Question https://www.plesk.com/extensions/ seems to need a cleanup

[TomBoB]

Obsidian 18.0.24 - was looking for the Cloudflare server shield - listed in above website; but not listed in catalog in Plesk anymore.

While on above website, searched for "mobile" as the Plesk mobile center and its android and ios apps seem to be dead (= no longer maintained). Result of that search: Plesk mobile center, clef 1.4 & an even oder version of clef 1.3 ... which REALLY are long dead...

Main questions:
1) ServerShield by Cloudflare no longer avail on latest Obsidian? or glitch in catalog? or superseeded by somthing?
2) Plesk Mobile Center (and its apps) still supposed to be maintained?1

 

[custer]

Hi @TomBoB,

1) ServerShield by Cloudflare no longer avail on latest Obsidian? or glitch in catalog? or superseeded by somthing?

To further ensure a great quality of the overall Plesk extension experience, we had to make the Cloudflare ServerShield extension unavailable for all new Plesk installations on Friday last week (28th of February). If you do not have the CloudFlare extension installed on a server, you won’t be able to see it in the catalog and install it. If you already have it installed, you will be able to continue using the extension until you uninstall it. We’re currently talking to Cloudflare to find an appropriate solution as soon as possible.

 

[docb]

Hi,
as I really need that extentions (and unfortunately just bought a new server with fresh installed plesk), I have three questions:
1.) what where the problems with the extension
2.) is there any possibilty to install it manually (the Link from cloudflare.com is broken)
3.) do you have any idea, when the extention might be back oficially?
Thank you and all the best
Ben

 

[Janko1000]

We have the same Issue.....
How can i get the Addon?

 

[killmoon]

Hi @TomBoB,



To further ensure a great quality of the overall Plesk extension experience, we had to make the Cloudflare ServerShield extension unavailable for all new Plesk installations on Friday last week (28th of February). If you do not have the CloudFlare extension installed on a server, you won’t be able to see it in the catalog and install it. If you already have it installed, you will be able to continue using the extension until you uninstall it. We’re currently talking to Cloudflare to find an appropriate solution as soon as possible.

Hi @custer,


Same BIG problem here,
your response, now, is 4 month old.

We need the CloudFlare addon ASAP, or we risk to ruin our business, that, in part, is built also upon a Cloudflare Partnership (upselling plans, etc..).

CF have the same extension for CPanel and we have no problem with it. How in the world is this situation possible? Does Plesk really care about his customers or they are they just playing and want to start to lose clients?

If we can't get the addon in 20 days or something, I'll advice my company to remove Plesk completely from the "Control Panel choice" for our clients. Switching to a CPanel only solution. In this way Plesk will lose 78/79 bare metal server by next year, with relative licences plus addon licenses.

Hope your company will be wise.

Anyway... If someone has the "old" CF addon files (from CloudFlare itself or the latest version from Plesk), please, can you upload it somewhere and share a link for the community?
Thanks in adavnce.

 

[Michael Pratt]

This is clearly an issue between Plesk and Cloudflare... be nice to know who to blame for this.

 

[Janko1000]

Any Updates here ?

 

[sall10]

Would also need a solution for this issue

 

[RowWill]

Can we please get some sort of update on this, Plesk?

 

[Azurel]

I also stumbled upon it and found the following: Aus Sicherheitsgründen trennen wir uns von Cloudflare | blog.1awww.com
Sorry is in german, but chrome can translate it.

In summary, the article claims that the extension represents a security risk. Maybe this is the reason why both sides are silent?
I would also not want to admit that the extension which should give security, actually reduces it. If the article is correct.

 

[Lukas@Plesk]

hi all,

let me clarify a few things here - please consider that as an official statement from the Plesk side:

1. Yes - we are always improving the quality of the extensions in the catalog and sometimes remove services or update services on a regular base. But of course, we will not remove any existing installations unless there would be a security risk. But for sure never without (enough) notice in advance.
2. Regarding CloudFlare specifically:
   1. CloudFlare is not maintaining any of their integrations into 3rd parties anymore, including Plesk.
   2. The main reason why it has been removed from the Plesk Extension Catalog because it was maintained by CloudFlare itself, not by Plesk
   3. However, CloudFlare as service can *always* be used with Plesk - it works also without the Plesk based integration as in the end you are moving your DNS for a domain to CloudFlare, even free. Plesk was just making this process easier for multiple websites and provided some better/alternative pricing options.
3. Something about this article from 1awww that was provided in German has nothing to do with the Plesk integration into CloudFlare but is about CloudFlare itself. Only CloudFlare can give a final answer on this one but let me point out the following:
   1. Yes, there might be ways on how you could find out the IP behind the server if you are using CloudFlare, this was always the case
   2. Correct, the full feature set for "full security" and "full performance capability" is only available over the CloudFlare paid plans. They are a freemium service. Never expect that if something comes for free, it provides the full value proposition, but probably to be "good enough". They also have costs behind their infrastructure and need to finance that somehow by enough people buying their "Pro" plans
   3. There is never a 100% security - however, if you combine the default security of Plesk, optional with "premium security" through things like Imunfy360 or in combination with CloudFlare, you have much better security and higher chance to reach "100% secure" and "perfect global performance". But this does not mean that a hacker will find "some way some day" to enter your server. We can only make it much more difficult for hackers with all measures on all levels of security.
4. We are looking into both, a new integration with CloudFlare as well as alternative options currently and will have an update soon.

hope this helps and if you have any further questions, please connect to our support for more details.

thank you

Lukas

 

[Frank.P]

No news?

 

[Michael Pratt]

hi all,

let me clarify a few things here - please consider that as an official statement from the Plesk side:

1. Yes - we are always improving the quality of the extensions in the catalog and sometimes remove services or update services on a regular base. But of course, we will not remove any existing installations unless there would be a security risk. But for sure never without (enough) notice in advance.
2. Regarding CloudFlare specifically:
   1. CloudFlare is not maintaining any of their integrations into 3rd parties anymore, including Plesk.
   2. The main reason why it has been removed from the Plesk Extension Catalog because it was maintained by CloudFlare itself, not by Plesk
   3. However, CloudFlare as service can *always* be used with Plesk - it works also without the Plesk based integration as in the end you are moving your DNS for a domain to CloudFlare, even free. Plesk was just making this process easier for multiple websites and provided some better/alternative pricing options.
3. Something about this article from 1awww that was provided in German has nothing to do with the Plesk integration into CloudFlare but is about CloudFlare itself. Only CloudFlare can give a final answer on this one but let me point out the following:
   1. Yes, there might be ways on how you could find out the IP behind the server if you are using CloudFlare, this was always the case
   2. Correct, the full feature set for "full security" and "full performance capability" is only available over the CloudFlare paid plans. They are a freemium service. Never expect that if something comes for free, it provides the full value proposition, but probably to be "good enough". They also have costs behind their infrastructure and need to finance that somehow by enough people buying their "Pro" plans
   3. There is never a 100% security - however, if you combine the default security of Plesk, optional with "premium security" through things like Imunfy360 or in combination with CloudFlare, you have much better security and higher chance to reach "100% secure" and "perfect global performance". But this does not mean that a hacker will find "some way some day" to enter your server. We can only make it much more difficult for hackers with all measures on all levels of security.
4. We are looking into both, a new integration with CloudFlare as well as alternative options currently and will have an update soon.

hope this helps and if you have any further questions, please connect to our support for more details.

thank you

Lukas

Thanks Lucas,

Can we get a little more information on what is being worked on? Is Plesk themselves trying to build an integration to CloudFlare or negotiating with them to maintain their integration?

While it is true that we can manually setup CloudFlare for clients, or have them set it up themselves, many of us make our money by being hands on and taking care of this FOR our clients, and having a CF integration made that so much easier. Which makes us more money. CF has a free tier that is useful to most websites, so if you are looking into other partnerships other than CF, can you let us know who?

Also, how soon do you expect to have an update on all of this?

Thanks.

 

[Michael Pratt]

Also, I have looked into moving to CPanel, and CPanel has the same problem of CloudFlare dropping support. So if you move to CPanel then you will have access to the plugin it appears (I dont think they have pulled it) but it will not have any security patches from over the past couple of years either. But it does appear to still be available at least... if you are willing to risk it.

I really wish there was a good alternative to CloudFlare . Like some kind of CloudFront integration, or something like that... Not sure what that would look like, or even if possible, but could be really cool to bill out at CloudFlare rates on CloudFront.