Recent content by Hangover2

A 503 Service Unavailable response is how we currently handle this. At the moment, we are testing new ways to fight these attacks, and they are working quite well. We monitor the server load and the number of active PHP processes on every request. When the situation becomes critical, we start...

Hi everyone, I am currently fine-tuning SpamAssassin / Warden to improve spam filtering and wanted to ask which rule score changes or overrides have actually helped in your real-world setups. E.g. DCC_REPUT_*, PYZOR_CHECK, RAZOR2_*, HEADER_FROM_DIFFERENT_DOMAINS, LOTS_OF_MONEY, [...] For...

Then it would be better to open a dedicated bug report for this issue: Reports

31st of March 2026: How to perform dist-upgrade procedure on Linux server with Plesk?

I only recommend major OS or database upgrades when a system is nearing end of life. Hosting requires 3 things: stability, stability, stability and I would not upgrade a customer’s running production server to Debian 13 in 2026 without a compelling reason. Debian 12 is still supported, and...

In our case, yes—we upgraded some heavily loaded shared hosting servers, and no issues were detected afterward.

The issue can come from different sources on your server. For Debian, for example, consider increasing the following values to avoid hitting open file limits (web server / mail / PHP): /etc/security/limits.conf * hard nofile 1048576 * soft nofile 1048576 root...

@danami This could be a nice feature for your Plesk extension, Warden Antispam and Virus protection. We’re using it on all of our servers.

@Sebahat.hadzhi We used this plugin in the past; however, it has been incompatible with the latest Plesk releases for quite some time. We reached out to the author in 2022, but he no longer uses Plesk and does not plan to invest further effort into maintaining it.

Hello, Is there an easy way to disable the email forwarding feature in the Plesk GUI — ideally per subscription, while still allowing local forwarding? Has anyone done this before and can share a suitable solution? I don’t expect Plesk to implement such a change just on request. Background...

Thanks for the clarification. We do not use the APS Catalog on our Plesk servers, so we are not affected by this issue. This also highlights the underlying problem: Plesk customers need timely and sufficiently detailed security information to assess impact and meet compliance requirements. Due...

@Sebahat.hadzhi We now require the requested details without further delay. We no longer have the option to wait, as we are already in an active process with the BSI. Under NIS2, the incident reporting three-step scheme is triggered once you become aware of a significant security incident...

I have opened a report titled: Critical security issue fixed on 24–25 February 2026 (Plesk Obsidian 18.0.75 Update 1 / 18.0.76 Update 2) — request for vulnerability details This situation is no longer acceptable. We have already reported this to the BSI. We now require the requested details...

Username: TITLE Critical security issue fixed on 24–25 February 2026 (Plesk Obsidian 18.0.75 Update 1 / 18.0.76 Update 2) — request for vulnerability details for NIS2 compliance PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE Plesk Obsidian 18.0.75 Update 1 and Plesk Obsidian 18.0.76 Update...

Hi @Sebahat.hadzhi — following up: the current patch releases “Plesk Obsidian 18.0.75 Update 1” and “Plesk Obsidian 18.0.76 Update 2” address a critical security issue. Could you please share details as soon as possible (e.g., CVE ID, affected versions/components, impact, and recommended...