• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue PHP Version/Handler change - server-wide security policy

ChristophRo

ChristophRo

Regular Pleskian
I call this a bug and not "working as expected" as possibly hinted in other threads?!?

Note: I am testing this with a fresh Plesk 17.5/Ubuntu16.04 and Plesk17.8/Debian9 installation and did NOT change/adjust anything in the site_isolation_settings.ini or anywhere else.

Now, in the "Service Plans", when the flag for "Setup of potentially insecure web scripting options that override provider's policy" is NOT set, we get a "This setting conflicts with the server-wide security policy" warning popup, whenever we change the PHP version or PHP handler.

Moreover it seems to arbitrary choose the lowest available version of PHP as the "secure" one, as when I per example install a custom PHP 5.6 on Debian9, the panel then wants this one to be selected... (before the installation of PHP 5.6, it was the 7.0 version that was considered "secure")


The same behaviour does not happen, when the PHP version or handler gets changed on the subscription/domain itself, despite the "Setup of potentially insecure web scripting options that override provider's policy" is not set.
 
You must log in or register to reply here.

Similar threads

brother4
Question Optimizing PHP FPM Handler Settings for Apache and Nginx in Plesk
Replies
0
Views
1K
brother4
brother4
P
Resolved Custom PHP versions: no systemctl reload is issued on a change of PHP handlers when changing from any custom handler to any other handler
Replies
6
Views
2K
Peter Debik
P
K
Resolved Can not change DNS server-wide settings
Replies
3
Views
2K
klowet
K
Stergios G
Question Change php version on terminal
Replies
13
Views
6K
Kaspar
K
WebHostingAce
Question Wordpress Hacked! Unusual Plesk Behavior
Replies
9
Views
4K
WebHostingAce
WebHostingAce
Back
Top