• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Forwarded to devs Service Plans: Conflicts with the server-wide security policy on PHP 8.0 change

O

obendev

Basic Pleskian
Username: obendev

TITLE

Service Plans: Conflicts with the server-wide security policy on PHP 8.0 change

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk Obsidian v18.0.32_build1800201221.13 os_Ubuntu 18.04

PROBLEM DESCRIPTION

When I try to change the PHP Version in a Service Plan from 7.4 to 8.0, I get the following conformation message:

Are you sure you want to apply this setting?
This setting conflicts with the server-wide security policy.
Click to expand...

Content of site_isolation_settings.ini:
Code: 
[hosting]
php = any
php_handler_type = fpm
python = off
perl = off
fastcgi = any
ssi = any
ssl = on
shell = /opt/psa/bin/chrootsh
php_safe_mode = on
coldfusion = off

Setup of potentially insecure web scripting options that override provider's policy is turned off.
PHP handler type was FPM on 7.4 and stays the same (FPM) when switched to 8.0.

STEPS TO REPRODUCE

Change PHP version to 8.0 in a Service Plan.

ACTUAL RESULT

Plesk asks for confirmation to apply insecure setup.

EXPECTED RESULT

Plesk shouldn't ask for confirmation of applying insecure settings in this case, since setting PHP 8.0 instead of 7.4 isn't insecure.

ANY ADDITIONAL INFORMATION



YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
You must log in or register to reply here.

Similar threads

F
Forwarded to devs PHP: Additional directives extension handling incorrect
Replies
7
Views
2K
Sebahat.hadzhi
Sebahat.hadzhi
W
Question Subscription locked except for when limits are reset to default?
Replies
0
Views
458
WeronikaS
W
Hangover2
Forwarded to devs Disabled PHP "Hosting performance settings management" can be bypassed by using .user.ini or ini_set()
Replies
9
Views
3K
Sebahat.hadzhi
Sebahat.hadzhi
andreios
Resolved PHP FPM 8.2.17 is not accurately checking cached files for changes
Replies
3
Views
7K
andreios
andreios
PeopleInside
Resolved PHP 8.0 not removed from the PHP settings
Replies
7
Views
2K
Peter Debik
P
Back
Top