1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice
  1. jamescrown

    jamescrown Guest

    0
     
    Hello,

    There is a recent vulnerability in PHP 5.2.6

    The available build of plesk 9.0 081208.18 is currently installing PHP 5.2.6 to %plesk_bin% and %plesk_dir%\additional\pleskphp5

    Can you please release a new build of Plesk 9.0 which uses PHP 5.2.8 ?

    Thank you.
     
  2. gongcart

    gongcart Guest

    0
     
    I think you can just intall the new version into that directory and it should work fine, the same apply to php4
     
  3. jamescrown

    jamescrown Guest

    0
     
    That works for %plesk_dir%\additional\pleskphp5 only. So yes, the PHP version clients use can be upgraded however the version that plesk control panel uses cannot as it will cause errors. Currently this is causing sites hosted on Plesk servers to fail PCI compliance unless you prevent the scanner access to port 8880 and 8443.
     
  4. gongcart

    gongcart Guest

    0
     
    you will have to replace the php.ini file that plesk is using. Plesk is using the php.ini file under admin folder
    do not forget to copy some settings from the old php.ini
     
  5. jamescrown

    jamescrown Guest

    0
     
    Hello,

    Do you currently have PHP 5.2.8 working from %plesk_bin%? Please only respond to this post if you know how to get PHP 5.2.8 working from %plesk_bin%.
     
  6. tomoiaga

    tomoiaga Guest

    0
     
    It will pass 50 years before parallels will be able to release abything like that.
    They are not able to fix bugs that were present in plesk 8.6 and are still present in plesk 9.
    I can tell you that they are probably amazed that php works with theire product.
    They are just lame so dont't expect anything except more bugs.
     
  7. risede

    risede Basic Pleskian

    23
    23%
    Joined:
    Nov 11, 2008
    Messages:
    33
    Likes Received:
    0
    How to "get around" PCI Compliance

    The default installation for Plesk php exposes the php header information by adding it's signature to the web server header. That is how the PCI Compliance companies "see" what version you are using. You can turn this off with (so far) no ill effects by going to php.ini in %plesk_dir%/admin and changing:

    expose_php = On

    to

    expose_php = Off
     
Loading...