Hello.
We’ve just released Advisor 1.4:
Advisor - Plesk Extensions
Changelog:
1.4.0 (24 October 2018)
- [+] Added the recommendation to use up-to-date WordPress and WordPress plugins.
- [+] Added the recommendation to use the Google PageSpeed Insights Pro extension.
- [+] Added the recommendation to use the Speed Kit extension.
- [+] Added the recommendation to use the Revisium Antivirus extension.
- Renamed Symantec to DigiCert.
- On Debian 9 and Ubuntu 18, Advisor recommends using the OWASP ModSecurity rule set.
- [-] The recommendation "Secure WordPress Websites" is no longer placed lower if WordPress Toolkit is not installed. (EXTADVISOR-540)
- [-] Scrolling the "Apply Multiple Recommendations" window no longer changes which checkboxes were selected. (EXTADVISOR-539)
- [-] Applying the recommendation "Secure Websites With SSL/TLS Certificates" no longer adds PHP notices to the Plesk log. (EXTADVISOR-538)
- [-] The Advisor icon is no longer shown for no-hosting domains. (EXTADVISOR-520)
- [-] Applying the recommendation "Configure Scheduled Backups" now activates backups scheduling with configured backup rotation. (EXTADVISOR-512)
- [-] Blacklisted recommendations will no longer be applied when applying recommendations via CLI. (EXTADVISOR-424)
- [-] On Linux servers, the recommendations "Enable HTTP/2" and "Secure Websites With SSL/TLS Certificates" can now be applied at once. (EXTADVISOR-440)
@Ruslan Kosolapov
To be honest, the current (and previous) version of Plesk Advisor is not really sufficient due to a very odd algoritm to calculate the server rating.
The following will illustrate something that is actually not a bug, but a matter of choice during development and/or a matter of opinion.
Consider a setting
[ext-advisor]
blacklist = SymantecSsl,SpeedKit
in /opt/psa/admin/conf/panel.ini and a server rating of 3236 (out of 4000), with PageSpeed extension not installed (and this is noted correctly by the Advisor extension).
Now change before mentioned setting to
[ext-advisor]
blacklist = SymantecSsl,SpeedKit,
PageSpeed
and you will suddenly get a server rating of 3386 (out of 4000).
The increase in the server rating
exactly equals the number of points assigned by the Advisor extension to the PageSpeed extension (i.e. 150 points).
In conclusion,
all of the above applies that server ratings increase by excluding extensions from detection by Advisor extension.
In my humble opinion, this is NOT an indication of a good method to identify the degree to which a server is configured properly.
I would really
recommend to take another approach, amongst others
- allowing Plesk users to blacklist specific extensions from detection by Advisor extension: most of those (paid-for) extensions are not really adding value,
- creating a server rating that is more adequate: server ratings should NOT increase when extensions are blacklisted for the Advisor extension,
- creating a server rating that is more flexible: the maximum score (i.e. 4000 currently) should be flexible and reflecting that specific extensions or settings are blacklisted,
and so on.
Hope the above provides you with some valuable feedback.
Kind regards..........