I understand Plesk's position is that packages like OpenSSL are a part of the base OS and so not updated by Plesk, but conversely I've been advised it is better not to update the server via yum so that OS updates are in line with Plesk support.
So maybe the first question to ask is:
I then have a specific question about OpenSSL. My CentOS 6.10 box is still on OpenSSL 1.0.1e-fips, which is a long way out of date, although SpamAssassin still being on 3.3.1 wold be another OS component that could do with update.
There's plenty of advice on how to do this, but then there's always the Plesk 'warning' about newer versions might break compatibility, and the whole point about running a Plesk box is that people don't want to get knee-deep in UNIX admin. That seems to leave us between a rock and a hard place in terms of wanting/needing to keep core components up-to-date, but being warned about 'self updates' and updates of such components not being seen as part of Plesk's role.
What's the best advice on how to handle OS component updates? PUM only, yum, manual update of components like OpenSSL and SpamAssassin?
Thanks
So maybe the first question to ask is:
- Do Plesk advise/support/agree to the base OS being kept up to date via yum or should updates only be done via PUM?
I then have a specific question about OpenSSL. My CentOS 6.10 box is still on OpenSSL 1.0.1e-fips, which is a long way out of date, although SpamAssassin still being on 3.3.1 wold be another OS component that could do with update.
There's plenty of advice on how to do this, but then there's always the Plesk 'warning' about newer versions might break compatibility, and the whole point about running a Plesk box is that people don't want to get knee-deep in UNIX admin. That seems to leave us between a rock and a hard place in terms of wanting/needing to keep core components up-to-date, but being warned about 'self updates' and updates of such components not being seen as part of Plesk's role.
What's the best advice on how to handle OS component updates? PUM only, yum, manual update of components like OpenSSL and SpamAssassin?
Thanks