All You Need to Know About the Plesk WordPress Toolkit 4.10 Release

We’re happy to announce the release of The Plesk WordPress Toolkit 4.10, the last major release of the WordPress Toolkit 4.x line. Don’t worry, we’re not abandoning the project. This is simply our way of saying that the next big WordPress Toolkit version is going to start with number 5 – hooray!

Discover the Plesk WordPress Toolkit

WordPress Toolkit 4.10 is also the last major WordPress Toolkit release that supports Plesk Onyx 17.8. Although we’ll continue to release security updates for Plesk Onyx customers until its End of Life. However, if you want to keep getting major new features and improvements, it’s time to update your Plesk. WordPress Toolkit 5.0 will only be available for Plesk Obsidian.

With that said, let’s see what’s new in the Plesk WordPress Toolkit 4.10.

Site Backup

Users have been asking us for a long time to introduce a simple tool for quickly backing up a single WordPress site. Plesk has a great Backup Manager tool that works wonders in the majority of cases, but it might be overkill sometimes. 

Specifically, the issue some customers have with Backup Manager is that it backs up the whole subscription with all its sites and data instead of a single site. This can be particularly annoying if you have several sites on a subscription – for example, one staging site and one production site. 

Backing up such a subscription requires much more time and disk space than needed if you want to back up just your production site, for example.

WordPress Toolkit 4.10 introduces a tool for backing up and restoring individual WordPress sites to address this issue. 

This link has been previously directing users to Plesk Backup Manager for the corresponding subscription. Now it opens a new window for backing up a particular site:

Backing up a site is as simple as clicking Back Up, no configuration or setup is required. A separate directory in the user’s webspace stores all site backups. When you use Plesk Backup Manager to perform a scheduled backup or to back up your stuff to cloud storage, these site backups made by WordPress Toolkit will be usually included.

In addition to backing up your site, you can download backup files to safely store them elsewhere or upload them on a different server. Restoring a backup could actually be quite destructive for a website since its data will be rewritten. So a corresponding warning is shown. Hesitant users are given the option to back up their site before doing a restoration, as a helpful suggestion.

Backup is a very complex and involved topic. So we had to make some compromises to efficiently use our resources. Clicking download icons will take you to File Manager, while in the future it’ll start the download process immediately. We’ll also relax some restrictions on supported backup file names and metadata to make sure that a wider range of WordPress backups is supported for restoration purposes. And the restoration process itself is more user friendly.

Right now, the feature is focused on backing up and restoring data in the context of an existing website hosted in the same place. Working with WordPress Toolkit-made backup files uploaded to a different server is a difficult process now. And we’re looking into improving that in the nearby future.

There aren’t immediate plans to introduce features like cloud backup or scheduled backup – users can employ Plesk Backup Manager for that. The goal of this feature is a quick and effective creation of WordPress site backups for further processing outside of WordPress Toolkit. And this is the direction we’ll be focusing our improvements on in the next releases.

cPanel Support

Our efforts to make WordPress Toolkit work on cPanel are coming to a happy end soon, as the project is going through its final lap already. We still need to fix some issues and add a couple of things, but we’ve already hosted several demos for large hosters, getting very positive feedback.

The product will first launch with the novel pay-as-you-go licensing – available exclusively to a number of hand-picked partners. After a short period of time, it’ll become available to the general public, with a more traditional licensing scheme based on license tiers. Stay tuned for a special announcement to learn more about this landmark event.

Bug Fixes and Multisite Support

Our colleagues in cPanel helped us uncover a couple of potential security issues, which we have promptly addressed. We have also fixed several annoying customer bugs. As far as research goes, we needed to figure out the existing limitations of multisite support in the WordPress Toolkit, so we could improve it in the future releases. Extensive research into multisite support was conducted, and a lot of new information was unearthed. 

Now, we have a clear understanding of what we should fix to make WordPress Toolkit work better with multisites.

Future Plans – What’s Next?

The team is already working hard on WordPress Toolkit 5.0, which will also be the first public WordPress Toolkit release for cPanel. This version increase also warrants changes in WordPress Toolkit UI to make sure it focuses on important things and stays responsive, flexible, and useful. 

After the release of WordPress Toolkit for cPanel the team will have more free hands to work on feature requests and various improvements. So we expect a lot of interesting things to be released until the end of the year. Keep your feedback coming, and we’ll keep the releases going! 🙂

Once again, many thanks to the whole WordPress Toolkit team for their hard work. And thank you for your attention. If you have a question related to the Plesk WordPress Toolkit, please let us know in the comment section below. Until next time!

Backup Importance, Its Types And Strategies

Backup Types and Strategies

Data is the lifeblood of your business, so you can’t afford to lose a single byte. A backup is a copy of your data – something everybody should do regularly, as a comprehensive disaster recovery policy. When your business relies on complex systems, there’s plenty that can go wrong. So you must have measures in place to save you when they do.

Things that typically lead to data loss are:

  • Disk failures due to hardware malfunctions, power outs, or improper use
  • Network difficulties. There are lots of scenarios for this, and one would be lost packets that don’t get acknowledged due to router congestion
  • Files corrupted by viruses
  • Hackers – or unhappy employees erasing or corrupting data
  • Theft – people stealing hardware

Try as you might, you’ll never be 100% safe from these sorts of unwanted events. That’s why you’re always going to need a backup strategy to protect you. There’s no perfect plan because everyone’s circumstances are different. So here are some examples to help you weigh up the pros and cons.

Possible Backup Strategies

Possible Backup Strategies - Plesk

Mediums

First, you’ll need to decide what medium you’re going to use to back your stuff up.

In the age of cloud services, tape drives look like yesterday’s technology. However, they do have the advantage of being cheaper and still reliable. It’s up to you whether you go for the tape route for your long-term server backups. You can actually save money if you do.  Naturally, there are high capacity discs as well, and the cost of those is coming down all the time. With either tape or disc, you’re relying on network backup systems that suffer from a single point of failure. But they have the advantage of being easier to administer than many individual ones.

Location

Whatever media you use, you’ll need to decide where you are going to keep them. But if it’s on-site, what happens if the building catches fire? Safety of the environment has to be one of your concerns. And you also need to think about climate control too, because magnetic media are picky about the conditions they’re kept in.

Owners

You could automatically back the stuff on individual workstations, or you could educate your staff to do their own at regular intervals on a shared network location. The strategy you choose will be a combination of a schedule and different types of backup. Such as normal, copy, incremental, differential, and daily. You’ll also need to decide whether you’ll verify your tapes as soon as each one is done.

If this all sounds too complex then you can always employ a third party to do it for you. They look after everything and all you need to do is upload your backed up stuff to them.

Backup types - Plesk

Backup Types

We mentioned some of these in the preceding paragraph. The majority of network backup software, such as Microsoft Windows NT and Windows 2000 , supports five ways of backing up:

Normal

Covers your most important system and data files. Restoring is no more complicated than just going to the most recent backup.

Copy

This provides an extra copy of a backup, which might be useful to your accounts department for regular archiving and reporting. It backs up the same files as a normal one but is slightly different. A normal backup clears the archive bit associated with each backed up file and indicates that they’ve been backed up. But a copy doesn’t do this, which means you can do it at any time without interrupting the cycle. The copy backup tape is separate from the cycle and you don’t need it to restore anything.

Incremental

This only backs up files that have been created or changed since the last backup. If you combine normal and incremental backups, you’ll save time and use less storage space than if you only perform normal ones. But if you need to do a restore, you’ll need to use the normal backup along with all the incremental backups from the current cycle to do so.

Differential

Copies whichever files have been created or modified since the most recent normal or incremental backup. The archive attributes of differential backup files aren’t cleared. Which means that during the next differential backup, these files will be backed up again. In terms of changes, differential ones will accumulate them as they go. So with each differential one, in a given cycle, there’s every file from the most recent one. Along with any files changed since the last time it was done. So, when you want to restore, you’ll typically just use the normal backup and the most recent differential one from the current cycle to do it.

Daily copy

Copies every file that’s been updated on the day this is performed. This is useful for when you want to know there’s everything backed up for all that has been done that day. It’s useful and it doesn’t interfere with the cycle in any way.

The Effects of Backup Operations

The different operations affect the archive attributes of the files and directories they back up in different ways. A backup operation marks the archive attribute by removing it to show that the file has been backed up. If that file is modified later, its archive attribute is set (unmarked). This table shows what the different types of backup operations do to the archive attribute:

  • Normal backup – cleared
  • Copy backup – no effect
  • Incremental backup – cleared
  • Differential backup – no effect
  • Daily copy – no effect
Types of Backups - Plesk

Backup Solutions For Plesk Servers

An increasingly popular method of safeguarding data is to synch it to the cloud. Besides the obvious benefits of switching to a lightweight, off-site backup solution, using the cloud for backups puts all previous versions of your data available to you from anywhere. Just by logging in to your chosen portal, your data is accessible to you – and safe – wherever you are. Even in the case of disaster recovery, a hardware specialist is not required to retrieve files as you can easily bring back the latest version in your data history yourself.

Here are our best cloud backup solutions for Plesk.

Backup to Cloud Pro

We want Plesk users to be free from worry when it comes to protecting their data. With the Backup to Cloud Pro extension pack, you can choose which cloud storage is comfortable for you – from Google Drive to Amazon S3 to DigitalOcean – and schedule or automate backups.

This way, no matter if force major or human error are involved: your website data stays safe, regularly updated into the cloud.

Acronis Backup

Another top extension for securing your site history is Acronis. Also based in the cloud, users can run incremental image-based backups that allow complete self-service recovery. The incremental nature of the backups reduces pressure on the server and network. Another useful plus is that hosters can even access recovery data for all hosted sites and customers.

CodeGuard

The most unique feature of the CodeGuard extension is the one-click recovery. Using a sophisticated control software, your backed up data is available to restore at the touch of a button. You can also intelligently restore your website manually to a previous version at any time.

Want to see more options? Plesk hosting platform provides various reliable cloud backup solutions as well as granular/self-service backup and recovery options for administrators.

WordPress Migration to a New Web Hosting

WordPress migration to a new web hosting

WordPress migration can be a challenge. You may want to change web hosting providers for various reasons, for example, increasing costs or poor service provision. Hosting frustrations can build up over time. Maybe due to hosting costs or a gap in service delivery, like constant downtime.

Either way, the reason is simple: moving hosts is a daunting prospect. So many website owners simply put off this decision, worried that moving hosts will make their existing problems even worse. But by properly understanding WordPress hosting migration, you can go through the process of changing hosting providers quite smoothly.

Expert or DIY WordPress migration?

expert or DIY WordPress migration? plesk

One thing you can do to manage WordPress Migration better is get expert help. Experts can help you find a new, suitable host. In fact, some hosts can even help you make the transition. But it’s still entirely feasible to transfer a WordPress site on your own. You just need to be aware of some of the following basic principles.

The key lies in preparation. If you follow the right preparatory steps, moving your website is simple. If you approach it in the right way, WordPress hosting migration is simple. The right steps also help you reverse migration without adverse consequences. So that you can go back if you realize you’ve made a mistake.

Want to try migrating your WordPress site on your own? Then here are the five steps you need to follow.

1. Backup and export before WordPress migration

Backup and export before WordPress migration plesk

When you migrate a website, you want to know that you can always go back to your starting point – should something go wrong. This is why backing up is, without a doubt, your first step. A backup is a requirement when shifting a WordPress installation across to another server. You will also need to export your WordPress database.

Backing up a WordPress instance to transfer WordPress site

You can backup your WordPress site files ( plugins, themes, core files and uploaded content ) by:

  1. using any backup plugins
  2. accessing your host via ssh, archiving everything using tar/zip and passing it to another host via scp connection
  3. archiving and downloading the files by utilizing the file managing functionalities of hosting platforms like Plesk Obsidian or cPanel
  4. using dedicated WordPress management solutions like Plesk WordPress Toolkit ( if your current host is using Plesk Obsidian )
  5. using an FTP app ( such as Filezilla, WinSCP or CuteFTP ) to connect to your web host and download all the files on your host’s machine to your desktop PC. Note that some important files are hidden, including .htaccess, but you can view these if you set the right options inside your FTP client. Also note that downloading these files can take a long time depending on how expansive your WordPress instance is, and how many media files you use in your website.

Copy your WordPress database

Next, make a copy of your WordPress database. You can do this while you’re downloading the site files with FTP. You can copy your database in many ways. Let’s focus on the one which utilizes the power of the PhpMyAdmin tool.

WordPress database export is straightforward. But you have to consider a couple of things. First, you need to log into your web server’s hosting control panel (example, Plesk Obsidian or cPanel ) and open the phpMyAdmin web interface. This shows a list of databases on the left. You need to select the database that matches your WordPress installation here. Next, click on the Export tab to access the Export page.

Thankfully phpMyAdmin offers a default setting, called “Quick”. Tap Quick and then Go to start the database export process. The file then downloads to your PC.

2. Configure database on new WordPress hosting server

Configure database on new WordPress hosting server plesk

Before you upload your WordPress site files. First you need to set up the WordPress database on your new server. To do this, you need to log in to the control panel on your new host. Since MySQL is the most commonly used database, we’ll use it in this example. But your host may be using a different database app. If that’s the case, you need to contact their support team to find out how to create a new database.

Let’s focus on two situations, when your host has Plesk Obsidian or cPanel.

a) Plesk: choose “Databases” and click “Add new database”. Add the name of the databases leaving unchanged name’s prefix, select the website your new database will be related to, add user and its password and submit this data.

b) cPanel: first, open MySQL Databases and create a new database with a name that is appropriate for your website. Next, add a MySQL user and include a secure password too. Finally, make sure this account has the right privileges by granting it “All Privileges” rights.

Copy down the database password, and the database name. You’ll need these for the WordPress configuration file.

3. Change WP config file for WordPress migration

Every WordPress instance has a configuration file. This file contains the details for WordPress to connect to the site’s database. Find this file in the content you’ve previously backed up. It should be in the root folder in the location where you stored the files. It’s called wp-config.php.

Back up this file in another folder on your computer. So that you can restore the changes you made in case something goes wrong later. Now, open the original version with a text editor and make the following modifications:

Edit the database name

Find the line that says

define('DB_NAME', 'database_name');

and change ‘database_name into the name of the new WordPress database that you just created. Currently ‘database_name’ will be the name of your existing database’s name.

Add the new database username and password

Changing the database credentials is just as easy. For the username, find the line

define('DB_USER', 'database_user');

Here you need to update ‘database_user’ so that it contains the username for your new database.

Next, find the line that says:

define('DB_PASSWORD', 'database_password');

Likewise, simply change ‘database_password’ to be your new database password. Once you’re done save the wp-config.php file and close it.

4. Upload WordPress database and files

Change WP config file for WordPress migration plesk

You can now start to import your WordPress site, firing it up with your new hosting provider.

Importing the database

First launch phpMyAdmin from your control panel and select the new database from the options on the left. Next, open the Import tab from the nav bar.

You now need to import the actual database file. Select Choose File in the section that says File to Import and open the file that you previously exported to your desktop PC. Make sure that Partial Import is not selected. And ensure that you’ve set the database type to SQL. That’s it, now click Go.

Note that some larger databases can take a very long time to import successfully. But you’ll get a confirmation message telling you when the database import is complete.

Upload your site files

After you prep the database and have your wp-config.php ready, you can then upload the files on your site. You now need to connect your FTP program with your new web host. Once ready, you simply locate your files on your PC. You need to select the right remote directory: this may be the root public_html folder, or it may be another folder. Check with your host.

Once you pick the right remote directory, you can start to upload the files. These will include the wp-config.php file that you modified to reflect the login details for the database at your new host. Depending on your connection, uploading can take longer than downloading. You may need to leave some time for this to complete before moving on with your WordPress migration.

Transfer your domain and link to the new URL

WordPress migration also often involves moving to a new domain. If that’s the case, you need to read this step. If, however, you’re keeping your domain, you can skip this step. Changing your domain can cause various issues, unless you try to mitigate them.

First, you can struggle moving a site to a new domain when you add a lot of links to internal site posts using a full URL. Likewise, if you refer to images on your site using a full URL, you’ll break the image link once you change the domain that’s included at the start of every URL.

However, you can automatically search for these links and replace them. You can do this by using Search Replace DB, which is a script that you can download from GitHub. Once you’re done with this tool, make sure you delete it. It presents a security risk if it stays around without being used. Also note that you shouldn’t install this tool in the root of your domain. Instead, create a temporary folder with a completely random name that’s not likely to be guessed.

Changing your WordPress site’s address

Your site URL is also altered during the search and replace process. In other words, your home URL and site URL values are up-to-date so they represent the new domain. This means that when you try and log in to your new site, you immediately go to the right location. And not the old one.

5. Finish up your WordPress migration

Finish up your WordPress migration plesk

You’re nearly done with your WordPress migration. But you have a few more steps that you need to complete first. You may have to wait a few days between these steps too.

Your website’s domain will still be pointing to your old host. So you need to redirect your DNS (domain name server) settings to ensure requests direct to your new hosting provider. The process varies depending on where your domain is registered and hosted.

It’s not possible to give full instructions here as the number of different routes are simply too varied. However, your domain registrar can assist you. Note that it can take some time before a change in domain details is fully effective, up to 48 hours. This process is known as domain propagation and is, unfortunately, unavoidable.

Importantly, you shouldn’t make any changes to your site during this period. You may end up changing the site on your original website host, and not your new site instance. After 48 hours you should be fine to make changes, and to delete the contents of your old site at your old hosting provider. Always keep your backup files on your local PC. And keep your old wp-config.php file just in case you need to refer to it.

The process of WordPress site migration isn’t complicated. But you should be careful every step of the way. Always ensure you store your original site on your PC. So that you can go back if there’s any problem.

All the New Plesk Obsidian Features

Plesk’s evolution is an ongoing process since the dynamic hosting industry continues to change proactively. Cloud technologies keep revolutionizing the industry and IT professionals need help managing multiple environments and services more efficiently. Productivity, security and usability are key here and Plesk Obsidian is the timely solution. To help you better understand the level of improvements of the new Plesk version, here’s an overall view of new and updated Plesk Obsidian features. On Sep 25th 2019, Obsidian became RTM.

Advanced Monitoring & Grafana Extensions

Advanced Monitoring helps you stay in the loop regarding server and site availability. So you can get to the heart of any issues.

Since availability is key in the Obsidian release, usage is important because you want to react quick when resources become overstretched. Hence, you can now enable alerts to tell you if things like CPU, RAM, and Disk IO are becoming overburdened.

The new Grafana extension works hand in hand with Advanced Monitoring to chart info and stats in order to make them more understandable. The new Grafana charts supersede the old HealthMonitoring tool.

Moving Domains Between Subscriptions

For better security, it makes sense to separate your sites – but it’s also helpful to keep your staging and production sites apart. Now, Plesk Obsidian’s UI and CLI give anyone you choose the freedom to move domains between subscriptions. Just make sure that the target subscription has enough headroom to handle the added load, and you’re good to go.

Composer V2.0 – PHP Dependency Manager

Here are all the things you can do, or don’t need to do, with the new PHP dependency manager.

SSH access no longer needed for PHP composer

You can now run the full range of convenient PHP Composer actions, even without SSH access. It’s possible to set up environment variables, modify your composer.json and execute the Install and Update commands.

Dependencies – Just click to install and update

You can perform tests, run dependencies, or create a classmap. But what you won’t need to do is memorize all the commands and options to install them. Plesk Obsidian can handle this heavy load for you now.

Soon you won’t even need to stress about partially-updated dependencies taking down your production site. Test the latest updates until you’re sure dependencies are safe before pushing your site live.

Update dependencies when everything looks safe

Updating dependencies is a double-edged sword. It’s something you need to do to stay on top of security risks. But you also know it’s something that can break your website. Though minor updates pose less of a risk, major ones can bring the whole house of cards tumbling down.

So you’d be happy to know that you can now assess the potential risks right from the Obsidian interface. As they say – Forewarned is forearmed!

Get the correct PHP version automatically

Now your site will use the PHP version that composer.json specifies – automatically. Composer will run using the right PHP handler instead of the system default. Hence, the one the individual website uses. (There are plans to have Plesk be able to choose the appropriate PHP version and handler). Log in using SSH and type in the “php” command.

Improved File Manager UX

Now File Manager makes you even more productive thanks to mass upload and file search. You can upload and extract RAR, TAR, TAR.GZ, and TGZ archives.

Repair Kit: Self-repair Tool

Plesk Obsidian Repair Kit is a powerful self-repair tool, automatically detecting and resolving issues with Plesk or its related services. It lets you view a list of processes currently running on the server and filter them by domains and disable them. You can also see the total RAM, CPU, and Disk usage for all processes running on the server or for individual processes.

Soon it will be possible to use a list of MySQL queries and processes to discover why MySQL consumes excessive resources and which domain is to blame.

Server-side restrictions for Plesk Admins

Restricted Access mode lets you control which administrators get access to which server administration tools and settings. You’ll find it under the “Administration Tools” tab in both Power User and Service Provider views.

Control which tools, services, resources and settings your admins access while in Power User view, with Restricted Mode active. Just look under the “Hosting Tools” tab.

Essentially, you’re allowing your customers to have Plesk administrator access, without worrying about them wreaking havoc on critical and sensitive settings.

SSL It!

Make sure you keep your server protected around the clock via SSL/TLS certificates from leading, trusted certificate authorities, like Let’s Encrypt and DigiCert.

We’ll be adding support for more of these in future. In the meantime, here’s what you can use SSL It! for.

  • Buying, installing, and renewing certificates from a variety of CAs.
  • Securing your domain, webmail, the “www” subdomain, and as many aliases as you want. Get a clear view of what’s secured and what isn’t.
  • Automatically issuing, installing and renewing Let’s Encrypt certificates for domains secured with invalid certificates (self-signed, expired, or issued by a non-trusted CA.)
  • Managing HSTS, OCSP Stapling, and HTTP to HTTPS redirect.
  • Seeing the SSL/TLS status of the domain, subdomains, and domain aliases at a glance.
  • Getting an A+ rating from ssllabs.
  • Easily viewing SSL/TLS status via a small indicator on the Domain page.
  • Use the most up to date TLS versions and ciphers.

SNI for Mail Services

Keep your email conversations private, because you never know who may be spying in. You can simply secure SMTP, IMAP, and POP connections to your mail server with an SSL/TLS Certificate.

However, if you offer mail services for more than one domain, your users may have trouble with their mail clients. But you can fix this by using individual SSL/TLS certificates for each domain. Thanks to Plesk Obsidian and the SNI support provided by Postfix and MailEnable.

Personalized HTML Notifications

HTML-based email notifications help improve user experience. But they also keep you in control of your server and sites when you’re not logged into Plesk. You can read these HTML-formatted messages more easily than plain text.

Plus, the shared design makes messages more attractive and sets them apart visually from other correspondence. Use the Plesk default HTML templates or customize the look of your notifications with HTML formatting. There’s bold and italics, headers, numbered and bulleted lists, and more.

Backup Optimizations

We’ve reduced the free server disk space needed to back-up to Google, Amazon S3, FTP, and One Drive cloud storage. Now, restoring a subscription from a full server backup requires only additional free disk space equal to the subscription space. Instead of the full server backup.

Meanwhile, backing up the server to cloud storage only requires additional free disk space equal to that of two subscriptions. Rather than the entire server’s disk space. Hopefully, this has made operations faster on backups that are stored remotely. For example, you can now remove backups stored in the cloud four times quicker than before.

Revised Plesk UI and More Key Improvements

We’ve modernized the overall Plesk UI to address some of the UX shortfalls our users reported. Notice that the Plesk interface now looks more like plesk.com. There’s more to come – but for now we’ve improved the appearance and behavior of individual Plesk elements, colors and font sizes. Then, aligned all elements to a grid.

There have also been some key additions: 

  1. Precompiled PageSpeed:
    The PageSpeed module is now precompiled with NGINX.
  2. Automatic Restarts:
    Plesk services that crash on systemd-based Linux OSes (CentOS7, RHEL 7, Ubuntu 16.04/18.04, Debian 8/9) will now restart automatically. Apache graceful restart is now strong enough to be set as the default to reduce downtime for websites.
  3. Immediate Default Security:
    Secured by default: mod_security and fail2ban v0.10 are active straight away.
  4. Easier Plesk Access:
    Plesk entry point has been optimized for Clouds like Amazon and Digital Ocean. Access Plesk via https://<host-name-or-IP> without specifying the TCP port 8443.
  5. Default HTTP to HTTPS:
    Newly created websites have an SEO-friendly HTTP to HTTPS redirect enabled by default.
  6. PHP-FPM & Apache Tweaks:
    Services improvements will give you more reliability with restarts. PHP engines supplied with Plesk contain popular PHP extensions like sodium, exif, and fileinfo.

It is worth mentioning that, starting with Plesk Obsidian, Plesk is announcing a monthly release cycle in order to always deliver value through secure and stable software to our Partners and Customers. Once you upgraded to Plesk Obsidian and allowed automatic updates through Plesk Server settings, you will always and automatically be on the latest version of the software. See below a complete comparison between Onyx and Obsidian – the complete list of arguments about why to upgrade:

Plesk Onyx vs Plesk Obsidian

Plesk Onyx vs Plesk Obsidian INFOGRAPHIC

Check more podcasts

Acronis and ZNetLive join forces to offer new security solution

Acronis and ZNetLive join forces to offer new security solution - Plesk

Our partners Acronis and ZNetLive have just teamed up to create a stronger, more accessible cybersecurity solution for users. ZNetLive is India’s largest cloud distributor, having 17 years experience under their belt and customers in 70+ countries. They have now partnered with Acronis, leading security provider with innovative backup and recovery solutions, file sync for enterprises – plus share solutions for both small and larger businesses. Check out the Acronis backup extension, available to Plesk users.

Reasons behind the Acronis ZNetLive Partnership

The main goal for this relationship is to optimize ZNetLive’s partner network and bring Acronis services to small businesses. There is a clear need for each customer to have complete security, powered by AI, with effective ransom blocking. ZNetLive has a leading service in India and with Acronis, they will make huge steps in providing useful tools to a bigger community.

Together, they will give their partners the key skills and solutions to enhance their customers’ protection. Munseh Jadoun, CEO at ZNet Technologies, has talked about feeling motivated to work with Acronis and their security solutions. Whereas, Neil Morarji, Acronis GM, believes this partnership will increase demand in the Indian market.

ZNetLive, Acronis and Plesk

Plesk Onyx is an add-on service which works with ZNetLive’s Cloud VPS and Dedicated Servers, Cloud hosting as well as WordPress hosting, Microsoft Azure and AWS cloud. Also, ZNetLive works with a dedicated Plesk Bundle to help enterprises streamline their IT administration. This combination allows you to stay on top of the most innovative web technologies.

Meanwhile, the Acronis backup extension is available in Plesk too and enables reliable cloud backup for Plesk web hosting servers. Hosters using Plesk can protect entire servers, including all the customer websites they contain. Thus reducing demands on the server and network.

Furthermore, all Plesk administrators can backup on-demand, choose how often to backup, where to store backup data and check recover activity. You can also change your service plans within Plesk, enable or disable self-service recovery, and create a premium backup and disaster recovery service for your customers.

Both ZNetLive and Acronis are top enterprises in the cloud server and security environment. And we at Plesk feel proud of this agreement and the key benefits it will bring customers.

Is this partnership beneficial to you? Tell us in the comments.

Become a Plesk Partner Too

Plesk Partners like ZNetLive get to enjoy a host of benefits from our Partner program. Including exclusive discounts and resources, exposure, support and consultations from our dedicated Partner Success Team, and much more. On the other hand, Acronis teamed up with us to bridge the gap of additional backup solutions for Plesk users. And so developed a Plesk extension to incorporate it into our platform. If you too feel like you can contribute and develop for Plesk, click below and talk to one of our experts.

CloudLinux (Imunify360) Explain Why We Need New Security Strategies

CloudLinux say we need new security strategies - Plesk

Today’s hackers are widening their scope of threats and creating deeper, harmful impacts. We all need our platforms safe if we want to stay in business. However, organizations tend to cut costs by not hiring full-time security analysts, taking the DIY-approach instead. Thus opening up a can of risks.

Since software, and the attacks it exposes, are always evolving, it’s impossible to keep security policies relevant and reliable. Resulting in compromised websites, unmaintainable systems, a floundering reputation – and ultimately, plunging profits.

Common Characteristics of Cyber Crime Today

Common characteristics of cybercrime today - Server Security

According to many security experts, this is what today’s cyber crime landscape looks like:

  • Scale: Through automation, hacking attempts are now much broader in their attack surface and more prolonged in their duration.
  • Knowledge: Hackers take advantage of dedicated communication channels and share vulnerabilities info. Many vulnerabilities are unknown to both the software vendors and the website owners.
  • Adaptability: Hacking tools and techniques evolve faster than the defenses designed to protect against them. And hackers are customizing attacks for specific website platforms, exploiting specific vulnerabilities.
  • Cost: Hacker communities don’t just steal a company’s data and hijack their resources. They also adopt a company’s corporate mindset and try to lower hacking costs and risks.

If we want to avoid making cybersecurity a full-time fight, we need defense strategies that directly address the above factors.

Layered Security: The Suggested CloudLinux Strategy

What CloudLinux wanted was to regain control of security and make it manageable for Linux hosters and website owners. Hence, discarding previous failed strategies and replacing them with more effective tactics, better suited to battle these new hacking trends.

With layered security, a stack of security components protects against different vectors of attack with specialized software modules. Together implementing a more effective ‘security funnel’ kind of situation.

Layered Security - CloudLinux Cyber Security strategy 2019 - Plesk

Why Layered Security?

Modern security solutions use this multi-layer model because of its wide coverage and the fact that it’s adaptive. System operators can individually fine-tune each layer according to their profile, server specs and compliance needs. Meanwhile, website operators no longer need to constantly reevaluate their security defense posture and upgrade their cybersecurity suite. Instead, they can use their time and money to further develop their businesses and meet their customers’ needs.

Imunify360 in Plesk: Key features & Updates

Imunify360 is a scalable solution with a cybersecurity approach that builds on the industry’s solid and reliable components and protocols. Their technologies improve detection rates, simplify management, and offer opportunities to enhance revenues for hosters and web professionals. Here’s a run-down of the key Imunify360 components.

Imunify360 in Plesk: Firewall, IDS/IPS, anti-malware, antivirus, patching, backup/restore

1. Firewall / WAF

Builds on the strength and reliability of ModSecurity and OSSEC, enhanced by human and machine-learned rules. There’s automated IP block list management to ease your workload, regardless of how many addresses there are. And Individual IP address blocking uses the familiar allow/deny lists model extended by a gray list – where blocked IPs go.

The system only unblocks gray IPs when a human visitor from an HTTP/HTTPS passes a CAPTCHA – thus whitelisting them. However, only admins can manually add entries to a local gray list, reducing false positives and unblock requests for support.

Bulk setting large numbers of IPs is quick and painless. To defend against brute-force attacks, Imunify360 adds to OSSEC’s Active Response which can even detect specific ports under attack, and block them.

2. Intrusion Detection Systems (IDS) & Intrusion Protection Systems (IPS)

These security components inspect traffic for signs of malicious intent, stopping it at source before it can do harm. Imunify360 uses its unique Proactive Defense to scan PHP for malicious code via de-obfuscation and behavior-analysis techniques. In order to work out which requests are authentic, while keeping false positive rates as low as possible.

In the case of malware, Blamer traces the source and method of infiltration. Eventually, armed with this information, Imunify360 will become even more effective at blocking attacks.

3. Anti-malware/antivirus

Imunify360/ImunifyAV automatically or manually scans new, modified, and uploaded files for malware and viruses – for free. Then, you can choose to automatically delete, quarantine or get a warning about malicious content. You’ll be able to perform scheduled scans in the upcoming Imunify360 4.1 version. ImunifyAV+ (premium) also includes one-click cleanup.

4. Patch Management

The main cause of security breaches is outdated software. In fact, unpatched vulnerabilities in software packs leave servers wide open. So you have to patch them asap. However, this takes time and effort, and often, patches need a system restart to activate, which could cause service interruptions.

But Imunify360 actually solves this. Firstly, with HardenedPHP, which patches new vulnerabilities and lets you safely run apps on older, unsupported PHP versions. And secondly, KernelCare, which automatically patches Linux kernels “live” – without rebooting and downtime. Essential since the kernel is the most important Linux system part, handling core functionality which all other apps rely on.

5. Reputation Management

When a website is victim of an attack, Google Safe Browsing blocks it, resulting in you losing traffic and revenue. Because the site is not indexed anymore. So this Imunify360 feature informs you of the Google-block and helps you unblock and restore it.

6. Backup and Restore

File backup brings you peace of mind because of its ability to help you recover from malware infection. Because a backup/restore feature like in Imunify360 (Acronis or CloudLinux) quickly restores your files to their pristine condition.

Fighting cybercrime together

The role of Linux servers has grown as a result of e-commerce growth in the last decade. But Cyber-crime has grown in parallel and puts legit business operations in danger with its sophistication and reach. The only solution is fighting fire with fire; use the same tools hackers are using. Get Linux server protection that is complete and dynamic.

#6 reasons why you need to update Plesk now

Six reasons why you need to upgrade your Plesk today - Plesk

After New Year, I was sitting in an airport cafe far from home and work, waiting to board. Suddenly, my meditative state of mind was interrupted by two IT-looking guys who, I guess because of my branded hoodie and backpack, asked me if I worked for Plesk. So naturally we got to talking and it turned out that they worked in a small firm using Plesk to manage web projects. As I was the first company employee they had encountered, I ended up listening to their piled-up claims against Plesk.

The same old excuses

It was clear they used an outdated version – Plesk 17.0 on a CentOS server. And their argument for this was the same old “If it’s not broke, don’t fix it”. They bought, launched, configured, and started using. They feared the latest version carried unnecessary problems as new products offer not only new functions, but also new bugs. Because of this, some don’t take the risk. Others don’t know how to update Plesk properly; and others have no clue that new versions are available.

Mind you, I can understand these reasons for not updating, however, they don’t outweigh the advantages of using the latest product versions. Luckily there was still plenty of time until my boarding announcement, so I started argument by going through their complaints.

Reason #1: Better Backup Storage

Reasons to update your Plesk - better backup and cloud storage - Plesk
To create and store backups in cloud storage, just install the corresponding extensions.

It’s essential for them to have a stable, reliable backup system to work on their web projects. The guys mentioned using a remote FTP server for this, however, it was unstable and they sometimes had issues during backing up or restoration. FTP server service and maintenance also required extra resources. So, I prepared my first argument – that with the latest Plesk, they could use cloud storage for backups.

Not just any cloud providers either, but industry giants like Amazon, Google, Microsoft, or even DigitalOcean. They tick off important criteria like security, redundancy, affordability and flexibility. They can easily set up scheduled backups and store them at one time in Google Drive and at another in Amazon S3. So they no longer need to spend resources on their FTP server for storing backups. However, the guys still shook their heads so I went on to my next reason.

Reason #2: Improved Website and Server Performance

“Do you find your websites’ performance important?” I asked, “And what are you currently doing to speed things up?” The guys eagerly explained how they spend all their working hours on that. Tinkering with the server via CLI, picking the required parameters, testing various caching-speeding plugins, and so on. They were really impressed when I told them that they could turn on effective nginx caching in Plesk with just one click and fine-tune. “And if that’s not enough”, I told them, “visit our Extensions Catalog and install Speed Kit – a complete solution for speeding up websites.”

6 reasons to update your Plesk - enable nginx caching
To turn on and configure nginx caching, go to Apache & Nginx Settings of your subscription.
6 reasons to update plesk - turn on nginx caching - Plesk
If you have a WordPress website, then you can turn on nginx caching with just one click.

Reason #3: Finding the important bearded owl

I had to talk about Plesk’s new best friend: the Advisor. The intelligent Adviser-owl recommends ways to improve performance of your Plesk server, without being annoying.  Once you achieve all-round security, you level up to the bearded owl. The other party was so interested I had to open the laptop with my own Plesk server so they could see.

6 reasons to update plesk onyx - screenshot-5 - install advisor extension
Install the Advisor extension and start getting helpful recommendations for your server at once.
6 reasons to update Plesk Onyx - screenshot-4 - the real bearded owl - Advisor

Reason #4: The Self-Repairing Feature

To further prove how the latest Plesk outshines their outdated version, I revealed the new self-repairing feature. This lets you repair Plesk by yourself right from a browser window, without having to connect to the server via SSH. Handy if you don’t have SSH access. And there’s the long-awaited process list that helps identify and manage the processes consuming the most system resources. So, before going to Plesk Support, you can launch Repair Kit to perhaps fix an issue yourself.

6 reasons to update your Plesk - screenshot-6 - How to access Plesk Repair Kit - Plesk
Go to https://domain.tld:8443/repair to access Repair Kit where you can try to get your server back to work.
6 reasons to update your Plesk - screenshot-7 - Find and fix server issues yourself with Plesk Repair Kit - Plesk
With the Repair Kit extension, you can check your server for errors and issues and then fix them.
6 reasons to update your Plesk - screenshot-8 - see what consumes server CPU & Ram with Plesk Repair Kit - Plesk
If you want to know what consumes CPU and RAM on your server, go to Repair Kit’s process list

Reason #5: You’re always up-to-date

Another thing – if their projects grew, sooner or later they would need new, high-demand features, solutions, and technologies. Serious updates of third-party components are always implemented in the latest versions of Plesk on a clean OS. Operating systems on which Plesk is installed also have their own life cycles. So older OS versions stop supporting Plesk over time, as well as outdated versions of third-party components.

Our conversation had become a one-man show, with the guys listening attentively. It was time to finish on a high. So I said that Plesk wants all users to get the best out of the product. From increased reliability to security innovations and implementation of new demanded features. For this to happen, we occasionally stop supporting old Plesk versions.

Lastly – there’s nothing complicated to update Plesk. And once you do, you get access to all the cool, new features our team worked so hard to roll out.

Reason #6: All the latest features and more

I asked if they had seen how powerful and convenient the new WordPress Toolkit became.  And SSL – which offers access to kickass features like “Keep domain secured” HSTS management. Our community, documentation, and support will always help you update and explore new opportunities. Moreover, according to our technical support data, the update from versions 17.0 and 17.5 to 17.8 goes very smoothly and Support requests are very rare.

Finally, I said, “if I was not persuasive enough, trust your peers – the Plesk server-owners. Because 41% of all Plesk Onyx 17.0 and 17.5 instances have already updated by their owners to version 17.8. Also, there are currently 61% of all Plesk servers on Plesk Onyx 17.8. Also, 80% of all new installations are Plesk Onyx 17.8.”

I could see that my recent acquaintances were satisfied and ready to update their server as we said goodbye and went towards our gates. I hope I can persuade you too that using the latest Plesk versions is the right choice for your business.