Recent content by Hangover2

In our case, yes—we upgraded some heavily loaded shared hosting servers, and no issues were detected afterward.

The issue can come from different sources on your server. For Debian, for example, consider increasing the following values to avoid hitting open file limits (web server / mail / PHP): /etc/security/limits.conf * hard nofile 1048576 * soft nofile 1048576 root...

@danami This could be a nice feature for your Plesk extension, Warden Antispam and Virus protection. We’re using it on all of our servers.

@Sebahat.hadzhi We used this plugin in the past; however, it has been incompatible with the latest Plesk releases for quite some time. We reached out to the author in 2022, but he no longer uses Plesk and does not plan to invest further effort into maintaining it.

Hello, Is there an easy way to disable the email forwarding feature in the Plesk GUI — ideally per subscription, while still allowing local forwarding? Has anyone done this before and can share a suitable solution? I don’t expect Plesk to implement such a change just on request. Background...

Thanks for the clarification. We do not use the APS Catalog on our Plesk servers, so we are not affected by this issue. This also highlights the underlying problem: Plesk customers need timely and sufficiently detailed security information to assess impact and meet compliance requirements. Due...

@Sebahat.hadzhi We now require the requested details without further delay. We no longer have the option to wait, as we are already in an active process with the BSI. Under NIS2, the incident reporting three-step scheme is triggered once you become aware of a significant security incident...

I have opened a report titled: Critical security issue fixed on 24–25 February 2026 (Plesk Obsidian 18.0.75 Update 1 / 18.0.76 Update 2) — request for vulnerability details This situation is no longer acceptable. We have already reported this to the BSI. We now require the requested details...

Username: TITLE Critical security issue fixed on 24–25 February 2026 (Plesk Obsidian 18.0.75 Update 1 / 18.0.76 Update 2) — request for vulnerability details for NIS2 compliance PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE Plesk Obsidian 18.0.75 Update 1 and Plesk Obsidian 18.0.76 Update...

Hi @Sebahat.hadzhi — following up: the current patch releases “Plesk Obsidian 18.0.75 Update 1” and “Plesk Obsidian 18.0.76 Update 2” address a critical security issue. Could you please share details as soon as possible (e.g., CVE ID, affected versions/components, impact, and recommended...

Maybe a small annotation: if you’re affected by both bugs (duplicated entries and unescaped entries), you need to run the script twice. The first run will generate the required SQL DELETE statements; the second run will generate the UPDATE statements. In short, run it repeatedly and execute the...

@Sebahat.hadzhi But this is my question: how do I re-run the upgrade? Please provide the command. The error log says: Run upgrade with option --repair to rerun failed steps. I cannot find any command in the Plesk documentation. Please help me sort this out.

@hschramm Thanks for the info. So far we only cleaned up servers with a single database host setup. However, we also have affected servers with a multi-host database setup, where we grant access rights for different database hosts per user.

@Sebahat.hadzhi I’m confused. This database command does not re-run the failed upgrade step (2025-11-05-09-56-08_FixGrantPrivileges.php). How can we trigger that upgrade step again after fixing the duplicated entries?

@Sebahat.hadzhi We’re seeing the same error message as the thread author during the update process, for example: ERROR: Upgrade step 2025-11-05-09-56-08_FixGrantPrivileges.php failed with code 1 and output: INFO: Executing upgrade task: 2025-11-05-09-56-08 [2026-02-15 04:18:29.511]...