• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Updating Plesk Onyx; OS / TP Supplied Items

learning_curve

learning_curve

Golden Pleskian
We're a recent new user of Plesk Onyx. We're quite happy with the way it works but always keen to learn more! The three major items that we are concerned with here, are supplied by OS / TP suppliers; Apache, OpenSSL & Nginx and our question is about updating them...

CentOS have recently released 7.4.1708 which we are now happily running our Plesk Onyx on, with no issues.

The CentOS release uses RHEL backport CVE fixes for Apache, so whilst retaining the 'Apache 2.4.6' version, we can still see the latest updates (Only the first reported item is shown here...) So Apache, we're pretty happy with how that's updated
Code: 
# rpm -q --changelog httpd
* Tue Aug 15 2017 CentOS Sources <[email protected]> - 2.4.6-67.el7.centos.2
- Remove index.html, add centos-noindex.tar.gz
- change vstring
- change symlink for poweredby.png
- update welcome.conf with proper aliases
The CentOS release also gave the long awaited update from OpenSSL 1.0.1e 11 Feb 2013 to OpenSSL 1.0.2k 26 Jan 2017 and this too, runs with no issues on our setup. So again with OpenSSL, we're pretty happy with how that's updated despite this not being 100% up to date yet (see OpenSSL extract below) becasue it's a huge leap forward from before. This upgrade allowed us to finally complete and check other setup changes elsewhere, so it was much appreciated.
Code: 
The table below lists the latest releases for every branch

Note: The latest stable version is the 1.1.0 series.
The 1.0.2 series is our Long Term Support (LTS) release, supported until 31st December 2019.
The 0.9.8, 1.0.0 and 1.0.1 versions are now out of support and should not be used.

KBytes      Date       File
5239      2017-May-25 13:09:51      openssl-1.0.2l.tar.gz (SHA256) (PGP sign) (SHA1)
5154      2017-May-25 13:09:51      openssl-1.1.0f.tar.gz (SHA256) (PGP sign) (SHA1)
1457      2017-May-24 18:01:01      openssl-fips-2.0.16.tar.gz (SHA256) (PGP sign) (SHA1)
1437      2017-May-24 18:01:01      openssl-fips-ecp-2.0.16.tar.gz (SHA256) (PGP sign) (SHA1)

That just leaves Nginx. We know that we can't upgrade it ourselves (Reference) and it won't just be a future yum upgrade ;) As we understand it, this can only be provided from Plesk themsleves via a new sw-nginx etc

This is a different request than THIS existing Plesk / Nginx one.

Work seems to be well underway at Nginx (Reference) so once finalisied & released, we assume this release will then be tested by Plesk & once that's complete...Plesk Onyx will provide this nginx version as an upgrade...

Or....have we misunderstood completely? :D
 
Hi learning_curve,

apart from your shortcut "TP" suppliers, we did understand the following at your thread:

You are happy.
You updated to the ( not yet supported ) operating system CentOS 7.4
You know, that Plesk compiles and provides the "sw-nginx" packages
You are unaware of the fact, that "nginx" - rpm - versions versions from "nginx.org" have got nothing to do with "sw-nginx" packages, compiled and provided by Plesk.


So... the only question, that you are asking here at this thread is:
learning_curve said:
Or....have we misunderstood completely?
Click to expand...
Answer: Apart from the above mentioned "sw-nginx" informations, your listed informations are correct.
 
UFHH01 said:
You are unaware of the fact, that "nginx" - rpm - versions versions from "nginx.org" have got nothing to do with "sw-nginx" packages, compiled and provided by Plesk
Click to expand...
Not any more thank you! :D That's somewhat clearer to us now.

So...... in due course...... an updated "nginx" - rpm - version from "nginx.org" may arrive (depending on our own setup) and, again in due course..... this could be followed by an updated "sw-nginx" package, compiled and provided by Plesk. That's how we understand your reply.
 
Hi learning_curve,

sorry, you still seem to be a little uninformed. Let me clarify a bit:

Compiled versions, provided by "nginx.org" are not at all relevant for Plesk, it's components and extensions. Plesk simply don't use any of their compiled versions, nor does Plesk support these compiled versions.

"sw-nginx" - packages, are equivalents to "nginx.org" compiled packages ( these packages, for example "*.rpm" / "*.deb" - files", which you are able to install with "yum", "apt", "aptitude", ... at your corresponding operating system, with the help of defined repositories/sources lists for your software package management at your operating system ) and they differ by compiling options and by integrated modules during the compiling process and last but not least by defined dependencies. Both are based on the very same available "nginx" - sources code versions, which you are able to download at => nginx: download for example. Pls. try not to mix "*.rpm" / "*.deb" with "sources code".
 
Okay, that's better now thank you. The confusion was caused by this line:
...that "nginx" - rpm - versions versions from "nginx.org"
Click to expand...
in your first reply, but that's our misunderstanding not yours.... Our first post was close, but the detail in
...this release will then be tested by Plesk & once that's complete...
Click to expand...
was not correct. The BIG difference... that you pointed out... was that the ongoing work at nginx.org (shown via the link we added) is irrelevant to the work at Plesk with regard to the preparation and release of an updated "sw-nginx" package that uses a later release of nginx source code when complied. That's a lot clearer to us now ;)

The obvious question is: "...when will the new, updated "sw-nginx" package, suitable for Plesk Onyx, be released by Plesk" :D but we're assuming nobody has the answer to this one. Well we can't find it easily online after looking.

[EDIT]
Current...
Name : sw-nginx
Version : 1.11.10
Release : centos7.17032813
Architecture: x86_64
etc…

Possible...
Name : sw-nginx
Version : 1.12.1
Release : centos7.4.1708
Architecture: x86_64
etc…
Click to expand...
 
Last edited:
learning_curve said:
The obvious question is: "...when will the new, updated "sw-nginx" package, suitable for Plesk Onyx, be released by Plesk" :D but we're assuming nobody has the answer to this one. Well we can't find it easily online after looking.
Click to expand...
I can say only that you can expect it in the one of Plesk 17.8 update. As you may know, we update components firstly in the latest Plesk version.
 
You must log in or register to reply here.

Similar threads

learning_curve
Resolved Plesk 17.8.11 / Ubuntu 18.04.3 LTS / OpenSSL / TLSv1.3
Replies
2
Views
3K
learning_curve
learning_curve
learning_curve
Resolved Updating Plesk Onyx, But Without Waiting For Plesk Updates
Replies
5
Views
2K
learning_curve
learning_curve
korsar
Important Keep your Plesk server up-to-date to have it secure and features complete
Replies
2
Views
10K
IvanV
I
burnley
Forwarded to devs After Onyx -> Obsidian upgrade we see "graceful-req",false followed by "stop-start",true in apache_restart_stat.log
Replies
6
Views
2K
burnley
burnley
Edward Dekker
  • Poll
Input Make your server more PCI compliant and update your TLS/Ciphersuites
Replies
2
Views
2K
Edward Dekker
Edward Dekker
Back
Top