Plesk 12.5 RTM is out

[J.Wick]

I had a Plesk 12 running perfectly on Centos 6.5, but migrated to a new Centos 7 server and wow, did that really suck. I've spent about 3 work days fixing things that should be covered by Plesk. I feel I've learned so much that I can manually configure the server by myself. :/ Even right now I feel things are just holding together. I would really like to get into 12.5 (stable) and and move away from this nightmare instance.

It would be really nice if Plesk did a pre-install hardware check and then apply the most optimum and highest security settings for the machine it's running on. Apache, Nginx, PHP, FCGI, mail, MySQL, and related security technologies to be pre-configured.

Two more admin screens would be really appreciated.

1) Extra Security
PCI Compliance [ on | off ]
SSL Protocols TLS v1 [ ] TLSv1.1 [ ] TLSv1.2 [ ]
SSL CiphersSuites ECDHE-RSA-AES256-GCM-SHA384 [ ] ECDHE-RSA-AES256-SHA384 [ ] etc...

2) High Availability Performance
Optimize Apache [ on | off ]
Optimize Nginx [ on | off ]
Optimize PHP [ on | off ]
Optimize MariaDB [ on | off ]
Optimize FCGI [ on | off ]
Memcached [ on | off ]

And you could even have a third screen for fast repair of each technology by restoring default configs...

Let me know when 12.5 is good for production.

 

[SteveL132]

The link to the Plesk Deployment Guide given in the original post, http://docs.plesk.com/current/plesk-deployment-guide/, doesn't work - gets a 404. I can't figure out what this link should be.

 

[UFHH01]

Hi SteveL132,

please use the link: http://download1.parallels.com/Plesk/Doc/en-US/online/plesk-deployment-guide/

 

[Boindil]

Are there any plans to support dist-upgrade from CentOS 6 to CentOS 7? I can't afford to do this stuff manually because this would mean a lot of downtime for customers ...

 

[IgorG]

Are there any plans to support dist-upgrade from CentOS 6 to CentOS 7? I can't afford to do this stuff manually because this would mean a lot of downtime for customers ...

We have no such plans. Distupgrade even from clean CentOS6 to CentOS7 without Plesk doesn't work correctly. Therefore we can't support unstable feature.

 

[custer]

The link to the Plesk Deployment Guide given in the original post, http://docs.plesk.com/current/plesk-deployment-guide/, doesn't work - gets a 404. I can't figure out what this link should be.

Fixed the link in the original post, thanks for letting us know. The working link is http://docs.plesk.com/current/deployment-guide/

 

[Boindil]

Just updated an Ubuntu 12.04 from Plesk 12 to 12.5.
After that, I upgraded to 14.04.
Most things did go pretty well, except for a few issues.

• On boot, a lot of services show failing (but are running instead -> cosmetic).
  • some only show "failed" and some show something like this: 'Starting drweb service... invoke-rc.d: initscript drwebd, action "status" failed.'
• The System stats (CPU, HDD, RAM, Services, ...) are bugged and showing values like 57000% usage for my services :-D
  • The simple "System information" is showing correct load values.
• PHP 5.3 is rendered unusable, PHP is not working anymore and offering the source files as a download.
• Watchdog is not detecting plesk-php-fpm as a running service (php5-fpm is stopped and cannot be started - OS Vendor version).
• Plesk-PHP-FPM 5.4 is showing weird behaviour. When activated, Domains are suffering the following issues
  • On non-existing Files (404) the logs/error-log is filled with "AH01071: Got error 'Primary script unknown\n'" and the browser shows only "File not found" and ignores custom error_docs
  • .htaccess files are ignored no matter what
    
  • Password protected folders are loading partly. The code in the specific PHP file is executed and I get an output when aborting the password-login twice.

Plesk-PHP-FastCGI 5.4 is working as expected.

 

[105547111]

I only had issues on Centos 7 plesk 12.0.18 that fail2ban packages caused the upgrade to fail due to rpm conflicts.

So I removed all the fail2ban packages and upgrade ran through.

Next via installer removed fail2ban (as plesk still thinks it's installed) then install it again.

Now running 12.5.30

Interesting the installer only warned me about potential conflict with mod_security as I'm running ASL / Atomicorp but no warning on fail2ban which are epel packages anyway..

Needless to say there was not an issue at all with the ASL / Atomicorp packages, just fail2ban from dist.

 

[jnarvaez]

Same problem after upgrading 12.0.18 to 12.5.30 with fail2ban (upgraded from EPEL) on Centos 7.

The solution at this moment is remove fail2ban before upgrade.

Please fix it.

 

[105547111]

Looking at this issue it's probably best to remove fail2ban via the plesk installer first, then upgrade, put it back and reconfigure the jails.

I did find one other issue that health shows 0 percentages, but graphs work in detail.

So I followed this:

http://kb.odin.com/en/114307

I ended up having to empty the stats all out and reconfigure the setup, needed both but working perfectly now.

 

[dalydesign]

Migrating from old server running 11.5 to new server running 12.5... Having loads of CLI GATE errors... Yet only way to get round it is to delete the imported migrated domain and try again. ...normally works second time.

Apart from that and the occasional issue, it's a far superior platform. New features are great. Much more stable and forgiving.

 

[brentnz]

Hi. With this version installed, ( and ModSecurity and Fail2Ban enabled ) when i click on the websites and domains tab its very slow to refresh, while refreshing, any users accessing the server get a "BAD GATEWAY" response. Here are logs during click on "Websites and domains":

upstream: "http://192.168.32.13:7080/", host: "192.168.32.13"

2015/09/27 17:28:30 [error] 1021#0: *1 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 192.168.32.151, server: , request: "GET / HTTP/1.1", upstream: "http://192.168.32.13:7080/", host: "192.168.32.13"

2015/09/27 17:28:31 [error] 1021#0: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.32.151, server: , request: "GET / HTTP/1.1", upstream: "http://192.168.32.13:7080/", host: "192.168.32.13"

2015/09/27 17:29:17 [error] 1021#0: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.32.151, server: , request: "GET / HTTP/1.1", upstream: "http://192.168.32.13:7080/", host: "192.168.32.13"

2015/09/27 17:29:29 [error] 1021#0: *8 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.32.151, server: , request: "GET / HTTP/1.1", upstream: "http://192.168.32.13:7080/", host: "192.168.32.13"

2015/09/27 17:29:29 [error] 1021#0: *8 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.32.151, server: , request: "GET / HTTP/1.1", upstream: "http://192.168.32.13:7080/", host: "192.168.32.13"

2015/09/27 17:33:27 [error] 1021#0: *213 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.32.151, server: , request: "GET / HTTP/1.1", upstream: "http://192.168.32.13:7080/", host: "192.168.32.13"


and HTTPD logs say:

[Sun Sep 27 17:48:58.192767 2015] [mpm_event:notice] [pid 21617:tid 140325901322304] AH00492: caught SIGWINCH, shutting down gracefully

[Sun Sep 27 17:49:00.853548 2015] [core:notice] [pid 22496:tid 140698387421248] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0

[Sun Sep 27 17:49:00.855544 2015] [suexec:notice] [pid 22496:tid 140698387421248] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)

[Sun Sep 27 17:49:00.857445 2015] [ssl:warn] [pid 22496:tid 140698387421248] AH01909: RSA certificate configured for roundcube.webmail:443 does NOT include an ID which matches the server name

[Sun Sep 27 17:49:00.857704 2015] [ssl:warn] [pid 22496:tid 140698387421248] AH01909: RSA certificate configured for horde.webmail:443 does NOT include an ID which matches the server name

[Sun Sep 27 17:49:00.857931 2015] [ssl:warn] [pid 22496:tid 140698387421248] AH01909: RSA certificate configured for lists:443 does NOT include an ID which matches the server name

[Sun Sep 27 17:49:00.858144 2015] [ssl:warn] [pid 22496:tid 140698387421248] AH01909: RSA certificate configured for default-192_168_32_13:443 does NOT include an ID which matches the server name

[Sun Sep 27 17:49:00.858248 2015] [ssl:warn] [pid 22496:tid 140698387421248] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)

[Sun Sep 27 17:49:00.858289 2015] [:notice] [pid 22496:tid 140698387421248] ModSecurity for Apache/2.9.0 (http://www.modsecurity.org/) configured.

[Sun Sep 27 17:49:00.858292 2015] [:notice] [pid 22496:tid 140698387421248] ModSecurity: APR compiled version="1.4.8"; loaded version="1.4.8"

[Sun Sep 27 17:49:00.858295 2015] [:notice] [pid 22496:tid 140698387421248] ModSecurity: PCRE compiled version="8.32 "; loaded version="8.32 2012-11-30"

[Sun Sep 27 17:49:00.858297 2015] [:notice] [pid 22496:tid 140698387421248] ModSecurity: LUA compiled version="Lua 5.1"

[Sun Sep 27 17:49:00.858300 2015] [:notice] [pid 22496:tid 140698387421248] ModSecurity: YAJL compiled version="2.0.4"

[Sun Sep 27 17:49:00.858302 2015] [:notice] [pid 22496:tid 140698387421248] ModSecurity: LIBXML compiled version="2.9.1"

[Sun Sep 27 17:49:00.858304 2015] [:notice] [pid 22496:tid 140698387421248] ModSecurity: Original server signature: Apache

[Sun Sep 27 17:49:00.858305 2015] [:notice] [pid 22496:tid 140698387421248] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.

[Sun Sep 27 17:49:01.852192 2015] [auth_digest:notice] [pid 22496:tid 140698387421248] AH01757: generating secret for digest authentication ...

[Sun Sep 27 17:49:01.853079 2015] [lbmethod_heartbeat:notice] [pid 22496:tid 140698387421248] AH02282: No slotmem from mod_heartmonitor

[Sun Sep 27 17:49:01.854475 2015] [ssl:warn] [pid 22496:tid 140698387421248] AH01909: RSA certificate configured for roundcube.webmail:443 does NOT include an ID which matches the server name

[Sun Sep 27 17:49:01.854660 2015] [ssl:warn] [pid 22496:tid 140698387421248] AH01909: RSA certificate configured for horde.webmail:443 does NOT include an ID which matches the server name

[Sun Sep 27 17:49:01.854837 2015] [ssl:warn] [pid 22496:tid 140698387421248] AH01909: RSA certificate configured for lists:443 does NOT include an ID which matches the server name

[Sun Sep 27 17:49:01.855009 2015] [ssl:warn] [pid 22496:tid 140698387421248] AH01909: RSA certificate configured for default-192_168_32_13:443 does NOT include an ID which matches the server name

[Sun Sep 27 17:49:01.855093 2015] [ssl:warn] [pid 22496:tid 140698387421248] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)

[Sun Sep 27 17:49:01.858762 2015] [mpm_event:notice] [pid 22496:tid 140698387421248] AH00489: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips Apache mod_fcgid/2.3.9 configured -- resuming normal operations

[Sun Sep 27 17:49:01.858783 2015] [core:notice] [pid 22496:tid 140698387421248] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'

[Sun Sep 27 17:49:03.208768 2015] [mpm_event:notice] [pid 22496:tid 140698387421248] AH00492: caught SIGWINCH, shutting down gracefully




Just wanted to point out i'm Running this on CentOS 7.1 ( latest version with yum update ran )

I am getting the same result on CloudLinux 7.1.
If I disable ModSecurity the problem goes away.
Did you manage to find a fix for it? Is it happening for anyone else?

 

[dopeboy]

is can't install on ubuntu 14.04 64bit

root@dope:~# ./plesk-installer.sh
--2015-11-04 04:17:18--  http://autoinstall.plesk.com/Parallels_Installer/parallels_installer_Ubuntu_14.04_aarch64
Resolving autoinstall.plesk.com (autoinstall.plesk.com)... 93.184.221.133
Connecting to autoinstall.plesk.com (autoinstall.plesk.com)|93.184.221.133|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2015-11-04 04:17:18 ERROR 404: Not Found.
ERROR: Unable to run Plesk Installer. Possible reasons:
1) You are trying to run Plesk Installer on an unsupported OS. Your OS is Ubuntu-14.04. The list of supported OS is at http://www.odin.com/products/plesk/requirements/
2) Temporary network problem. Check your connection to autoinstall.plesk.com, contact your provider or open a support ticket.
root@dope:~#

 

[TonyI]

Hi, I see it's now available in the Extension catalog for Windows! I installed and setup and could not get it to work. I was getting a REFUSED error on the slave and a denied error on the master. I had to manually go into named.conf on the windows master and make a change. There is a line

acl common-allow-transfer {
none;
};

that all of the zones reference in the 'allow-transfer' section. On Linux Slave DNS when you add a slave, it adds this IP(s) to each zone within the allow-transfer section on the master so when a transfer request comes in it's allowed. If I add the slave's IP(s) in place of where it says none, it works. This must be a bug as we shouldn't have to manually modify the named.conf file on the master. It should be automatic when adding a slave through the extension like Linux does. Just a heads up and wondering if there is a fix or if you all have any ideas? Thanks for your hard work as always!

Tony

Just an update on this issue and how I resolved it for 12.5 Windows Plesk in case anyone else has this problem. On Plesk for Linux when you add slave servers with the DNS slave extension it automatically puts the slave server's IP addresses in the 'transfer restrictions template' which you find here

http://screencast.com/t/zfjCcWqwPZ6u

http://screencast.com/t/WB8i8qck

On Plesk 12.5 for Windows I had to manually add them on this page and once I did and deleted and recreated the test domain, the slaves picked up the changes and it seems to work fine now. Hope this helps.

Thanks,

Tony

 

[Noturns]

A question referring to Plesk 12.5.3 -- Tools > Additional Services (Backup Manager)
How can i remove a Suspended task?

I'm able to Delete individual backup task of a subscription but not the reoccurring Task Backup itself that is suspended in Additional Services.

 

[Peter_R]

Can Online Demo Plesk 12.5 be reactivated for previewing
Thanks

 

[UFHH01]

Hi Peter_R,

Can Online Demo Plesk 12.5 be reactivated for previewing
Thanks

Please go to: http://www.plesk.com/ you will find there a working direct link to the demo Plesk 12.5 Web Pro Edition

 

[IgorG]

Plesk 12.5 is no longer in the RTM stage, so I consider this thread as a not actual and close it.