• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved Plesk Obsidian and PHP 8 compatibility

Hangover2

Hangover2

Regular Pleskian
Server operating system version
Debian 10.13
Plesk version and microupdate number
Plesk Obsidian Version 18.0.48
PHP 7.4 reaches end of life in 9 days (28th of November 2022) and I am wondering about the progress of PHP 8 compatibility in Plesk Obsidian.

As of today Plesk Obsidian 18.0.48 is using PHP 7.4 as default PHP handler in various ways:
- PHP 7.4.32 is used by Plesk itself for e.g. the admin panel, cronjobs or PHPMyAdmin
- PHP 7.4.33 is used for the webmail clients Roundcube and Horde

Is there any ETA available when Plesk will reach full PHP 8 compatibility?

The idea of having a server admin panel from December 2022 onwards, that is based on not supported software would be hard to explain to our clients.
 
Roundcube will be switched to PHP 8.0 for modern OSes except RHEL 7, CentOS 7, CloudLinux 7 and Ubuntu 18.04 in the upcoming 18.0.49 update.
On these OSes Roundcube 1.4 is installed that does not support PHP 8. We can't update it there to Roundcube 1.5 due to outdated MySQL versions.
Horde does not work with PHP 8 out of the box, and no plans to patch it.
 
Hangover2 said:
PHP 7.4 reaches end of life in 9 days (28th of November 2022) and I am wondering about the progress of PHP 8 compatibility in Plesk Obsidian.

As of today Plesk Obsidian 18.0.48 is using PHP 7.4 as default PHP handler in various ways:
- PHP 7.4.32 is used by Plesk itself for e.g. the admin panel, cronjobs or PHPMyAdmin
- PHP 7.4.33 is used for the webmail clients Roundcube and Horde

Is there any ETA available when Plesk will reach full PHP 8 compatibility?

The idea of having a server admin panel from December 2022 onwards, that is based on not supported software would be hard to explain to our clients.
Click to expand...
IgorG said:
Roundcube will be switched to PHP 8.0 for modern OSes except RHEL 7, CentOS 7, CloudLinux 7 and Ubuntu 18.04 in the upcoming 18.0.49 update.
On these OSes Roundcube 1.4 is installed that does not support PHP 8. We can't update it there to Roundcube 1.5 due to outdated MySQL versions.
Horde does not work with PHP 8 out of the box, and no plans to patch it.
Click to expand...
The Roundcube question has now been ^ answered - Thank you! ;)
However, the other questions ^^ relating to "...Plesk itself for e.g. the admin panel, cronjobs or PHPMyAdmin..." / "...server admin panel..." haven't o_O

Can anybody from Plesk, answer these question for us all?
 
@learning_curve plesk-engine based on PHP 8 is in the preparation stage and will be released too.
Unfortunately no ETA yet. At the moment, we are working on adopting Plesk code to PHP 8, and then we need time to adopt Plesk extensions code, and then we need to give time for the extensions vendor to adapt their code.
 
Last edited:
@IgorG This sounds like we are many months away from PHP 8 compatibility even though PHP 8 was released two years ago.

Will Plesk at least provide backported security fixes to its PHP 7.4 handlers?
 
While I do understand that upgrading a huge piece of software as Plesk is to PHP 8 must be a complicated task, the very serious matter of fact is that PHP 7.4 as of yesterday the 28th of November 2022 no longer will receive security updates. Upgrading from PHP 7.4 is no longer an option for anyone using it, it is quite necessary to minimise security risks.

As I am sure everyone else here also are aware of; PHP 8.0 stopped being actively developed two days ago, which means that 8.0 will reach EOL in a year from that date.

I see that there are mentions of an upcoming update, 18.0.49, and I sincerely hope that we are talking about days and not weeks to receive this upgrade.
 
You guys really! overestimate the risk of using older and no longer supported PHP versions.
In my opinion, running the Plesk Panel software with an old PHP version poses virtually zero risk factors.

I can somewhat get behind the idea of not offering outdated PHP versions for customers/websites, where you have no control over the PHP code that is running on.
But even then, the only security vulnerability (in PHP) in the last 10 years I remember to be a real problem, is/was the php-fpm privilege escalation bug from last year

That being said....as fast and eager as Plesk usually is, to mark older PHP versions as outdated and insecure anywhere (PHP settings, Advisor extension, etc.) and dropping support for them as soon as the official one from the PHP group has ended....well, I admit it's somewhat bigot to still hang on for the same old version when it comes to their own piece of code :rolleyes:
 
Let the games begin: CVE-2022-31631
PHP Bug #81740 (PDO::quote() may return unquoted string)

And still no ETA when Plesk will remove PHP 7.4 from its core.
 
You must log in or register to reply here.

Similar threads

Hangover2
Input Plesk Obsidian 18.0.59 - stable enough for live deployment?
Replies
5
Views
725
Bod
Bod
D
Input How to run Magento 2 on Plesk Obsidian 18 without Docker
Replies
6
Views
3K
WebHostingAce
WebHostingAce
R
Issue Plesk Extension.... 'Transfer of DNS Records'
Replies
4
Views
829
Rob Taylor
R
Automata
Resolved Imunify 360 not install on Plesk Obsidian with Debian 10.x
Replies
5
Views
5K
josephGW
J
danami
Forwarded to devs Plesk Obsidian PHP $_SERVER['SERVER_ADDR'] returns 127.0.0.1
Replies
4
Views
1K
IgorG
IgorG
Back
Top