• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

Forwarded to devs allow_insecure_sites=false locked SSL options in customer level

nethubonline

nethubonline

Regular Pleskian
User name: nethubonline

TITLE

allow_insecure_sites=false locked SSL options in customer level

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk Obsidian Version 18.0.28 Update #2

PROBLEM DESCRIPTION

Service plan with "-manage_phosting true -allow_insecure_sites false" locks the SSL options in customer level, customer cannot disable the SSL by themselves. I found this problem did not exist in Plesk 17.8 .

STEPS TO REPRODUCE

plesk bin service_plan -c "Plan_A" -manage_phosting true -allow_insecure_sites false
plesk bin customer --create test-a.com -name test-a.com -passwd "abc1234@XYZ"
plesk bin subscription --create test-a.com -owner test-a.com -service-plan "Plan_A" -login test-a -passwd "abc1234@XYZ" -ip 1.2.3.4

plesk bin service_plan -c "Plan_B" -manage_phosting true -allow_insecure_sites true
plesk bin customer --create test-b.com -name test-b.com -passwd "abc1234@XYZ"
plesk bin subscription --create test-b.com -owner test-b.com -service-plan "Plan_B" -login test-b -passwd "abc1234@XYZ" -ip 1.2.3.4
Click to expand...

ACTUAL RESULT

Login as customer "test-a.com" > Hosting Settings > SSL/TLS support & SEO redirect are locked

test-a.jpg



Login as customer "test-b.com" > Hosting Settings > SSL/TLS support & SEO redirect are NOT locked

test-b.jpg

EXPECTED RESULT

SSL/TLS support and SEO redirect are not locked


test-b.jpg



ANY ADDITIONAL INFORMATION

According to Plesk doc, allow_insecure_sites is for web hosting scripting, which should not affects SSL.

"Allows or prohibits overriding server-wide security policy on web hosting scripting options, if the policy is set up."
service_plan: Hosting Plans

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
Last edited:
Thank you for the report. The issue was confirmed and submitted as PPPM-12160
 
You must log in or register to reply here.

Similar threads

M
Issue Bug with 'WP Toolkit Smart PHP Update' permissions
Replies
0
Views
616
Mark_NLD
M
S
Resolved Migration Tool failed: Error during xxxx.xxx createZone: dnsmng failed:
Replies
4
Views
1K
sven01
S
nethubonline
Issue allow_insecure_sites=false locked SSL options in customer level
Replies
2
Views
888
nethubonline
nethubonline
burnley
Forwarded to devs It is possible to create mail box without triggering 'Create Mailname' event handler
Replies
4
Views
15K
Peter Debik
P
H
Question Add customer via Rest API
Replies
0
Views
906
hamza-24
H
Back
Top