August 28, 2014 at 12:19Parallels Plesk 12: here's a new twist
This year we have expressed our opinion several times that the traditional hosting market is unlikely to be able to live as before (for example, here and on Habré) It would be strange if we ignored these trends when developing our own products. Therefore, the new version of Parallels Plesk 12.0 (software for managing everything related to the web - domains, sites, mailboxes, DNS, etc.) was made taking into account the new reality, where the time of exclusively price wars among hosters has already passed. Today, value-added solutions aimed at individual segments of the audience begin and win on the market, rather than standard VPS or shared hosting packages, as before. So, according to Netctaft, those who create offers in the field of web hosting for different target audiences have increased their market share from 5 to 51% over the past 3 years.
Based on this trend, we divided the product into 4 different “editions” - for web admins, web developers, web studios and hosters, each of which now has its own set of tools and features. Which ones - under the cut. We would like to know what tools for your scripts you personally lack.
Another picture from the photo bank, you thought, right? Not certainly in that way. For example, one of the people depicted here devoted a lot of hours explaining to us how their WordPress business works. Guess which one?
We divided Parallels Plesk 12 product audience into 4 groups, each with its own special needs:
• Web admins. They included the admins of their own sites and blogs, as well as those who work with the websites and mail of their company or client. As a rule, they don’t need a wide variety of tools (respectively, they are not ready to overpay for them), but the simplest interface is necessary.
• Web developers. Working both for themselves and for customers, independently hosting their web applications and games. They also do not require a large number of options, since more often they deploy only one application on one web server, but in the case of working with clients, there is a need for the latter to access the developed product.
•Web studios / digital agencies. Usually create a lot of sites on their own or based on CMS. Good agencies often score dozens of sites, but usually do not exceed a hundred. Hence the need for convenient tools that can both accurately tune one site to the needs of a particular project and manage sites en masse.
• Hosters. Here it’s clear - traditional shared hosting for a large (or even huge) number of users and the need for appropriate tools for resource allocation.
Each group has its own "edition" of the product ("edition"). All editions are based on a common distribution, but the functions in them are different, and they are determined by a license key. On the one hand, this allows you to offer each group the functions it needs without overloading people — well, why does the website owner have to use some resellers on their own VPS… And on the other hand, it allows making “simplified” editions cheaper.
Of course, all the basic functions are available to everyone - create a database, upload files, tweak PHP settings ... But for each group, in addition to this, we wanted to find something useful specifically for it.
For web admins: Plesk Web Admin edition
• The simplest edition is the minimalism and simplicity of the interface, plus a low price
• A nice bonus - the control panel is fully compatible with browsers of tablets and smartphones. Wherever and whenever you need to fix something - all (!) Functions of the panel are available in a convenient form.
For web developers: Plesk Web App Edition
• Everything above plus:
• While the developer himself can use the so-called Power User interface to configure the server, site and applications, for his customers he can turn on the simplified interface (Custom View), where they will only have the most necessary functions (say, create a mailbox). The customer is less confused, the server is less likely to suddenly break.
• Additional tools for developers (support for PgSQL, MS SQL, Tomcat, ColdFusion).
For web studios: Plesk Web Pro edition
• Everything above is a plus:
• Ability to create and manage multiple accounts.
• WordPress Management Tool (WordPress Toolkit) for sites on this CMS.
For hosters: Plesk Web Host Edition
• Everything above, plus:
• Full access to all administration tools, including user, subscription and reseller management
• Reduced price for VPS
In short, all editorial options can be tabulated
Of course, the new version also has major innovations that affect all or most of the listed editions. About them in order - below.
Working with all kinds of attacks on sites and servers, unfortunately, has long become a sad necessity. There are quite a lot of solutions of various kinds, and for a long time we have chosen what to take to protect sites and web applications. The main criterion for the choice was their universality - in the matter of security, community trust plays a very important role. Of the solutions running on the server itself, they eventually settled on Fail2ban and ModSecurity.
Fail2Ban provides a cut-off of “annoying” visitors through a temporary ban in the firewall. Typical scenario - the bot tries to find the password according to the dictionary. This system protects SSH, FTP, web and mail services, as well as the Parallels Plesk panel itself.
ModSecurity is a kind of firewall for web applications, focused on protection against penetration through well-known or recently discovered vulnerabilities. The mechanism of its work is a cut-off of requests to the site, which contain signs of intrusion. The simplest example is that they try to pass SQL code (the so-called SQL injection) in the query.
It should be noted that ModSecurity is not valuable in itself, but only with a reliable provider of rules for it. Three rule providers are known today:
• Core ModSecurity (free)
• Comodo (free)
• Atomic (commercial)
Of course, Plesk supports all three. Atomic is considered the best (they sometimes manage to update the rules twice a day to protect against new holes). A special feature is that they supply free quality rules for Plesk (and only for Plesk), albeit limited in comparison with the commercial version.
The free rules from Core ModSecurity, unfortunately, are famous for excessive cruelty, and a test mode is provided for using them - when triggers are reported to the user, but visitors are not blocked.
ModSecurity is currently only supported for Apache / Linux, but we very much hope to further expand support for both Nginx / Linux and MS IIS / Windows.
For external site protection, an integrated solution from ServerShield CloudFlare is offered. You don’t really need to configure anything here - just the traffic will be redirected to the CloudFlare servers, filtered there according to their algorithms and returned back. For the correct accounting of visitors, you can set mod_cloudflare through the plesk auto-installer.
WordPress is known as the # 1 CMS system in the world for building sites, and has long ceased to be just a "blog". Many studios create client sites based on WordPress. This demand could not be ignored - the WordPress Toolkit appeared. It allows you to massively update sites on WordPress, install and update themes and plugins, provides recommended security settings.
For example, if users themselves are in no hurry with updates, there is an opportunity to warn / hurry and force updates to all sites forcibly if necessary. The plugins themselves can do some of the proposed (but without mass use - one installation at a time), but in the protection sphere we took care of the capabilities and automation that WordPress plugins do not have, but there are only textual recommendations. For example, it’s difficult for plugins to change permissions on the file system, but for Plesk it’s not at all difficult. Settings are divided into safe recommended and additional, which can potentially break some plugins. The decision is made by the admin.
Few things can create more headaches for the administrator than blocking their server for spamming. This does not mean that you sent spam and suffered for the matter - spam is usually sent by bots that have access to the server in one of three ways:
• stolen email accounts
• web scripts for mass spam sending - a spoiled Trojan script to the site
• hacked system accounts ( linux shell)
We mark each letter to bind which of your users sent it, and then calculate the limits for the mailbox, domain (including all mailboxes and domain websites) and at the client account level (including all mailboxes and web customer subscription sites). If the limit is exceeded, the sender is temporarily blocked. And the source of spam can be easily found using Plesk reports and notifications. Statistics and reports on attempts to exceed the limits during the specified period are available for different objects - mailboxes, domains, subscriptions. The report will contain information on the number of objects that tried to exceed the limit, their list and a description of each specific object for the selected period. Statistics can be requested for at least every hour. In addition to the notification in the control panel,
• Those who want to place mail not on their server, but on Gmail, Exchange or another external system, can now disable local mail for any domain so that, so to speak, it does not interfere.
• The capabilities of mass mailbox management have been greatly expanded.
• Eliminated the need to keep open relay on localhost for your own mailings - minus one spam channel.
• Added support for Dovecot in addition to the already old Courier-IMAP. We expect more stable IMAP / POP3 + functionality for server-side mail sorting rules.
• If the server is still banned for spam, you can quickly change the IP used to send mail.
• The user interface and the Power User admin interface (which is tabbed) now works fine on mobile browsers. Adapts to almost any screen size in an optimal way.
• In both interfaces (user and admin), you can see all your domains, subdomains, aliases, etc. from all subscriptions at once (they are also “web spaces”), on one page.
• Optional simplified interface for resellers (the same as for customers)
• Administrators can perform various operations with reseller accounts on behalf of resellers.
• An administrator can turn a customer into a reseller and vice versa, as well as move customers between resellers.
• All users (administrators, resellers, customers) can leave descriptions in Plesk for domains and mailboxes. Administrators and resellers can also leave descriptions for subscriptions and customers. Of course, none of them sees descriptions left by a higher link
• Ability to restore from a backup any single fragment - up to a single file or mailbox.
• New utility for migration (“migrate"): allows you to easily develop your own scripts for migrating according to your own rules (for example, in parts).
• Improved and advanced SDK.
• Support for new OS - OpenSuSE 13.1, Ubuntu 14.04, RHEL 7, CentOS 7.
• Significantly expanded SDK and API for the development of integrations.
• A portal for third-party extensions to Plesk has been launched - they can be viewed and installed directly from the panel. The list can be found at http://ext.plesk.com
Only 2 months after the release - there are already about 30 extensions with a variety of functions. Saving backups to Dropbox , an external DNS server , support for LiteSpeed (commercial fast web server), two-factor authorization via Clef , etc., and more.
• Several times accelerated the creation of a new account on multi-domain servers for shared hosting.
• Greatly accelerated the creation of an FTP account and other file operations on large sites (with a large number of files).
• A pool of individual IIS for subscription.
• All logs are collected in the / var / log / plesk folder to simplify problem analysis and training of technical personnel. Folders are also created in one place to collect different types of collection - logs on migration through the Plesk Migration Manager - in / var / log / plesk / PMM, on the installation of Plesk - in /var/log/plesk/install/*.log.
This, of course, is not all that we came up with, or you suggested (including through the portal plesk.uservoice.com , which we already wrote about on Habré ): you tried to limit yourself to the most interesting. A complete list of everything can be found here:
By the way, if the correlation between what users asked in the new Plesk and what appeared is interesting, here is the data: at 12.0, in the form of functions or extensions, there were 27 offers that you announced at plesk.uservoice.com , including 8 out of 10 most popular offers at that time.
You can download Parallels Plesk 12 here: http://sp.parallels.com/en/products/plesk/download/ , as well as our colleagues at Infobox (there is an action with a free opportunity to test the new version.
We are waiting for your comments.
Based on this trend, we divided the product into 4 different “editions” - for web admins, web developers, web studios and hosters, each of which now has its own set of tools and features. Which ones - under the cut. We would like to know what tools for your scripts you personally lack.
Another picture from the photo bank, you thought, right? Not certainly in that way. For example, one of the people depicted here devoted a lot of hours explaining to us how their WordPress business works. Guess which one?
Editorial
We divided Parallels Plesk 12 product audience into 4 groups, each with its own special needs:
• Web admins. They included the admins of their own sites and blogs, as well as those who work with the websites and mail of their company or client. As a rule, they don’t need a wide variety of tools (respectively, they are not ready to overpay for them), but the simplest interface is necessary.
• Web developers. Working both for themselves and for customers, independently hosting their web applications and games. They also do not require a large number of options, since more often they deploy only one application on one web server, but in the case of working with clients, there is a need for the latter to access the developed product.
•Web studios / digital agencies. Usually create a lot of sites on their own or based on CMS. Good agencies often score dozens of sites, but usually do not exceed a hundred. Hence the need for convenient tools that can both accurately tune one site to the needs of a particular project and manage sites en masse.
• Hosters. Here it’s clear - traditional shared hosting for a large (or even huge) number of users and the need for appropriate tools for resource allocation.
Each group has its own "edition" of the product ("edition"). All editions are based on a common distribution, but the functions in them are different, and they are determined by a license key. On the one hand, this allows you to offer each group the functions it needs without overloading people — well, why does the website owner have to use some resellers on their own VPS… And on the other hand, it allows making “simplified” editions cheaper.
Dear Revision: Tools and Features
Of course, all the basic functions are available to everyone - create a database, upload files, tweak PHP settings ... But for each group, in addition to this, we wanted to find something useful specifically for it.
For web admins: Plesk Web Admin edition
• The simplest edition is the minimalism and simplicity of the interface, plus a low price
• A nice bonus - the control panel is fully compatible with browsers of tablets and smartphones. Wherever and whenever you need to fix something - all (!) Functions of the panel are available in a convenient form.
For web developers: Plesk Web App Edition
• Everything above plus:
• While the developer himself can use the so-called Power User interface to configure the server, site and applications, for his customers he can turn on the simplified interface (Custom View), where they will only have the most necessary functions (say, create a mailbox). The customer is less confused, the server is less likely to suddenly break.
• Additional tools for developers (support for PgSQL, MS SQL, Tomcat, ColdFusion).
For web studios: Plesk Web Pro edition
• Everything above is a plus:
• Ability to create and manage multiple accounts.
• WordPress Management Tool (WordPress Toolkit) for sites on this CMS.
For hosters: Plesk Web Host Edition
• Everything above, plus:
• Full access to all administration tools, including user, subscription and reseller management
• Reduced price for VPS
In short, all editorial options can be tabulated
Key New Features
Of course, the new version also has major innovations that affect all or most of the listed editions. About them in order - below.
New Security Tools
Working with all kinds of attacks on sites and servers, unfortunately, has long become a sad necessity. There are quite a lot of solutions of various kinds, and for a long time we have chosen what to take to protect sites and web applications. The main criterion for the choice was their universality - in the matter of security, community trust plays a very important role. Of the solutions running on the server itself, they eventually settled on Fail2ban and ModSecurity.
Fail2Ban provides a cut-off of “annoying” visitors through a temporary ban in the firewall. Typical scenario - the bot tries to find the password according to the dictionary. This system protects SSH, FTP, web and mail services, as well as the Parallels Plesk panel itself.
ModSecurity is a kind of firewall for web applications, focused on protection against penetration through well-known or recently discovered vulnerabilities. The mechanism of its work is a cut-off of requests to the site, which contain signs of intrusion. The simplest example is that they try to pass SQL code (the so-called SQL injection) in the query.
It should be noted that ModSecurity is not valuable in itself, but only with a reliable provider of rules for it. Three rule providers are known today:
• Core ModSecurity (free)
• Comodo (free)
• Atomic (commercial)
Of course, Plesk supports all three. Atomic is considered the best (they sometimes manage to update the rules twice a day to protect against new holes). A special feature is that they supply free quality rules for Plesk (and only for Plesk), albeit limited in comparison with the commercial version.
The free rules from Core ModSecurity, unfortunately, are famous for excessive cruelty, and a test mode is provided for using them - when triggers are reported to the user, but visitors are not blocked.
ModSecurity is currently only supported for Apache / Linux, but we very much hope to further expand support for both Nginx / Linux and MS IIS / Windows.
For external site protection, an integrated solution from ServerShield CloudFlare is offered. You don’t really need to configure anything here - just the traffic will be redirected to the CloudFlare servers, filtered there according to their algorithms and returned back. For the correct accounting of visitors, you can set mod_cloudflare through the plesk auto-installer.
Built-in WordPress Management Tools
WordPress is known as the # 1 CMS system in the world for building sites, and has long ceased to be just a "blog". Many studios create client sites based on WordPress. This demand could not be ignored - the WordPress Toolkit appeared. It allows you to massively update sites on WordPress, install and update themes and plugins, provides recommended security settings.
For example, if users themselves are in no hurry with updates, there is an opportunity to warn / hurry and force updates to all sites forcibly if necessary. The plugins themselves can do some of the proposed (but without mass use - one installation at a time), but in the protection sphere we took care of the capabilities and automation that WordPress plugins do not have, but there are only textual recommendations. For example, it’s difficult for plugins to change permissions on the file system, but for Plesk it’s not at all difficult. Settings are divided into safe recommended and additional, which can potentially break some plugins. The decision is made by the admin.
Manage email accounts and spam
Few things can create more headaches for the administrator than blocking their server for spamming. This does not mean that you sent spam and suffered for the matter - spam is usually sent by bots that have access to the server in one of three ways:
• stolen email accounts
• web scripts for mass spam sending - a spoiled Trojan script to the site
• hacked system accounts ( linux shell)
We mark each letter to bind which of your users sent it, and then calculate the limits for the mailbox, domain (including all mailboxes and domain websites) and at the client account level (including all mailboxes and web customer subscription sites). If the limit is exceeded, the sender is temporarily blocked. And the source of spam can be easily found using Plesk reports and notifications. Statistics and reports on attempts to exceed the limits during the specified period are available for different objects - mailboxes, domains, subscriptions. The report will contain information on the number of objects that tried to exceed the limit, their list and a description of each specific object for the selected period. Statistics can be requested for at least every hour. In addition to the notification in the control panel,
Email Account Management
• Those who want to place mail not on their server, but on Gmail, Exchange or another external system, can now disable local mail for any domain so that, so to speak, it does not interfere.
• The capabilities of mass mailbox management have been greatly expanded.
• Eliminated the need to keep open relay on localhost for your own mailings - minus one spam channel.
• Added support for Dovecot in addition to the already old Courier-IMAP. We expect more stable IMAP / POP3 + functionality for server-side mail sorting rules.
• If the server is still banned for spam, you can quickly change the IP used to send mail.
Interface
• The user interface and the Power User admin interface (which is tabbed) now works fine on mobile browsers. Adapts to almost any screen size in an optimal way.
• In both interfaces (user and admin), you can see all your domains, subdomains, aliases, etc. from all subscriptions at once (they are also “web spaces”), on one page.
Reseller and Subscription Management
• Optional simplified interface for resellers (the same as for customers)
• Administrators can perform various operations with reseller accounts on behalf of resellers.
• An administrator can turn a customer into a reseller and vice versa, as well as move customers between resellers.
• All users (administrators, resellers, customers) can leave descriptions in Plesk for domains and mailboxes. Administrators and resellers can also leave descriptions for subscriptions and customers. Of course, none of them sees descriptions left by a higher link
General technical updates
• Ability to restore from a backup any single fragment - up to a single file or mailbox.
• New utility for migration (“migrate"): allows you to easily develop your own scripts for migrating according to your own rules (for example, in parts).
• Improved and advanced SDK.
• Support for new OS - OpenSuSE 13.1, Ubuntu 14.04, RHEL 7, CentOS 7.
Integration
• Significantly expanded SDK and API for the development of integrations.
• A portal for third-party extensions to Plesk has been launched - they can be viewed and installed directly from the panel. The list can be found at http://ext.plesk.com
Only 2 months after the release - there are already about 30 extensions with a variety of functions. Saving backups to Dropbox , an external DNS server , support for LiteSpeed (commercial fast web server), two-factor authorization via Clef , etc., and more.
New for Windows
• Several times accelerated the creation of a new account on multi-domain servers for shared hosting.
• Greatly accelerated the creation of an FTP account and other file operations on large sites (with a large number of files).
• A pool of individual IIS for subscription.
New for Linux
• All logs are collected in the / var / log / plesk folder to simplify problem analysis and training of technical personnel. Folders are also created in one place to collect different types of collection - logs on migration through the Plesk Migration Manager - in / var / log / plesk / PMM, on the installation of Plesk - in /var/log/plesk/install/*.log.
This, of course, is not all that we came up with, or you suggested (including through the portal plesk.uservoice.com , which we already wrote about on Habré ): you tried to limit yourself to the most interesting. A complete list of everything can be found here:
By the way, if the correlation between what users asked in the new Plesk and what appeared is interesting, here is the data: at 12.0, in the form of functions or extensions, there were 27 offers that you announced at plesk.uservoice.com , including 8 out of 10 most popular offers at that time.
You can download Parallels Plesk 12 here: http://sp.parallels.com/en/products/plesk/download/ , as well as our colleagues at Infobox (there is an action with a free opportunity to test the new version.
We are waiting for your comments.