Search results

When Plesk sends a notification about a “critical security update”, the only information we receive is the short message shown on the changelog. There is no CVE, no affected component, and no severity score. Looking at the inf3 files in the autoinstall directory, it’s difficult to determine...

Problem When configuring a Node.js application in Plesk, users can set Document Root and Application Root to the same path. This creates a serious security vulnerability where server-side code (app.js, config files, database credentials, API keys) becomes directly accessible via HTTP. Example...

Username: TITLE Missing HTTP_HOST Causes Incorrect URL Generation in WP Toolkit PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE Plesk Obsidian 18.0.64 Update #1 AlmaLinux 8.10 WP Toolkit version 6.5.4-8879 PROBLEM DESCRIPTION When using WP Toolkit in Plesk and switching the PHP handler to...

I’ve noticed that this page, along with many others that start with 'https://www.plesk.com/kb/support,' has a 'Read full article' button that leads to a 'You're not authorized to access this page' message. Could this be looked into as it affects accessing important information, even if you...

Hi all, I’ve submitted a new UserVoice request that could make it easier for Plesk server admins to help clients with their WordPress sites. The idea is to allow server admins to create a temporary admin account in the WordPress Toolkit, enabling you to log in to a client’s WordPress site...

Plesk has released numerous extensions over the years, yet the current Plesk Forum only includes a single section for all "Plesk Extensions." This can make it difficult to find and organize discussions specific to individual extensions. To improve user experience, I propose creating a separate...

Recently, Plesk added a vulnerability status feature to the WordPress Toolkit, which is a great step forward. However, both the vulnerability status and the protection status are currently accessed through the same link, making it harder to quickly find the protection details. It would benefit...

Many Plesk users are still running outdated operating systems and unsupported versions of MySQL/MariaDB. This often leads to issues such as non-functional repositories, failed updates, or even database errors. Plesk only supports LTS versions of MySQL/MariaDB, but this isn’t always immediately...

Hi, I just read about the cPanel option to convert the Roundcube database to separate SQLite databases per subscription: https://docs.cpanel.net/knowledge-base/webmail/how-to-convert-roundcube-to-sqlite/ Since cPanel is also a Webpro brand, is this also planned for Plesk? It would make...

Each time someone requests a feature that isn’t yet implemented in Plesk, we’re advised to create a UserVoice request. While I understand that this is a way to gather user input, the UserVoice page itself feels somewhat unengaging. With over 2,000 open requests, it’s hard to feel confident that...

Some customers don't like the ongoing WordPress update notifications in Plesk. How can they stop notifications? All I see is the option to turn off the notifications for all customers.

Username: TITLE Issue with Connection Info slider preventing saving of system user credentials PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE Plesk Obsidian 18.0.58 Update #2 AlmaLinux 8.9 PROBLEM DESCRIPTION When attempting to change the subscription owner's or FTP password within the...

Hi, There are a few typos in the changelog: - The date is in the future. - "contract" should be "contact" Sitejet Builder 1.0.6 2 October 2024 Selected values are now again displayed correctly in emails sent after a contract form is submitted.

Hi, I need to execute an Event Handler based on the last installed WordPress instance. The command looks like this: # plesk ext wp-toolkit --wp-cli -instance-id 64 -- <command> The Event Parameter list of the "WordPress installed" event doesn't have an instance-id: WordPress installed...

Username: TITLE Ubuntu ARM64: The antivirus settings tab of a mail address shows a list of antivirus extensions, of which one isn't available on ARM64. PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE Ubuntu 22.04.3 LTS ARM64 Plesk Obsidian Version 18.0.57 Update #4, PROBLEM DESCRIPTION...

Hi all, There is a security fix available for the latest Roundcube version 1.6.5 It's recommended that you install this update of Roundcube. It fixes a cross-site scripting (XSS) vulnerability in the setting of Content-Type/Content-Disposition for attachment preview/download. If your server...

They did it again: They created a big ugly banner to promote Plesk stuff in userspace. When will Plesk learn not to interfere with OUR customers? Yes, OUR customers! Keep your hands off our customers, Plesk! You should target us, not our customers. -- Maarten

I've noticed a growing number of posts about the "Plesk Exception Database" errors recently. It would help most users if the error screen showed more detailed information about what's happening on the server, like free memory, free disk space, CPU load, and any relevant details related to this...

The link below in the Plesk Obsidian 18.0.56 changelog is restricted. You can't open it: "You're not authorized to access this page" Can someone from the support team please fix this?

Yesterday, I tried the new Sitejet Builder extension. It feels like a great addition. It's easy to use and has lots of options. Kudos to the WebPro team for this extension! When I tested the contact forms, an error appeared in the error_log about allow_url_fopen: "AH01071: Got error ' PHP...