backups could not be uploaded to the FTP repository if the name of the subscription’s system user contained the “@” character. (PPPM-5430)

Third-Party Component Updates

PHP 7.1 was updated to version 7.1.1.
PHP 7.0 was updated to version 7.0.15.
PHP 5.6 was updated to version 5.6.30.

Plesk Migrator 2.4

20 January 2017

During migration of mail content from a custom panel, it is now possible to define configuration settings like for a subscription content. In particular, it is possible to specify files or directories that should be excluded from copying or to define advanced file mapping.
A subscription belonging to a reseller could not be synchronized with an add-on service plan after migration. (PMT-3413)
Post-migration checks did not detect error messages or warnings on a web page in case when the HTTP code and the title of the web page were identical on the source server and on the target server. (PMT-3388)
During migration from a custom panel, post-migration checks were run for an enabled subscription with disabled main domain. As a result, error messages were reported. Now no post-migration checks are run in this case. (PMT-3378)
During migration from a custom panel, post-migration checks failed if a subscription had an add-on domain with an IP address other than the subscription’s IP address. (PMT-3371)
Post-migration checks did not detect some typical PHP error messages or warnings on web pages. (PMT-3389)

Linux

Migration could not be started on CentOs 5. (PMT-3417)
An unclear error message was displayed during migration if the configuration files of migrated applications contained non-unicode symbols. As a result, the adjusting of all other applications of the migrated subscription failed. (PMT-3398)
An unclear error message was displayed during migration if WordPress configuration files contained non-UTF-8 symbols. As a result, the adjusting of a particular WordPress instance failed. (PMT-3400)

Windows

Plesk Migrator can now be configured to detect the scriptiong settings (PHP version, ASP.NET version, ASP) of a subscription on the source server and migrate them properly.
Migration from a custom panel failed if the hosting description contained binary data in password fields of hosting description. (PMT-3390)
If the web.config file of a web site contained XML namespaces, the web site could stop functioning after migration. (PMT-3387)
Migration could fail if many (more than 10000) application files were changed during adjusting. (PMT-3409)
After migration from a custom panel there were no write permissions in the document root of a migrated subscription, it these permissions were not set explicitly in the hosting description. Due to this issue, the permissions settings sometimes were lost during migration from Plesk Onyx to Plesk Onyx. (PMT-3407)
Web Presence Builder was not registered in Plesk after migration to Plesk for Windows 12.5 or Onyx. (PMT-3369)
Some errors related to Microsoft SQL Server were not reported in Plesk Migrator log. (PMT-3362)
If migration of a Microsoft SQL Server database failed, Plesk Migrator added a database dump to an existing dump file during each new attempt to migrate, thus increasing the size of the dump file. (PMT-3411)

Node.js 1.3.1

18 January 2017

Node.js 7 is now supported.
In some cases a domain’s document root directory could not be changed in Node.js settings. (EXTNODEJS-36)
It was impossible to set an application startup file to a file located in a subdirectory. (EXTNODEJS-20)
The Node.js user interface contained no quick link for editing an application startap file. (EXTNODEJS-18)

Plesk Multi Server 1.1.1.

26 December 2016

It is now possible to add service node in the sync mode via CLI. In this case the added node will get the Active status.
A new subscription was created without hosting if its service plan had the “SSH access to the server shell under the subscription’s system user parameter set to /bin/bash(chrooted). (EXTPMS-1200)
A customer could not select a subscription in the list of subscriptions. (EXTPMS-1181)
A wrong message was displayed when reissuing a secret key for a service node via CLI. (EXTPMS-1180)
A service plan with a disabled Web statistics parameter could not be synced. (EXTPMS-1176)
A customer could not create a new subscription at a service node with a public IP address. (EXTPMS-1171)
If no country was specified for a customer, a new subscription creation could fail for this customer. (EXTPMS-1054)
A new subscription could not be created with a system user that had been already used for a deleted subscription. (EXTPMS-1084)
A new subscription could not be created if another subscription creation task with the same ID had been created earlier. (EXTPMS-1186)

Plesk Migrator 2.3.2

22 December 2016

A new mode was added to migration from Confixx so that mail users will be able to log in to their mail accounts on the target server with their original usernames and passwords.
During migration from cPanel, it is now possible to change the document root of a migrated domain.
It is now possible to migrate mail content to/from Plesk Onyx using a remote SmarterMail server.
Domain alias could not be migrated if its name was present in the DNS template. (PMT-3340)
During migration, long FTP user names (with 16 or more symbols) were truncated to 15 symbols. Now the maximum length for FTP names is 16 symbols that corresponds to the limitation of Plesk. (PMT-3320)
An error occured during adjusting application files after migration if the file names contained non-ASCII symbols. (PMT-3334)
The description of copy content options in Plesk Migrator user interface was insufficient. (PMT-3330)
Migration of additional users associated with a subscription was performed incorrectly. As a result, the corresponding subscription could fail to migrate.(PMT-3351)

Linux

Web content could not be migrated from cPanel, Confixx, or Parallels Pro Control Panel for Linux, if CageFS was enabled on the source or target server. (PMT-3333)
Mail users having the permission to log in to Plesk on the source server could not log in to Plesk on the target server after migration. (PMT-3354)

Windows

Mail flags and folders were lost during migration from hMailServer 3. (PMT-2943)
Migration to/from Plesk failed if the Plesk database had a name other than ‘psa’. (PMT-3329)

Plesk Onyx Update 12

21 December 2016

PHP versions 5.6 and 7.0 shipped by Plesk now come with the ioncube-loader extension.

Linux

CentOS 7.3 is now supported.

WordPress Toolkit 1.3.1

14 December 2016

WordPress installations on subscriptions using an old PHP version (5.3 or earlier) could not be managed from Plesk. (EXTWPTOOLK-188)

Plesk Onyx Update 11

13 December 2016

Plesk backups including customer or reseller accounts wit hthe “&” symbol in the account name could not be restored. (PPP-27089)
Under specific circumstances, files uploaded via the File Manager were placed in a different directory than the one selected by the user. (PPP-27075)
Clicking “Edit error page” for a domain belonging to a suspended subscription resulted in an error. (PPP-27045)

Linux

The dovecot service could not start if IPv6 was disabled on the server. (PPP-27057)
On CentOS 7 x64 servers, Roundcube filters configured to forward incoming mail based on specific parameters did not work. (PPP-27056)
On Ubuntu 16.04 x64 servers with Dovecot installed, mail could not be delivered if apparmor was enabled on the server. (PPP-26959)
The backup.log file did not include the information about cartain issues encountered during the backup process. (PPP-26351)

Third-Party Component Updates

PHP 7.1 is now supported.

Linux

Pigeonhole was updated to version 0.4.16 on Ubuntu 16.04.
Dovecot was updated to version 2.2.26.0 on Ubuntu 16.04.

WordPress Toolkit 1.3.0

12 December 2016

It is now possible to manage general settings (like the site name or the interface language) of manually added WordPress installations by means of WordPress Toolkit.
An unclear message was displayed in the Plesk user interface if an unsupported version of WordPress was detected on a web site. (EXTWPTOOLK-130)
The –wp-cli command of the wp-toolkit utility returned an empty output. (EXTWPTOOLK-165)
On Windows, securing WordPress did not work for installations on additional domains or subdomains. (EXTWPTOOLK-133)

Plesk Onyx Update 10

9 December 2016

Third-Party Component Updates

PHP 7.0 was updated to version 7.0.14.
PHP 5.6 was updated to version 5.6.29.

Plesk Multi Server 1.1.0.

8 December 2016

Plesk administrator can now manage Plesk objects on the management node and the service nodes via CLI.
Mail sent between domains hosted on the same Plesk Multi Server infrastructure could not be delivered. (EXTPMS-954)
Under specific circumstances, IP addresses attached to a subscription could not be synced. (EXTPMS-949)
Plesk servers with missing entries in the DNS template could not be added to the master node. (EXTPMS-953)

Plesk Migrator 2.2.2

8 December 2016

Migration to Plesk Multi Server is now supported.
Mail migration from hMailServer 5 is now supported.
During migration from cPanel, it is now possible to change document root of a subscription or a domain.
Migration of mail messages using the IMAP protocol from any custom server is now possible.
Administrator can now switch on automatic post-migration checks after migration.
After migration using the IMAP protocol, all messages on the source server were marked as read. (PMT-2939)
It was impossible to migrate several aliases of the same mail account. (PMT-3190)
Migration from Plesk Onyx could be blocked in cases of inconsistency of subscription limits or permissions on the source server. (PMT-3175)
It was impossible to enable automatic deployment of RPC agent after an attempt to start migration with manual deployment of RPC agent. (PMT-3229)
After custom migration, post-migration checks log file could contain error messages related to fake subscriptions that were created for grouping domains into a single subscription on the target server during migration. (PMT-2861)

Linux

In some cases, migration from Plesk failed if TLSv1.0 was disabled on the target server. (PMT-3276)
Migration failed if there were no ‘apache’ user on the source server. (PMT-3213)
If the Plesk Migrator extension installation failed, no error messages were displayed in the Plesk user interface. (PMT-3204)

Windows

A subscription with a DotNetNuke application failed to migrate from one Plesk Onyx server to another. (PMT-3192)
An incorrect message was displayed during migration of a subscription using a database with several tables. (PMT-3198)

Plesk Onyx Update 9

6 December 2016

The <hostname> placeholder can now be used in the Plesk DNS template.
Plesk license number was not included in the “Buy Now” URL. (PPP-26978)
Additional administrator account could not access the “My Profile” screen in Power User view. (PPPM-5272)
Plesk did not recognize the correct province code for Newfoundland & Labrador. (PPPM-5270)
MySQL databases moved from one subscription to another could not be opened in phpMyAdmin if both subscriptions used a common database user to manage all databases. Note: installing the update prevents the issue from occurring, but does not retroactively fix the already affected databases. To fix an affected database, create a new database user and assign the user to the database. (PPPM-5251)
Under specific circumstances, users could not upload files using the File Manager. (PPPM-5230)
Users could not configure or use the FTP repository for backups if the panel.ini file contained duplicate sections or other syntax errors. (PPPM-5317)

Linux

When restoring a full server backup, the logic for generating the event_handler processes was faulty. (PPP-27041)
Users could not authenticate via POP3 or IMAP after updating Dovecot manually or via the System Updates feature. (PPP-27009)
Browsing a domain alias resulted in an endless redirect loop if the alias domain name was similar to the name of the parent domain and the “Enable ‘Redirect with the HTTP 301 code” option was disabled in the alies settings. (PPPM-5290)
Changing PHP settings in Plesk resulted in the PHP handler for the domain being switched to ‘FPM application served by Apache’. (PPPM-5264)
Plesk installed on a VMware virtual machine sometimes incorrectly detected the environment as a physical server. (PPPM-5257)

Third-Party Component Updates

phpMyAdmin was updated to version 4.6.5.1.

Linux

Pigeonhole was updated to version 0.4.16 on Ubuntu 14.04.
Dovecot was updated to version 2.2.26.0 on Ubuntu 14.04.

Windows

ASP.NET Core was updated to version 1.1.

WordPress Toolkit 1.2.2

1 December 2016

WordPress 4.7 is now supported.

Plesk Onyx Update 8

28 November 2016

Plesk administrators can now configure custom store hostname in the panel.ini file to be able to resell Plesk extensions in their own online store.
When backing up to an FTP repository, full backups were created instead of incremental ones. (PPPM-5274)
On the Plesk login page, selecting a different language from the menu did not result in the interface language changing. (PPP-26849)
Any FTP errors during the creation of a multi-volume backup stored in the FTP repository resulted in the backup file getting corrupted. (PPP-26843)
Under specific circumstances, users were unable to log in to Plesk via the Plesk Mobile application. (PPP-26768)

Linux

On CentOS 7 x64 servers with MySQL Community Edition 5.7 installed, the gems-pre component and the plesk-gems-pre package could not be installed. (PPP-26920)
Users could not use selective restore to recover individual Plesk objects from multi-volume backups stored in the FTP repository. (PPP-26869)
The dist-upgrade post_* script did not install Plesk updates. (PPP-26845)
When restoring a full server backup, the number of event_handler processes Plesk could create was not limited. (PPP-26817)
After restoring a domain with DKIM enabled, the “p=DKIM1;” prefix was added to the DKIM TXT record even it already existed. (PPP-26787)
The dist-upgrade script failed to update certain packages. (PPP-26765)
If Plesk was installed in a NAT environment, the default site preview failed to process HTTP headers in web server responses. In addition, links to resources (images, css, js on the same site) in the returned web page are broken. (PPP-26724, PPP-26726)
Mail headers of emails retrieved from a Plesk server via Outlook were blank if “DKIM spam protection” was enabled on the server. (PPPM-5070)

Windows

Disabled domains without a DNS zone could not be activated. (PPPM-5105)

Third-Party Component Updates

phpMyAdmin was updated to version 4.6.4.

Linux

Roundcube was updated to version 1.2.2.
Pigeonhole was updated to version 0.4.16 on all supported OSes except for Ubuntu 14.04 and Ubuntu 16.04.
Dovecot was updated to version 2.2.26.0 on all supported OSes except for Ubuntu 14.04 and Ubuntu 16.04.

Windows

BIND was updated to version 9.10.4-P4.

Plesk Multi Server 1.0.1

22 November 2016

The command-line utility plesk ext plesk-multi-server for managing nodes and tasks was added.
Subscriptions could not be created if the A or AAAA records in the Plesk DNS template pointed to an public IP address. (PPP-26854)
Addon domain creation failed if the parent subscription was renamed before performing sync. (PPP-26669)
After sync, subscriptions exceeding plan limits were displayed as “Active” instead of “Unsynchronized” on the management node. (PPP-25327)
Installing a valid Plesk license on a service node with “Unsupported” status gave the Multi Server administrator access to controls they were not meant to have access to. In addition, it made returning to the management node interface impossible. (PPP-26437)
After a subscription was created, for the first few seconds it had “Provisioning Failed” status instead of “Provisioning”. (PPP-26771)
In status details of subscriptions with failed to be provisioned, the node status was listed as “Undefined” instead of “Unavailable”. (PPP-25334)

Plesk Onyx Update 7

21 November 2016

The help text for the Backup Manager ‘Exclude certain files from the backup’ control was improved.
When creating a Plesk backup, no useful information was displayed under “current operation” on the “Backup details” tab.(PPP-26740)
The unnecessary “[” and “]” symbols surrounding the “Install Now” prompt on the Plesk home page were removed. (PPP-26709)
HTML5 video tutorials could not be displayed properly. (PPP-26681)
Users could not upload files via the File Manager opened on a mobile device or in responsive view in a browser. (PPP-26644)

Linux

The reliability of the Plesk Installer repository was improved.
Users could not disable the Plesk implementation of Sender Rewriting Scheme due to the lack of controls. (PPPM-5227)
On Debian and Ubuntu servers, installing Plesk updates during cloning could fail with a “bad substitution” error. (PPP-26814)
On CentOS 7 x64 servers, creating an incremental backup stored in an FTP repository resulted in the backup process hanging and consuming a lot of memory if there was not enough free disk space in the DUMP_D directory. (PPP-26775)
After performing a “Debian 7 to Debian 8” dist-upgrade on a server with Plesk installed, Fail2ban could no longer be managed via the f2bmng utility. (PPP-26522)

Windows

Users could not use selective restore to recover individual Plesk objects from multi-volume backups stored in the FTP repository, and when backing up to an FTP repository, full backups were created instead of incremental ones. (PPP-26791)
The MySQL server could not start on a server with the “Active Directory Domain Services” role configured. (PPPM-5171)
After backing up and restoring extension data in Plesk, national characters were replaced with the “?” sign. (PPP-26332)

Ruby 1.3.0

16 November 2016

Security enhancements.

Plesk DNSSEC 1.2.0

16 November 2016

The extension was translated into a number of languages.

Node.js 1.3.0

16 November 2016

A quick link for editing the application startup file was added to the application settings screen.
The ability to set the domain’s document root directory was added to the application settings screen.
Security enhancements.

Docker 1.3.1

16 November 2016

The extension locale was updated.

Plesk Onyx Update 6

14 November 2016

The “additional_license_expired” event was added to the Event Manager.
A number of updates to the Plesk locale.
A number of security enhancements.
Trying to log in automatically using a relative path in the success_redirect_url resulted in a 404 error. (PPPM-3729)
After restoring in Plesk Onyx a Plesk backup made in an earlier Plesk version, DKIM keys in the Plesk database and the mail server configuration did not match those in the DNS zone. (PPP-25564)
Unclear errors were logged in the panel.log file if the psaadm user lacked permissions on the %plesk_dir%/var/backup_encrypt.lock file. (PPP-26653)

Linux

Signature verification failed for DKIM-signed mail sent from one Plesk server to another due to excessively strict DKIM canonicalization. (PPPM-5149)
Kaspersky Antivirus could not be enabled even if the corresponding additional license was installed in Plesk. (PPP-26739)
The plesk_cgroups service generated a lot of confusing error messages in the logs. (PPPM-5163)
On Ubuntu 14.04 servers, MySQL failed to start on server restart. (PPP-26472)
Mail sent from one Plesk server installed on Ubuntu 14.04 via Virtuozzo EZ templates to another was rejected due to identical hostnames being set in Postfix configuration files. (PPP-26735)
Dist-upgrade failed on Plesk servers with /bin/sh pointing to /bin/dash. (PPP-26764)
Disabled domains without a DNS zone could not be activated. (PPPM-5105)
Running the plesk sbin mchk utility removed all records from the local_domains table of the SpamAssassin’s greylisting database. (PPPM-5109)
Log Browser failed to properly parse the Phusion Passenger logs. (PPP-26586)
After upgrading to Plesk Onyx, Apache configuration files for domains could not be generated if a custom template containing non-existent files was used. (PPPM-5104)
The collectd service generated a lot of confusing error messages in syslog if one or more resource controllers were not installed. (PPP-26596)
Mailbox size was reported incorrectly if the directory storing the mailbox data was stored on a partition with a specific file system (e.g. xfs). (PPPM-5114)
Under specific circumstances, a large number of sw-engine processes for event handlers could be created, consuming server RAM and causing performance issues. (PPP-26712)
The “System Update” functionality was unavailable in Power User view with custom view settings configured.(PPP-26730)

Windows

When restoring a backup stored on an FTP repository, mail content was not restored. (PPP-26638)
Under specific circumstances, Plesk backup could hang indefinitely. (PPPM-5130)

Plesk Migrator 2.1.12

14 November 2016

The reliability of post-migration checks has been improved.

WordPress Toolkit 1.2.1

11 November 2016

The list of WordPress installations was not displayed to users logged in to Plesk using the Turkish locale. (EXTWPTOOLK-121)

Plesk Migrator 2.1.11

9 November 2016

Mail content from custom hosting was always migrated in one thread regardless of the configuration file settings. (PMT-3215)
Migration of big files (in particular, database dump files) from a Windows server was too slow. (PMT-3214)
Migration from Windows server with manual RPC agent deployment could not be started if the built-in administrator password of the source server was not specified. (PMT-3228)
During migration from Confixx, all domains were dumped without “www” prefix, so that “www”-records were absent in the domain’s DNS zone after the migration. (PMT-3209)
Migration of a subscription content started only after all hosting objects had been created in all migrated subscriptions. (PMT-3216)

Plesk Onyx Update 5

2 November 2016

Virtuozzo 7 is now supported, starting from Update 1 Hotfix 1 (7.0.1-686). For details, refer to: https://help.virtuozzo.com/customer/portal/articles/2622351. Note:
- Virtuozzo increased security for CentOS 7 containers with this update. Now containers are created with firewall enabled by default.
- Plesk administrator needs to open ports that are necessary for Plesk: https://kb.plesk.com/en/391.
The Resource Controller feature is now available on Virtuozzo 7. New Virtuozzo Application templates were created to support this functionality.
Plesk administrator’s PHP version was updated to 5.6.27.
Execution of system operations in Plesk user interface became faster.
Saving Plesk backup to FTP storage failed with a confusing error message in the backup log. (PPP-26576)
Customer could not restore several selected objects after server backup. (PPP-26564)
Plesk user interface view could not be changed via CLI.(PPP-26550)
It was impossible to use an FTP server with extended passive mode disabled as FTP storage for a backup. (PPP-26546)
A DNS record of PTR type could not be added in DNS settings of a subscription for an IPv6 address with a 3-digit netmask. (PPPM-5063)
When a suspended customer was removed and then restored from a backup, the status of the domain mail service on this customer’s subscription was not restored. (PPP-26450)

Linux

Virtuozzo Linux 7 is now supported on Virtuozzo 7. Plesk can be installed on Virtuozzo Linux container using Virtuozzo templates. Refer to https://virtuozzo.com/products/virtuozzo-linux/.
Unnecessary warning messages were displayed when Plesk was installed with the Phusion Passenger server component.(PPP-26597)
Garbage directories were present in the DUMP_D directory after restoring a subscription from a backup stored on FTP. (PPP-26517)
After installing Plesk, the automatic updates for third-party components shipped by Plesk were disabled. (PPP-26511)
SpamAssassin failed to start if Plesk was installed on CentOS with IPv6 support turned off. (PPP-26509)
Removing the Phusion Passenger server component did not disable Phusion Passenger in Apache, and the server configuration was broken. (PPP-26453)

Windows

Duplicated Node.js items were present in the components list of Plesk installer for Windows. (PPP-26387)
Server backup failed if an application was installed from the APS catalog but the APS package archive was absent in the file system.(PPPM-5030)

WordPress Toolkit 1.2.0

2 November 2016

If an extension version was changed from 2-digit to 3-digit, the extension upgrades were unavailable. (PPP-26678)

Plesk Multi Server 1.0.0

2 November 2016

Key Features

Automatic and manual distribution of subscriptions between connected service nodes.
All Plesk users, including administrators, can log into to all connected servers from a single place.
Centralized account management across multiple Plesk instances.
Centralized management of tools and settings across multiple Plesk instances.
API for billing / external system integration
WHMCS billing support out of the box

See more details: About Plesk Multi Server.

Limitations

CLI is not supported
Resellers are not supported
Linux only support
Extensions from Plesk Extensions catalog are supported, no custom extensions uploaded directly to panel supported
No dedicated mail service support
No central DNS support

See more details: Plesk Multi Server Roadmap.

Docker 1.3.0

2 November 2016

Docker is supported on Virtuozzo 7 and separate Virtuozzo Application templates are now available for Plesk Docker.

WordPress Toolkit 1.1.1

27 October 2016

It was impossible to change administrator’s access credentials for automatic logging into WordPress 4.6. (EXTWPTOOLK-114)

Plesk Migrator 2.1.8

27 October 2016

Mail content can now be migrated from hMailServer 5.
Plesk Migrator can now be installed from Plesk Extensions Catalog on Linux.
In some cases, restoration of Microsoft SQL database or MySQL database on Windows failed with an error on access to the dump. (PMT-3187)
Secondary transfer of a mail message without header to SmarterMail failed. (PMT-3189)
When a subscription was migrated from Plesk Expand with Centralized Mail server, mail service was disabled on the target server. (PMT-3148)
The Overview tab of the Plesk Migrator user interface had bad appearance when some particular Plesk skins were used. (PMT-3201)
Sites having errors on both source and target servers were marked as migrated with errors during the post-migration check.(PMT-3172)
An add-on domain could not be migrated if a DNS record corresponding to its name already existed in the target server’s DNS template. (PMT-2580)

Plesk Onyx Update 4

24 October 2016

Adding a second IP address to a Plesk server and configuring the mail server to use it for outgoing mail resulted in webmail becoming inaccessible. (PPP-26499)
Individual objects (such as mailboxes) could not be restored from server level Plesk backups. (PPP-26496)
Retrieving the status of the DNS zone template via XML API resulted in the “enabled” message even if the DNS zone template was disabled. (PPP-26484)
Backing up to the FTP repository failed if the backup file could not be uploaded in one hour. (PPP-26478)
Updated additional keys for ISV extensions could not be retrieved. (PPP-26447)

Linux

Plesk installed on a Xen virtual machine incorrectly detected the environment as a physical server. (PPPM-5075)
Backups stored in the FTP repository could not be restored if the DUMP_D and DUMP_TMP_D directories were located on different devices. (PPP-26469)
In Site Preview, users could not log in to Magento. (PPP-26455)
Plesk installed on a Proxmox virtual machine incorrectly detected the environment as a physical server.(PPPM-4825)
On Ubuntu 12.04 x64 servers, setting the PHP handler for a domain using PHP 5.3.10 supplied by the OS vendor to “FPM application served by nginx” resulted in an error. (PPP-19481)

Windows

Password-protected incremental backups stored in the FTP repository could not be restored if the “Input password manually” option was selected. (PPP-26461)

Ruby 1.2

24 October 2016

Ruby versions were updated to 2.1.10, 2.2.5, 2.3.1. Bundler version was updated to 1.13.5. The rbenv utility version was updated to 1.1.0. (EXTRUBY-13)

Node.js 1.2

24 October 2016

Node.js versions were updated to 4.6.1 (npm 2.15.9) and 6.9.1 (npm 3.10.8). (EXTNODEJS-8)

Docker 1.2

24 October 2016

Docker extension installation hung on Linode servers with Ubuntu 16.04. (EXTDOCKER-25)

Plesk Onyx Update 3

18 October 2016

Third-Party Component Updates

PHP 5.6 was updated to version 5.6.27.

WordPress Toolkit 1.1

18 October 2016

In some cases, the extension upgrade failed. (EXTWPTOOLK-116)

Ruby 1.1

18 October 2016

Security Improvements.
Application Root could not be changed from the Ruby page of a subscription. (EXTRUBY-8)
Environment settings were ignored during Rake tasks execution so that all Rake tasks were executed in the default “development” environment. (EXTRUBY-6)

Plesk Migrator 2.1.4

18 October 2016

Migration from Plesk Onyx was blocked in case of data inconsistency on a source server. (PMT-3175)

Node.js 1.1

18 October 2016

Security Improvements.
Button descriptions were missing on the Node.js page of a subscription. (EXTNODEJS-2)

Docker 1.1

18 October 2016

Incorrect hint was displayed in the Environmental variable value field in a container’s settings. (EXTDOCKER-19)
In the case of using a remote Docker, no hint was displayed for the SSL icon on the “Tools & Settings > Docker” page. (EXTDOCKER-8)
HTML tags were displayed in the Plesk search results for the found Docker Catalog location. (EXTDOCKER-6)
When a Docker proxy rule was deleted from the domain’s Proxy Rules page and from Websites & Domains, different confirmation dialogs were displayed. (EXTDOCKER-2)

Plesk Onyx Update 2

17 October 2016

Users had to enter the login and password In Plesk Mobile after they already logged in to Plesk. (PPP-26433)
The Plesk installer displayed incorrect information about available update for PHP 5.4 after installation. (PPP-26362)
If a subscription backup was encrypted with a password and stored in an FTP storage, it could not be decrypted during the restoration. (PPP-26355)
An additional license key for DNSSEC could not be renewed. (PPP-26307, PPP-26425)
A confusing error message “Zend_Exception: No entry is registered for key ‘dbAdapter’” was displayed in Plesk installed on Virtuozzo containers if Plesk was unavailable due to container offline management settings.

Linux

A confusing error message was displayed after removing a subscription with a mail alias and Plesk Premium Antivirus switched on. (PPP-26377)
It was possible to specify the soft limit greater than the hard limit on system resources. (PPP-26386)
Scheduled backup could not be run on Ubuntu 16.04. (PPP-26272)

Windows

A remote SmarterMail Server could not be set as default main server. (PPP-26364)
System time could not be saved if a one-digit number was set for hours. (PPP-26378)

Third-Party Component Updates

PHP 7.0 was updated to version 7.0.12.

Plesk Onyx 17.0.17

11 October 2016

Plesk installation using Virtuozzo Application templates is now available on Parallels Virtuozzo Containers 4.6/4.7.
Plesk installation using Virtuozzo Application templates is now available on Parallels Cloud Server 6.
PHP 5.6 was updated to version 5.6.26.
PHP 7.0 was updated to version 7.0.11.
A number of security and stability enhancements.
New sessions could not be created via XML API on Plesk servers where Plesk license was expired or license limits were exceeded. (PPP-26132)
Changing hosting settings of subdomains resulted in the PHP handler for the subdomain being changed as well. (PPP-25976)

Linux

MySQL Community Edition support was added to Plesk.
Plesk System Updates tool now allows installing updates from repositories other than those the packages were installed from.
On Centos 7, Debian 8, and Ubuntu 14.04 servers, OpenSSL for nginx was updated to version 1.0.2j.
Legacy migration manager component has been removed from the list of available components and EZ templates for Virtuozzo.
Fixed the issue where certain operating systems that use systemd could not manage the qmail service. (PPPM-4922)
On Ubuntu 16.04 servers, logging in to Plesk resulted in errors if the “lxc” package was installed on the server. (PPP-25871)
Plesk Onyx installed in HyperV or XEN environments failed to recognize Plesk for HyperV and Plesk for XEN licenses as valid. (PPP-25993, PPP-25875)
On Red Hat Enterprise Linux 7 x64 servers, the Docker extension could not be installed. (PPP-25884)
On CentOS 7 and CloudLinux 7 servers, managing IP addresses in Plesk led to errors due to the absence of the “net-tools” package by default. (PPP-26049)
Plesk Server Health Monitor failed to display the correct information. (PPP-26205)
Plesk System Updates tool notifications did not include repository information. (PPP-25800)
On Ubuntu 12.04 servers, MySQL failed to start if IPv6 was disabled on the server and MySQL version was higher than 5.5.3. (PPP-19879)
The number of worker spamd processes in spam filter settings could not be set to greater than five. (PPP-21103)
Database users with usernames containing prohibited symbols could be created in Plesk which resulted in issues with database creation. (PPP-25979)

Windows

MySQL 5.5 used for storing the Plesk database was updated to version 5.5.52.
MySQL 5.6 used for storing customer databases was updated to version 5.6.33.
OpenSSL was updated to version 1.0.2j.
BIND was updated to version 9.10.4-P3.
MySQL instances no longer run under the local system account.
Changing system user passwords took progressively longer the more domains were assigned to the subscription. (PPP-26133)
Under certain conditions, PHP “notice” level errors were displayed in the Plesk interface. (PPP-25928)

Plesk Onyx 17.0.16

14 September 2016

The ability to add additional services to service plans and subscriptions was added to Plesk SDK.
The event listener fixing the permissions of the wp-config.php file now works even if the WordPress Toolkit extension is not installed.
The stability of backing up to an FTP repository has been improved.
The default Plesk skin was updated.
Information about SSL/TLS certificates securing the mail server and webmail is now included in Plesk backups.
Adding an SSL/TLS certificate to a domain’s certificate repository erased the certificates present in its subdomains’ certificate repositories. (PPP-25275)
Mail accounts with access to Plesk but no mailbox could not be restored from Plesk backups. (PPP-25403)
Installing both the Docker and the Amazon Route 53 extensions on a Plesk server resulted in issues with signing in. (PPP-23643)
Certain Plesk backup error messages were non-informative. (PPP-25360)

Linux

Ubuntu 16.04 is now supported.
Dist-upgrade from Ubuntu 14.04 to Ubuntu 16.04 is now supported.
MySQL Community Edition support was added to Plesk. (v5.6 is supported; v5.7 has open issue, will be resolved till RTM)
Plesk System Updates tool now logs its output to a separate file.
Plesk System Updates tool now checks for the activity of other package management tools.
Plesk now displays notifications about resource limits and thresholds being achieved.
Plesk can now be installed on Ubuntu 14.04 and 16.04 servers with AppArmor enabled.
Failed Plesk upgrades sometimes resulted in the ‘apsc.aps_application_resource’ table being removed from the ‘apsc’ database. (PPP-25200)
On Ubuntu 12.04 x64 servers with AppArmor enabled, the BIND DNS Server could not be started. (PPP-18290)
Trying to access Tools & Settings > Services Management resulted in an error if the ‘resource controller’ component was installed and enabled, but its configuration was missing from the Plesk database. (PPP-25364)
Scheduled tasks were executed in different environments depending on whether the user pressed ‘Run Now’ on the ‘Scheduled Tasks’ screen the ‘Edit Task’ screen. (PPP-25575)
On CloudLinux 7 x64 servers, issues could occur with the System Updates tool because the default system repositories were specified incorrectly. (PPP-25528)

Windows

Horde now uses PHP 5.6.
On Plesk servers with Web Presence Builder installed and WPB debug logging enabled, accessing the Backup Manager resulted in an error. (PPP-25433)
Creating a mail account resulted in an empty error message if specific settings were missing from the Plesk database. (PPP-25507)
AWStats statistics were sometimes calculated incorrectly for domains that were assigned as the default domain for an IP address. (PPP-25499)
Kaspersky Anti-Virus virus database was not updated. (PPP-25701)
Mail from email addresses added to the black list was delivered instead of being deleted. (PPP-22878)

Plesk Onyx 17.0.15

16 August 2016

SRS support was added to Plesk.
DKIM support was added to Plesk.
Node.js support was added to Plesk.
The support for notifications about reaching cgroup limits was added to Plesk.
The ability to secure the Plesk mail server with an SSL/TLS certificate was added to Plesk.
The ability to manage basic Rake tasks was added to Plesk.
Certain extension data is now automatically included in server level backups for all Plesk extensions.
The ability to manage email notifications was added to the Plesk SDK.
The ability to enable and disable extensions was added to the Plesk SDK.
The ability to add promotional blurbs about extensions on the “Websites & Domains” screen was added to the Plesk SDK.
The support for the Catalan language was added to Plesk.
Phusion Passenger 5.0.30 is now supported.
The ability to generate a one-time URL for logging in was added to Plesk.
PHP 5.5 was updated to version 5.5.38.
PHP 5.6 was updated to version 5.6.24.
PHP 7.0 was updated to version 7.0.9.
Horde was updated to version 6.2.15.
Roundcube was updated to version 1.2.1.
The “Let’s Encrypt” extension is now included in the “typical” Plesk distribution.
The “Security Advisor” extension is now included in the “typical” Plesk distribution.
The “DrWeb” component was removed from the “typical” Plesk distribution.
The “Without DNS server” Plesk installation preset was removed.
The “WordPress Toolkit” component was added to the list of components available in Plesk Installer.
Deleting a customer account now results in all backups belonging to that account being deleted as well.
Plesk copyright information was moved to the “Tools&Settings” > “About Plesk” screen.
Plesk EULA was moved to the “Tools&Settings” > “About Plesk” screen.
Starting with Plesk Onyx, Plesk will no longer provide Virtuozzo for Windows templates.
The ability to integrate with the Customer and Business Manager was removed.
The “SSH terminal” feature was removed.
Web Presence Builder was rebranded in accordance with the Plesk brand.
Plesk backup performance was improved.
The ability to perform a direct upgrade to Plesk Onyx from Plesk 10.4 and earlier was removed.
The ability to restore backups created in Plesk 10.4 and earlier in Plesk Onyx was removed.
The ability to install Plesk on 32-bit OSes was removed.
Internet Explorer 10 and earlier are no longer supported.
In WordPress Toolkit, activating or updating multiple plugins or themes at once resulted in an error. (PPP-19320)
Plesk users could have been affected by the HTTPoxy vulnerability (CVE-2016-5385, CVE-2016-5386, CVE-2016-5387, CVE-2016-5388, CVE-2016-1000109, and CVE-2016-1000110). See KB article #129391 for more information. (PPP-24691, PPP-24825)
Customer passwords contained in Plesk backups created via a scheduled task and saved to the FTP repository were encrypted even if the “Use password protection” option was disabled. (PPP-24917)
OBAS failed to validate XML responses from Plesk nodes if ModSecurity was enabled and the “Atomic ModSecurity (subscription)” ruleset was in effect. (PPP-24743)
Trying to scan for WordPress installations stopped certain operations in Plesk from working properly. (PPP-24493)
Changing password for the system user of a suspended domain belonging to an active subscription made FTP and SSH access to the domain under that system user impossible. (PPP-21960)
Using WordPress Toolkit to update plugins installed on a WordPress installation resulted in an error if the plugin was not installed on all WordPress installations. (PPP-22657)

Linux

The “perl-apache-asp” component is no longer supported.
Plesk could not be installed on Debian 8 servers if the “Ruby support” component was selected for installation. (PPP-24954)
The SPF record included in the default Plesk DNS template contained a syntax error. (PPP-24787)
The ‘access_log.processed’ file located in the home directory of Plesk domains was not rotated. (PPP-24723)
Proxmox LXC was not detected as a VM environment. (PPP-25201)
The default PHP “open_basedir” value was missing from the configuration files. (PPP-24914)
Under specific conditions, the list of server components could become empty. (PPP-25135)
Trying to create a customer belonging to a reseller in Plesk resulted in the “The plan was not applied: Hosting performance settings management” error. (PPP-24525)

Windows

Microsoft SQL Server 2016 is now supported.
Microsoft SQL Server 2012 SP3 is now included in the Plesk for Windows distribution.
Web Deploy 3.6 is now included in the Plesk for Windows distribution.
BIND was updated to version 9.10.4-P2.
MySQL ODBC connector was updated to version 5.3.
MySQL used for the Plesk database was updated to version 5.5.50.
MySQL used for customer databases was updated to version 5.6.32.
Tomcat was updated to version 7.0.70.
Tomcat connector was updated to version 1.2.41.
ModSecurity was updated to version 2.9.1.
ModSecurity ruleset files were updated to version 2.2.9-30-g520a94b.
phpMyAdmin was updated to version 4.6.3.
AWStats was updated to version 7.5.
Web statistics calculation could fail if the log files contained lines longer than 4096 symbols. (PPP-24688)
Maximum bandwidth in service plan settings could not exceed 31 MB/s. (PPP-24276)
Vhost location could not be changed for domains whose IIS configuration files contained duplicate entries in the section. (PPP-25102)
Mobile Preview failed to display websites created in Web Presence Builder. (PPP-18938)

Plesk Onyx 17.0.14

19 July 2016

Users now can switch on SEO-safe redirect from HTTP to HTTPS for their websites in Plesk.
The “DNSSEC Support” Plesk extension was published.
The support for automatic DNSSEC key rollover was added to Plesk.
Error messages about failed DNSSEC key rollover attempts are written to the Plesk log.
Notifications informing users of manual actions that need to be taken are displayed in the Plesk interface.
The ability to secure webmail with an SSL/TLS certificate was added to Plesk.
PHP 5.5 was updated to version 5.5.37.
PHP 5.6 was updated to version 5.6.23.
PHP 7.0 was updated to version 7.0.8.
Upgrading from Plesk version 10.4.4 and earlier to Plesk Onyx is no longer supported.
The Docker service is now being monitored by Watchdog.
The default “document root” value could not be changed for websites hosted in Plesk. (PPP-24236)
Users could not change backup settings if their subscription did not include the permission to back up to the server storage. (PPP-19991)

Linux

The “Ruby Support” Plesk extension was published.
Plesk admins now can manage Ruby settings for hosted domains via CLI and XML-RPC.
The permissions enabling Plesk admins and resellers to manage Ruby availability were added to service plans and subscriptions.
Users can now manage Ruby settings for hosted domains in Plesk.
A message explaining how to log in to Plesk is displayed when logging in to a server with Plesk installed via SSH.
On CentOS 7, Debian 8, and Ubuntu 16 servers, the “Resource Controller” component can now be installed via Plesk Installer.
The ability to manage Cgroups limits for subscriptions was added to Plesk.
The ‘delv’ utility is now shipped with Plesk.
Files could not be attached to auto-reply messages for mail accounts if the name of the parent domain contained Cyrillic letters. (PPP-23938)

Windows

Microsoft SQL Server 2016 is now supported.
The support for remote SmarterMail servers was added to Plesk.
The data about Plesk extensions’ limits and permissions can now be included in Plesk backups.
MailEnable was updated to version 9.15.
Entries from the ModSecurity log were not displayed in Plesk Log Browser. (PPP-24277)
Passwords of mail users blocked due to the MailEnable security policy could not be changed in Plesk. (PPP-23645)
After upgrading from Plesk 11.0 or earlier to Plesk 12.5, if Microsoft DNS Server was used, users could no longer manage DNS settings. (PPP-24014)

Plesk Onyx 17.0.13

20 June 2016

The “Ruby support” Plesk extension was published.
The ability to scan for Ruby applications was added to the “Ruby support” Plesk extension.
The ability to configure proxying of domain requests to docker containers was added to Plesk.
Git extension data is now included in Plesk backups.
The ability to retrieve Plesk server’s OS name, version, architecture, as well as the type of virtualization being used (if any) was added to the Plesk SDK.
The support for “DS” type DNS records was added to Plesk.
Managing Git repositories for addon domains via the Git extension in Plesk could result in the “Error: Unable to find the repository with ID = 1” error. (PPP-23127)
A duplicated notification was displayed in Plesk when running a Docker image from the catalog via the Docker extension. (PPP-23150)
Trying to unset a public IP address via the Plesk XML API operator produced no effect. (PPP-23522)
The procedure for editing files using the Plesk built-in code editor was too complicated. (PPP-23401)
The subscription owner could not be changed if the password for a database user belonging to the subscription could not be decrypted. (PPP-23317)
An unhandled error was displayed during Plesk installation if the host ‘getcomposer.org’ could not be resolved. (PPP-23388)
When ‘quick installing’ certain applications in Plesk, the custom database prefix was not validated, which led to installation failures if the prefix started with a digit. (PPP-23257)

Linux

The support for nginx ALPN was added to Plesk.
The ability to run websites on nginx only (no Apache) was added to Plesk.
nginx was updated to version 1.11.1 (CVE-2016-4450)
After PHP was upgraded via Plesk Installer, the permissions and ownership information for the /var/lib/php/session directory were reset. (PPP-23093)
On Centos 7 x64 servers, running Plesk Installer resulted in all *.log files in the /tmp directory being removed. (PPP-23220)
On Centos 7 x64 servers, using the Site Preview feature resulted in a 403 error. (PPP-23087)
The “Refresh” button was missing from the Tools & Settings > Services Management screen in the Plesk interface. (PPP-23344)

Windows

ASP.NET Core 1.0 is now supported.
The support for remote SmarterMail servers was added to Plesk.
Fresh Plesk installations without either Microsoft DNS Server or BIND DNS Server installed could not be initialized. (PPP-23556)
After changing the IPv4 IP address for a subscription, the IP address change was not applied to additional FTP accounts created in Plesk. (PPP-22586)

Plesk Onyx 17.0.12

24 May 2016

If you used Plesk tools for working with Git (such as the Gitman extension), then upon upgrading to Plesk Onyx your existing repositories are automatically added to Git Manager, the new Plesk extension. This is true when you upgrade from older Plesk versions, for example, 12.5, and not true when you update to a newer Plesk Onyx preview version.
The Git Manager extension now allows you to create a repository without deploying its files.
The capability to view the log of commits was added to the Git Manager extension.
The Docker Manager extension now allows you to add multiple remote Docker nodes to Plesk and switch among them.
Action Log API was added to the Plesk SDK.
The ability to add custom web server configuration and run web server reconfiguration was added to the Plesk SDK.
The support for Hebrew language was added to Plesk.
The stability of backing up data to FTP was increased.
Obsolete options and functionality were removed from Plesk Installer.
It was impossible to login to Plesk if the license had expired and the Google Auth extension was switched on in Plesk. (PPP-22897)
The shell preferences of the system user were ignored on Git additional deploy actions. (PPP-22556)
The title of the web server’s default page in the browser was incorrect. (PPP-22785)

Linux

phpMyAdmin 4.6.0 is now supported.
It was impossible to install Docker on RHEL 7 (64-bit). (PPP-22053)
phpMyAdmin 4.6 caused the error “Class ‘PMA_Util’ not found”. (PPP-22515)
HTTP/2 was not enabled on clean Plesk installation. (PPP-22208)
Ruby component was not found in Plesk for Ubuntu-12.04 (PPP-22689)
On CentOS 6, SSH authorization failed under some conditions. (PPP-22364)
Websites created in WordPress were displayed incorrectly in the quick preview mode. (PPP-22719)
On some operating systems, Plesk’s full installation did not include Ruby interpreter and rbenv components. (PPP-22751)

Windows

The support for SmarterMail 15 was added to Plesk.
After the user disabled ASP.NET support on a subscription, the applicationHost.config file size increased due to unnecessary elements in the section. (PPP-22303)
It was possible to change the FTPS usage policy on a per IP basis, despite the fact that FTPS was enforced in Security Policy settings. (PPP-22452)
In PHP settings, by default the value of post_max_size was smaller than that of upload_max_filesize. (PPP-22435)
In some cases, the installation of the Let’s Encrypt extension failed with the error “The executable python.exe could not be run”. (PPP-22098)

Plesk Onyx 17.0.11

19 April 2016

The support for HTTP/2 was added to Plesk.
The ability to use Active List components was added to the Plesk SDK.
The ability to embed 3rd-party PHP libraries using Composer was added to the Plesk SDK.
The ability to use custom PHP namespaces was added to the Plesk SDK.
The ability to execute long tasks and display their progress in the Plesk GUI was added to the Plesk SDK.
The ability to use the Plesk GUI navigation tools was added to the Plesk SDK.
The ability to add custom content to Plesk forms was added to the Plesk SDK.
The “Docker Manager” Plesk extension was published. The extension is available here.
The “Git Manager” Plesk extension was published. The extension is available here.
The custom buttons functionality of the Plesk SDK was improved.
The stability of the Plesk backup process when backing up to FTP was improved.
Operations in the File Manager could result in an error if the Plesk interface was open in two or more browser tabs. (PPP-21812)
Users could not log in to WordPress using the “admin” user credentials, even if administrative access was granted to the user during installation. (PPP-22068)
Tab titles in WordPress Toolkit were not translated in the Korean locale. (PPP-21902)
The ability to suspend a domain via the Plesk API was missing, and the status of suspended domains was returned incorrectly when queried via an API call. (PPP-21948)
Users could not set specific limits when using the Plesk SDK. (PPP-22093)
An incorrect event was being generated when a subdomain was created via the Plesk API. (PPP-22160)

Linux

The ability to register services was added to the Plesk SDK.
Enabling the SPF spam protection on the server resulted in unclear delivery failure notifications when mail was rejected. (PPP-19877)
Enabling the greylisting spam protection on the server resulted in all mail from Office365 being deferred. (PPP-22018)
phpMyAdmin configuration storage could not be configured for remote MySQL servers. (PPP-21824)

Windows

The ability to execute binary tools with elevated privileges was added to the Plesk SDK.
The support for wildcard subdomains was added to Plesk (this feature is only available on Windows Server 2016 or later).
On Windows 2012 x64 servers, the creation of multi-volume backups failed if the customer data included one or more files of the size greater than the specified volume size. (PPP-21911)
Users could not create or upload Microsoft SQL Server dumps if the passwords of one or more database users contained the “;” symbol. (PPP-22161)
Users could not manage error documents for virtual directories whose physical path was mapped to the document root. (PPP-21343)
Plesk upgrade attempts failed if the Plesk Installer could not find the .msi file for one or more currently installed packages. (PPP-18418)
After removing and re-installing Horde via the Plesk interface, the Horde application pool was not re-created. (PPP-21036)

Plesk Onyx 17.0.10

25 March 2016

CGI support, Perl support, and Python support are disabled in all Plesk service plans by default.
A connection string for Docker is now added to the psa.conf file allowing Plesk to communicate with the Docker service.
It is possible to use Docker installed on a remote machine (learn more).
Git management permission can be set in service plans (learn more).
Additional deployment actions can be used in Git (learn more).
Administrator can start, stop, or restart Docker from the Services Management page (learn more).
A number of improvements for managing Docker images and containers have been introduced (learn more).
Administrator can perform a number of new operations on a Docker container, in particular, recreate, commit, download snapshot, or remove a container (learn more).
Auto-reply messages were not sent when SpamAssassin detected spam messages. (PPP-20562)
XML API request for generating self-signed SSL certificate with wildcard resulted with an error. (PPP-20781)
After saving a DNS record of the SRV type its value was displayed incorrectly. (PPP-21078)
A server backup could not be restored if additional services were configured for service plans. (PPP-20711)
Creation of a reseller’s subscription failed if an administrator added PHP directives to the reseller’s service plan. (PPP-20205)
An invalid response was received for an XML API request getting aliases of a non-existing domain. (PPP-21209)
A response for an XML API request getting information about webspaces contained no information about webspaces of reseller’s customers. (PPP-19986)
In a response for an XML API request getting information about webspaces, the real_size node did not include size of additional domains. (PPP-21329)
In case of many custom directories in the /var/lib/psa/dumps directory, the consuming disk space in /usr/local/psa/PMM/logs was growing every day after runnung the daily maintenance script. (PPP-19833)
In some cases the default Plesk page could not be opened. (PPP-17514)
Service plan without hosting could not be created via XML API. (PPP-21334)
If RSS feed was enabled in Plesk without specifying URL, Plesk pages in Power User view could not be opened. (PPP-21267)
In some cases backup was blocked due to incorrect free disk space calculation. (PPP-21344, PPP-20730)
In some cases subdomain name validation failed because the name of the subdomain was overlapped by DNS zone of the domain. (PPP-21071)
Database user password could not be changed if a remote MySQL 5.7 database server was used. (PPP-20792)
A subdomain could not be created if a DNS template contained two records with the same host and record type. (PPP-21332)
When Postfix mail server was used, emails could not be forwarded from dedicated IP. (PPP-21360)
It was impossible to install new license after Plesk had removed a terminated license key. (PPP-20837)
If full server backup completed with warning, the Backup Manager screen displayed two items. (PPP-18070)

Linux

CentOS 5, Red Hat Enterprise Linux 5, and CloudLinux 5 are no longer supported.
nginx was updated to version 1.9.12.
The list of patterns for black/white list mail addresses could not be retrieved via the grey_listing command line utility. (PPP-21006)
Dr.Web keys were not updated during the daily maintenance task run. (PPP-20585)
Wrong PHP version was displayed for a web page if PHP was run as FPM application served by nginx. (PPP-20336)
Synchronizing DNS zones information using the “plesk repair –dns” command failed when the /var/named/chroot/etc/named.conf file was absent. (PPP-20965)
On CentOS 7x64 Watchdog reported that Apache 2.4 was out of date. (PPP-17755)
MySQL database dump could not be imported if a database contained a trigger. (PPP-20972)
The dist-upgrade from Debian 7 x64 to Debian 8 failed. (PPP-19430)
When a subscription was backed up on Plesk with nginx and then restored to Plesk without nginx, the restoration failed. (PPP-21090)
Using short mail account names became unavailable after upgrade from Plesk 12.0 to Plesk 12.5. (PPP-20913)
In some cases, the ‘Internal error: Permission denied’ error occured after Plesk cloning in Virtual Environment. (PPP-18646)
When Apache graceful restart was enabled in Plesk, a domain could not be reconfigured. (PPP-19527)
Java Applications were available in Plesk Web Admin edition though it does not include Developer Pack. (PPP-21075)
Plesk configuration was broken if Atomic ModSecurity installation failed. (PPP-18732)
If MySQL was restarted during full server backup, the backup failed with multiple warnings. (PPP-20248)
Rewrite rules from the .htaccess file do not work when PHP support is enabled with PHP-FPM handler. (PPP-19965)
The psa-firewall service failed to load after server restart.(PPP-20899)
If Plesk was installed on Amazon AWS or any other VM behind NAT with set public IP, FTP connection did not work. (PPP-17545)
A backup could not be restored if a custom password was specified in the backup security settings. (PPP-21372)
Extracting files from an archive via File Manager did not replace already existing files. (PPP-21450)
Plesk mail user could not switch on mail forwarding. (PPP-21481)
In some cases Plesk Migrator did not work because it failed to connect to the source server via SSH. (PPP-18722)
A backup created by the pleskbackup utility with the –backup-password option could not be decrypted. (PPP-21484)
When trying to update WordPress, the /httpdocs directory was removed with all the data. (PPP-20510)
Free memory check before Plesk upgrade worked incorrectly. (PPP-17281)
IP address of the domain hosting was changed to outgoing mail IP address after server restoration from a backup. (PPP-20738)

Windows

Shared SSL is no longer supported.
Microsoft ASP.NET 1.1 version is no longer supported.
Backup download is now performed without using temporary files.
SmarterMail versions 6.x, 7.x, 8.x, 9.x are no longer supported.
If a backup to FTP is performed with an error, all temporary files are removed.
Mailbox quota could not be updated via XML API for a domain using MailEnable mail server. (PPP-21161)
Installation of WordPress failed on a disabled web site or subscription. (PPP-20840)
Updating administrator’s email failed with an error. (PPP-21261)
If and APS package with colon in name was uploaded to the server, the server backup was marked as invalid and could not be restored. (PPP-21145)
The value of the max_input_time parameter in PHP settings could not be customized and was always equal to the value from the server’s php.ini file. (PPP-20214)
WordPress could not be installed for the domain with PHP version 5.3 under a subscription with PHP version 5.2.17.(PPP-19624)
If SmarterMail was used as a mail server, the mailing list could not be created. (PPP-20204)
Free disk space on destination location was not verified before changing virtual hosts directory. (PPP-21111)

Plesk Onyx 17.0.9

24 February 2016

Users now can create event handlers triggering on customers changing their locale in Plesk.
Users now can install Ruby and a number of gems from the Plesk interface. Multiple Ruby versions are supported.
Users can now deploy websites by pulling the content from a remote Git repository from the Plesk interface.
The Docker service has been added to the list of services monitored by Watchdog.
A number of improvements for the Git support feature have been introduced.
Resellers could see sessions of customers owned by the administrator and other resellers in the “Active Plesk Sessions” menu. (PPP-20829)
Using the plesk bin locales utility resulted in erroneous output. (PPP-20378)
Incorrect event handlers input parameters were being passed when service plans were created or edited. (PPP-20064)
Resellers could not resume subscriptions they manually suspended. (PPP-19494)

Linux

Some non-allowed instance types for Plesk 12.5 on Ubuntu 14.04 x64 AWS images were listed as allowed. (PPP-17479)
The default WordPress Fail2ban jail could be circumvented by adding certain symbols to the request URL. (PPP-20758)
On CentOS 7 x64 servers, trying to reinstall Plesk updates after switching MariaDB to Percona 5.6 resulted in an error. (PPP-20801)
Certain Plesk operations could fail if the maximum number of open file descriptors for the psaadm users was too low. (PPP-20798)
Custom SpamAssassin options configured in the /etc/default/spamassassin file were ignored. (PPP-20827)
On CentOS 7 x64 servers, changing the document root directory for a subdomain resulted in the creation of a /var directory under domain root. (PPP-20500)
Users could delete and edit tasks scheduled under the root user even if the root.crontab.lock file was created. (PPP-20625)
If the “FPM served by nginx” PHP habdler was set as the default in a service plan, syncing subscriptions with that plan resulted in the PHP handler being changed to “FPM served by nginx” even if the subscription settings allowed selecting the PHP handler. (PPP-20589)
Sending API requests to Plesk resulted in the timestamp of the psa.conf file being changed. (PPP-20201)
Applying firewall rule changes resulted in the temporary rules added by Fail2ban being dropped. (PPP-20258)
On CloudLinux 7 x64 servers, browsing Tools & Settings > Server Management > Server Information resulted in an error if cagefs was enabled. (PPP-18287)
Trying to start the SpamAssassun service resulted in an error if IPv6 support was disabled on the server. (PPP-18292)
Trying to restart the Fail2ban service resulted in it hanging if the number of domains on the server was large. (PPP-19355)
On CentOS 7 x64 servers, the MariaDB 10.0 service was not automatically started by Watchdog if it crashed or was stopped. (PPP-17853)
The psa-horde.log file was getting truncated with every failed login attempt. (PPP-19878)
Under specific circumstances, Fail2ban could block the Plesk server IP resulting in a 502 error. (PPP-17542)
On Ubuntu 14.04 x64 servers with Plesk deployed from the Amazon Web Services image, the socket for the MySQL service was not created after server restart. (PPP-17436)

Windows

ionCube version was updated to 5.0.21.
Trying to upload a file greater than 2 GB in size resulted in a misleading progress indicator. (PPP-19317)
Scheduled tasks were not included in subscription backups. (PPP-20293)

Plesk Onyx 17.0.7

1 February 2016

Users can view arbitrary logs in the Log Browser.
Plesk allows management of Git repositories and automated deployment of web sites from such repositories to a target public directory.
MySQL database users now have permissions to create a procedure.
The “Change Hosting Settings” screen for a subscription was eliminated as its features are available on other screens.
It was not possible to use relative URL as a redirect in the automatic login form. (PPP-20198)
The information about outgoing email messages limits was returned in an XML API response for getting a service plan, even if these limits were switched off. (PPP-20055)
If an additional administrator’s profile was updated via XML API or via the user interface, the “Allow multiple sessions under this account” setting became switched on even if it has been switched off before. (PPP-20022, PPP-20016)
A DNS record of the SRV type with a combined protocol could not be added. (PPP-19980)
If the interface language was changed in an additional administrator’s profile, this change did not work after re-login of the additional administrator. (PPP-19973)
An XML API response for getting DNS records returned all text DNS records in lowercase, which was an issue in case of case-sensitive records. (PPP-19907)
Plesk generated wrong login of a WordPress administrator after WordPress installation so that the administrator could not neither login to WordPress from Plesk nor change the password. (PPP-19579)
If a self-signed SSL certificate was created for a subscription, the subscription became locked. (PPP-19546)
The tabs of the “Mail Server Settings” screen were not available on a mobile device or in a browser window of a small size. (PPP-19504)
A multivolume backup created in an FTP storage and downloaded from it could not be uploaded again via the Plesk interface. (PPP-18381)

Linux

An XML API response for getting a service plan with additional Apache or nginx directives was invalid. (PPP-19998)
A running nginx web server failed to re-start if it was uninstalled and then installed again. (PPP-19462)
A password for web statistics of an additional domain or a subdomain was not changed after a password for the subscription FTP account was changed. (PPP-19529)

Windows

The “Idle timeout action” parameter in the “Dedicated IIS application pool” settings of a subscription was not updated after changing the service plan. (PPP-19724)
If a server backup was downloaded with a password, and then restored without password, the restore was too slow. (PPP-19935)
If a server backup was downloaded with a plain password, and then restored on another server without password, the password for a mailbox user was regenerated, so that the user could not access the mailbox with an old password. (PPP-19880)
WordPress management in Plesk worked incorrectly if the extension.dir parameter in the php.ini file contained a path ended with a slash. (PPP-19673)
After restore of an incremental backup of a subscription with an additional domain, the custom mail directories of the additional domain’s mailboxes were not restored. (PPP-19340)
If an Microsoft SQL Server database dump was created in Microsoft SQL Server Management Studio with multiple restore points and then imported to Plesk, only the data related to the first restore point was restored. (PPP-19133)

Plesk Onyx 17.0.6

28 December 2015

The names of files mentioned in the Message part of logs monitored in the Log Browser are now highlighted and clickable, and the corresponding files can be opened from the Log Browser interface.
Incremental backup for mail content is now supported.
Miva e-commerce applications are no longer supported.
Actual Plesk server IP address was displayed in the System Overview block in Power User view instead of the public IP address. (PPP-19442)
Trying to view Plesk video tutorials from the Plesk interface resulted in a malformed page if Flash was not enabled on the user’s computer. (PPP-19334)
Sending an XML API request using the operator specifying multiple WordPress instances at once resulted in receiving a confusing response packet. (PPP-19071)

Linux

Docker CLI and daemon are available as Plesk components on CentOS/Red Hat Enterprise Linux/CloudLinux 7, Debian 8, and Ubuntu 14.04 (x64 only). They can be installed via the Plesk Installer.
nginx was updated to version 1.9.9.
Git support was added in Plesk for Linux. The corresponding component can be installed via the Plesk Installer.
On Debian 7 x64 servers, distupgrade to Debian 8 failed if the server was previously distupgraded from Debian 6. (PPP-19384)
On CentOS 7 x64 servers with Dovecot and Postfix installed, enabling the Outgoing Antispam feature resulted in confusing error messages being written to the mail log. (PPP-19169)
Users could not update hosting settings via API-RPC if the mod_perl module was not installed. (PPP-19141)
On CentOS 6 x64 servers, Dovecot installed as a Plesk component could not be started if a different version of Dovecot was installed on the server prior to the Plesk installation. (PPP-18620)

Windows

Git support was added in Plesk for Windows. The corresponding component can be installed via the Plesk Installer.
Under very specific circumstances, MicrosoftSQL Server databases could not be restored from Plesk backups. (PPP-19342)
The Host parameter in the Connection Information menu was missing the backslash character. (PPP-19212)
Clicking the “Learn about secure hosting setting” in the Plesk interface resulted in the Advanced Administration Guide for Linux being opened. (PPP-18504)
Upgrade from Plesk 12.0 to Plesk 12.5 hung if there was an unresponsive process on the server at the time the upgrade was performed. (PPP-18423)

Plesk Documentation and Help Portal

Change Log for Plesk Onyx

Learn how to install Plesk updates

Legend:

Recent Updates:

Plesk Onyx 17.0.17

Plesk Onyx 17.5.3

Plesk Onyx 17.8.11

New Relic 1.3.2

VirusTotal Website Check 1.4.2

Diskspace Usage Viewer 2.0.10

SEO Toolkit 1.1.20

Support SSH Access 1.0.9

Support SSH Access 1.0.8

Google PageSpeed Insights 2.1.14

Google Workspace 1.1.4

Support SSH Access 1.0.7

SEO Toolkit 1.1.18

Google PageSpeed Insights 2.1.13

Plesk Migrator 2.24.1

Site Import 1.6.9

Site Import 1.6.8

Site Import 1.6.7

Panel.ini Editor 3.2.7

Google PageSpeed Insights 2.1.2

Site Import 1.6.6

Google PageSpeed Insights 2.1.11

Plesk Email Security 1.3.9

Site Import 1.6.5

Grafana 1.3.7

Site Import 1.6.4

Dropbox Backup 4.2.3

Plesk Migrator 2.24.0

Dropbox Backup 4.2.2

Extensions Catalog 1.16.3

Site Import 1.6.3

Plesk Email Security 1.3.6

Scheduled Backups List 1.0.1

Extensions Catalog 1.15.6

Site Import 1.6.2

Plesk Onyx 17.5, 17.8 mod_proxy update

Linux

Plesk Migrator 2.23.1

Plesk Email Security 1.3.5

Google PageSpeed Insights 2.1.9

Google PageSpeed Insights 2.1.10

Amazon Route 53 2.8.2

Social Login 1.5.3

Panel.ini Editor 3.2.6

Plesk Migrator 2.23.0

Amazon S3 Backup 1.4.4

Plesk Email Security 1.3.4

Linux

LDAP Auth 2.1.3

Plesk Migrator 2.22.4

Plesk Migrator 2.22.3

Plesk Migrator 2.22.2

Site Import 1.6.1

Plesk Migrator 2.22.1

Site Import 1.6.0

Linux

Plesk Migrator 2.22.0

Linux

Extensions Catalog 1.16.0

Plesk Migrator 2.21.8

Social Login 1.5.2

Plesk Email Security 1.3.3

Linux

Extensions Catalog 1.15.5

Site Import 1.5.7

Plesk Migrator 2.21.7

Google PageSpeed Insights 2.1.7

Plesk Email Security 1.3.2

Linux

Plesk Email Security 1.3.1

Linux

Site Import 1.5.6

Nextcloud 1.6.2

Linux

Plesk Migrator 2.21.5