Plesk’s evolution is an ongoing process since the dynamic hosting industry continues to change proactively. Cloud technologies keep revolutionizing the industry and IT professionals need help managing multiple environments and services more efficiently. Productivity, security and usability are key here and Plesk Obsidian is the timely solution. To help you better understand the level of improvements of the new Plesk version, here’s an overall view of new and updated Plesk Obsidian features. On Sep 25th 2019, Obsidian became RTM.
Advanced Monitoring & Grafana Extensions
Advanced Monitoring helps you stay in the loop regarding server and site availability. So you can get to the heart of any issues.
Since availability is key in the Obsidian release, usage is important because you want to react quick when resources become overstretched. Hence, you can now enable alerts to tell you if things like CPU, RAM, and Disk IO are becoming overburdened.
The new Grafana extension works hand in hand with Advanced Monitoring to chart info and stats in order to make them more understandable. The new Grafana charts supersede the old HealthMonitoring tool.
Moving Domains Between Subscriptions
For better security, it makes sense to separate your sites – but it’s also helpful to keep your staging and production sites apart. Now, Plesk Obsidian’s UI and CLI give anyone you choose the freedom to move domains between subscriptions. Just make sure that the target subscription has enough headroom to handle the added load, and you’re good to go.
Composer V2.0 – PHP Dependency Manager
Here are all the things you can do, or don’t need to do, with the new PHP dependency manager.
SSH access no longer needed for PHP composer
You can now run the full range of convenient PHP Composer actions, even without SSH access. It’s possible to set up environment variables, modify your composer.json and execute the Install and Update commands.
Dependencies – Just click to install and update
You can perform tests, run dependencies, or create a classmap. But what you won’t need to do is memorize all the commands and options to install them. Plesk Obsidian can handle this heavy load for you now.
Soon you won’t even need to stress about partially-updated dependencies taking down your production site. Test the latest updates until you’re sure dependencies are safe before pushing your site live.
Update dependencies when everything looks safe
Updating dependencies is a double-edged sword. It’s something you need to do to stay on top of security risks. But you also know it’s something that can break your website. Though minor updates pose less of a risk, major ones can bring the whole house of cards tumbling down.
So you’d be happy to know that you can now assess the potential risks right from the Obsidian interface. As they say – Forewarned is forearmed!
Get the correct PHP version automatically
Now your site will use the PHP version that composer.json specifies – automatically. Composer will run using the right PHP handler instead of the system default. Hence, the one the individual website uses. (There are plans to have Plesk be able to choose the appropriate PHP version and handler). Log in using SSH and type in the “php” command.
Improved File Manager UX
Now File Manager makes you even more productive thanks to mass upload and file search. You can upload and extract RAR, TAR, TAR.GZ, and TGZ archives.
Repair Kit: Self-repair Tool
Plesk Obsidian Repair Kit is a powerful self-repair tool, automatically detecting and resolving issues with Plesk or its related services. It lets you view a list of processes currently running on the server and filter them by domains and disable them. You can also see the total RAM, CPU, and Disk usage for all processes running on the server or for individual processes.
Soon it will be possible to use a list of MySQL queries and processes to discover why MySQL consumes excessive resources and which domain is to blame.
Server-side restrictions for Plesk Admins
Restricted Access mode lets you control which administrators get access to which server administration tools and settings. You’ll find it under the “Administration Tools” tab in both Power User and Service Provider views.
Control which tools, services, resources and settings your admins access while in Power User view, with Restricted Mode active. Just look under the “Hosting Tools” tab.
Essentially, you’re allowing your customers to have Plesk administrator access, without worrying about them wreaking havoc on critical and sensitive settings.
Make sure you keep your server protected around the clock via SSL/TLS certificates from leading, trusted certificate authorities, like Let’s Encrypt and DigiCert.
We’ll be adding support for more of these in future. In the meantime, here’s what you can use SSL It! for.
- Buying, installing, and renewing certificates from a variety of CAs.
- Securing your domain, webmail, the “www” subdomain, and as many aliases as you want. Get a clear view of what’s secured and what isn’t.
- Automatically issuing, installing and renewing Let’s Encrypt certificates for domains secured with invalid certificates (self-signed, expired, or issued by a non-trusted CA.)
- Managing HSTS, OCSP Stapling, and HTTP to HTTPS redirect.
- Seeing the SSL/TLS status of the domain, subdomains, and domain aliases at a glance.
- Getting an A+ rating from ssllabs.
- Easily viewing SSL/TLS status via a small indicator on the Domain page.
- Use the most up to date TLS versions and ciphers.
SNI for Mail Services
Keep your email conversations private, because you never know who may be spying in. You can simply secure SMTP, IMAP, and POP connections to your mail server with an SSL/TLS Certificate.
However, if you offer mail services for more than one domain, your users may have trouble with their mail clients. But you can fix this by using individual SSL/TLS certificates for each domain. Thanks to Plesk Obsidian and the SNI support provided by Postfix and MailEnable.
Personalized HTML Notifications
HTML-based email notifications help improve user experience. But they also keep you in control of your server and sites when you’re not logged into Plesk. You can read these HTML-formatted messages more easily than plain text.
Plus, the shared design makes messages more attractive and sets them apart visually from other correspondence. Use the Plesk default HTML templates or customize the look of your notifications with HTML formatting. There’s bold and italics, headers, numbered and bulleted lists, and more.
We’ve reduced the free server disk space needed to back-up to Google, Amazon S3, FTP, and One Drive cloud storage. Now, restoring a subscription from a full server backup requires only additional free disk space equal to the subscription space. Instead of the full server backup.
Meanwhile, backing up the server to cloud storage only requires additional free disk space equal to that of two subscriptions. Rather than the entire server’s disk space. Hopefully, this has made operations faster on backups that are stored remotely. For example, you can now remove backups stored in the cloud four times quicker than before.
Revised Plesk UI and More Key Improvements
We’ve modernized the overall Plesk UI to address some of the UX shortfalls our users reported. Notice that the Plesk interface now looks more like plesk.com. There’s more to come – but for now we’ve improved the appearance and behavior of individual Plesk elements, colors and font sizes. Then, aligned all elements to a grid.
There have also been some key additions:
- Precompiled PageSpeed:
The PageSpeed module is now precompiled with NGINX.
- Automatic Restarts:
Plesk services that crash on systemd-based Linux OSes (CentOS7, RHEL 7, Ubuntu 16.04/18.04, Debian 8/9) will now restart automatically. Apache graceful restart is now strong enough to be set as the default to reduce downtime for websites.
- Immediate Default Security:
Secured by default: mod_security and fail2ban v0.10 are active straight away.
- Easier Plesk Access:
Plesk entry point has been optimized for Clouds like Amazon and Digital Ocean. Access Plesk via https://<host-name-or-IP> without specifying the TCP port 8443.
- Default HTTP to HTTPS:
Newly created websites have an SEO-friendly HTTP to HTTPS redirect enabled by default.
- PHP-FPM & Apache Tweaks:
Services improvements will give you more reliability with restarts. PHP engines supplied with Plesk contain popular PHP extensions like sodium, exif, and fileinfo.
It is worth mentioning that, starting with Plesk Obsidian, Plesk is announcing a monthly release cycle in order to always deliver value through secure and stable software to our Partners and Customers. Once you upgraded to Plesk Obsidian and allowed automatic updates through Plesk Server settings, you will always and automatically be on the latest version of the software. See below a complete comparison between Onyx and Obsidian – the complete list of arguments about why to upgrade:
Plesk Onyx vs Plesk Obsidian
Lucas (Product Manager) and Anton (Program Manager),
being heavily involved in the development of Plesk Obsidian,
share their thoughts on the new features of Plesk Obsidian
in our first Plesk podcast.
Check more podcasts
Is it TLS 1.3 ready?
Yes! TLS 1.3 is implemented for websites and the Plesk interface web server. For more info/guidance, you can check the article we have for that here: https://support.plesk.com/hc/en-us/articles/360007400013-Can-TLS-1-3-be-enabled-in-Plesk-
Interesting (disturbing?) how you denigrate Onyx to promote the new version. I just installed Onyx webadmin (on Debian 8.1 – per my VPS provider) and I have yet to see anything about upgrades. Curious way of doing business.
Is it possible to upgrade Obsidian from Onyx ?
Hey, if you have already purchased Onyx, you can upgrade using this guide.
What if I don’t want to upgrade to obsidian?
Will Onyx still be updated?
I’ve several Vultr servers with Plesk Onyx Web Admin SE the free version on ubunty 18.
If upgrade obsidian will it remain free?
Currently, you can only upgrade manually. If at some point upgrades become automatic, you may want to disable auto-updates in your Plesk.
Just check that the automatic upgrades is NOT set to early adopters, if it is – disable it, and you won’t be upgraded to Obsidian.
Regarding your license, your server upgrade to Plesk Obsidian would be free if you choose to upgrade (which we do recommend).
Has Obsidian held up the release of MySQL 8? Mysql 8 GA was released 1.5 years ago.
When can we expect to see it released?
There is no ETA for that at the moment, I’m afraid. So best stay tuned for more updates 🙂
You emphasize that securing websites with SSL is so important and made easy with Plesk (which is true).
But what about SFTP accounts beyond the subscription-admin’s ones?
I can’t find anything about this in the release-notes.
This request is pending already for so long: https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/5030867-enable-chrooted-sftp-for-more-than-one-user-per-ac
Totally understand that you’ve had this request pending for quite a while which may be frustrating
Specifically, this feature request is at the 32nd position in the top of UserVoice requests by votes.
So we will get to it, but as you can imagine it will take some time.
In the meantime, there is a support article with a solution to this issue – https://support.plesk.com/hc/en-us/articles/213912005-SFTP-is-not-available-for-additional-FTP-users
Perhaps have a look and get back to us?
Is there a way to keep port 8443 we block this and only allow certain ip’s
setting 443 kills our security.
Yes, it’s possible. Check https://support.plesk.com/hc/en-us/articles/213945625-How-to-make-Plesk-interface-accessible-over-a-hostname-without-entering-the-port-number
plesk bin admin –disable-access-domain
This will block all IPs except the desired ones in Plesk firewall – port 8443
Let us know how it goes!