Preamble
Security is one of the major trends for 2019. Official stats from “structure research” for 2019:
This means that the number of attacks, targeted to web sites, is growing fast and we have to be efficient with the fixes. We also did a big analysis of our service updates and security teams’ work. As a result, we are going to change the approach of how we ship new features and bugs fixes. So, the main idea of the new approach is to keep servers with Plesk up2date.
Currently, we have the following Plesk versions: Plesk Onyx 17.0, 17.5, 17.8 we need to develop and backport bug fixes and some features from upstream. This reduces our power to develop more new features and address your requests from https://plesk.uservoice.com. Moreover, as you already know, Plesk 12.x has been EOLed by Jan 1st, 2019 (Plesk Lifecycle Policy). At the same time, it still requires to ship fixes for some highly critical security issues, even if the issue may not be in Plesk, but in some of the 3rd parties used by Plesk. This also takes efforts and time.
As a result, we ship bugs fixes much faster for the latest supported version (Plesk Onyx 17.8) than for the others. And even more, we ship some feature improvements there, which we don’t do for the majority of the rest versions. For example, by May 25th of 2018, we had Plesk 17.5 and 17.8 fully supporting GDPR, Plesk 17.0 had some limitations and Plesk 12.x had more limitations to satisfy formal aspects, but it didn’t help you as a hoster. The latest version also gets all new features, APIs, CLIs, etc, while only critical sub set of the new features is back ported to the previous versions.
Long-term plan
Security is one of the major trends for 2019. Official stats from “structure research” for 2019:
- 90k websites are hacked every day
- 43%+ attacks target small businesses
- fileless attacks are on the rise - 29% in 2017, 35% in 2018
This means that the number of attacks, targeted to web sites, is growing fast and we have to be efficient with the fixes. We also did a big analysis of our service updates and security teams’ work. As a result, we are going to change the approach of how we ship new features and bugs fixes. So, the main idea of the new approach is to keep servers with Plesk up2date.
Currently, we have the following Plesk versions: Plesk Onyx 17.0, 17.5, 17.8 we need to develop and backport bug fixes and some features from upstream. This reduces our power to develop more new features and address your requests from https://plesk.uservoice.com. Moreover, as you already know, Plesk 12.x has been EOLed by Jan 1st, 2019 (Plesk Lifecycle Policy). At the same time, it still requires to ship fixes for some highly critical security issues, even if the issue may not be in Plesk, but in some of the 3rd parties used by Plesk. This also takes efforts and time.
As a result, we ship bugs fixes much faster for the latest supported version (Plesk Onyx 17.8) than for the others. And even more, we ship some feature improvements there, which we don’t do for the majority of the rest versions. For example, by May 25th of 2018, we had Plesk 17.5 and 17.8 fully supporting GDPR, Plesk 17.0 had some limitations and Plesk 12.x had more limitations to satisfy formal aspects, but it didn’t help you as a hoster. The latest version also gets all new features, APIs, CLIs, etc, while only critical sub set of the new features is back ported to the previous versions.
Long-term plan
- This year we introduce rolling out updates for Plesk. This means that we are going to ship Plesk releases on a monthly basis - the releases will have new features and bugs fixes.
- The complete schema will be applied starting from the next major release. This means that starting from the new release all the servers with the release will get the updates automatically.
- We are going to move all Plesk Onyx users to update their Plesk instances to the latest stable release (Plesk Onyx 17.8).
- The notifications start this week - we are going to notify users through the Plesk interface and via emails (if we have the consent to get newsletters).
- The first audience will be Plesk Onyx 17.0 users, who purchased a license directly from Plesk Online Store.
- The next audience will be Plesk Onyx 17.5 users, who also purchased a license directly from Plesk Online Store.
- Two weeks after the notification is published we are going to start updates of the servers. The auto-updates will be spread out over time, to roll out the updates by small and controllable chunks.