(Apr 26) An update for rh-mysql56-mysql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
(Apr 26) An update for apr is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, Red Hat Enterprise
The looming General Data Protection Regulation (GDPR) has stirred up much commotion. But now the countdown is on as it goes into effect May 25, 2018. Are we ready for it? You bet.
For all our EU-based customers, partners and friends, we know you need full disclosure on what Plesk is working on for full GDPR-compliance. So read on to see how this will impact you and your relationship with Plesk going forward.
The GDPR is the EU’s new data protection law, coming about to regulate how businesses, like Plesk, obtain and use your personal data. It will override the former EU Data Protection law – which was, by the way, over 20 years old! Thus, being better able to conform to the ever-evolving web and business world. You can find the full official GDPR text here.
No, don’t worry, guys! This does not mean we’ve been doing anything fishy so far. It just means that we’ll work hard to fill in any gaps and improve how we handle your information. The goal is to become fully-compliant well before the May 25-deadline.
For users and resellers, using Plesk is GDPR-friendly as we don’t collect much personal data. The only two instances are:
To be GDPR-friendly, we need to adhere to our customers’ individual right to:
The two elements of the GDPR most relevant to us at Plesk :
Informed Consent:
Per the GDPR, we’ll ask for your consent to collect and process your personal data, in an explicit and verifiable way. And with clear information on the why and what.
We chose to do this via a double opt-in system for our subscriptions. So you’ll agree to terms and subscriptions separately and in a more clear way. There will also be a way to manage/revoke your consent in our systems. Every email has a link at the bottom to access your subscription settings. You may opt-in (or out) of one (or all) newsletters at any time.
New Individual Rights:
The regulation includes the “right to be forgotten” – so an option to be taken off any mailing list at any time. And to have your data cleared when that happens.
And one step further, “data portability” – that you have the right to request your data at any time. In an easy-to-read and transferable format.
Here’s an overview of what Plesk is doing for GDPR compliance. Check out what we’ve actioned so far – with more to come soon. Keep calm, we’ll be done with the updates in time. We’re just sharing our team’s progress with you all.
Less Personal Data (Updated April 26, 2018)
We no longer collect unnecessary personal data from Key Administrator and Partner Central services. So client and reseller accounts will no longer require a Phone number, Fax, Address, City, State/Province, ZIP/Postal Code. We used generic Plesk data instead and ran tests successfully. No partners will be affected by this change.
Data mapping:
We documented which personal data we collect, how, where and why we store it. We’ve then mapped out a GDPR plan of action, based on this research.
Unsubscribe Option:
We already had an unsubscribe link in place for every news or marketing email we sent out. Just wanted to tick that off, because we like ticking list items.
New Privacy Policy for Plesk University:
We created and released this comprehensive information, outlining what data we collect – the why, how and with whom we share it. Then how you can access, update, or erase your personal info.
Plesk University Data:
We informed users who didn’t review and accept the Plesk University Privacy Policy that from May 20, 2018, we’ll remove all personal data for which we have no explicit consent. Meaning user accounts along with course progress and certifications. Please provide required consent before May 20 if you’d like to preserve your Plesk University account and continue using it.
Registration Check Boxes:
We added a Privacy Policy check box to our registration form and into your Plesk University account properties. Registration in Plesk University now requires reviewing and accepting the Privacy Policy.
Promotional Check Boxes:
We also added a checkbox that allows you to opt-into our promotional emails and quarterly surveys. It’s available on the user registration form and in your Plesk University account properties.
We want to remind you that one of our core values at Plesk is a complete customer solution and user satisfaction. So know that this need for data privacy and security will remain at the forefront of our minds. From product changes and what we’re building, to security enhancements and legal documentation updates.
Meanwhile, we hope we’ve put your mind at ease about this hot topic. We know there’s a lot to read on this page and on GDPR in general. If you’re more the chatting type (we get it, lots of us are here), just drop us a line in the comments below or join the conversation on Facebook and Twitter.
The post How we’re moving towards full GDPR Compliance appeared first on Plesk.
We have great news! From today onwards, you can get detailed performance data of your Plesk web infrastructure and applications with the New Relic extension on Plesk. Read on to find out how this newly-updated, handy extension can benefit you, your infrastructure and applications.
Post updated on April 26, 2018
New Relic is an analytics software company that specializes in monitoring and analyzing web servers and web applications. With New Relic, you gain access to plenty of analytics tools to measure and monitor performance bottlenecks, throughput, network graph, server health and many more – all almost in real-time.
The New Relic Plesk extension seamlessly integrates with your Plesk server, and supports the two most important tools by New Relic:
Without a doubt, New Relic lands near the top of our must-have list for Web Professionals.
Monitors health and tracks capacity, memory or CPU consumption. The INFRASTRUCTURE component allows you to view and analyze critical system properties of your web server. This is a must-have product for monitoring important metrics such as CPU usage, physical memory, and running processes.
Once installed on the server, you will see all important data within minutes in your New Relic dashboard. You can create alerts to be informed if some metrics pass a critical condition.
Code level visibility for all your web applications. The APM (application performance monitoring) component delivers real-time, trending data and charts about your web application’s performance down to the deepest code levels.
If you have a performance problem with your application, then you don’t have to guess where the performance blockers are. APM supports 7 programming languages to analyze your web application source code, including PHP out-of-the-box. With the help of APM, you can determine whether the bottleneck is within your application, the web server or your database, helping you make quick decisions to enhance your user experience.
This extension integrates New Relic INFRASTRUCTURE and APM seamlessly into Plesk Onyx and Plesk 12.5. If you’re a developer, DevOp or software company – Use this Plesk extension to understand how your applications are performing in development and production environments.
Meanwhile, there are stress-testing services like Blitz, Stormforger or Loadstorm to simulate many website visitors. All while using New Relic to identify weak spots in your code.
Easy!
You’ll first, you need an account at New Relic to get your license key. But don’t worry, you can quickly sign up for a free account with basic functionality.
The INFRASTRUCTURE component is available for free, but the APM component requires a paid subscription. However, you can test APM for a limited time span with your free account.
You’ll find your New Relic license key in the “Account settings” in your New Relic profile. If you’re convinced of the power of APM, just upgrade to an ESSENTIALS or PRO subscription. Your license key will stay the same and you can use the full power of the Plesk extension.
You can specify a unique name that will be used as an ID within your New Relic profile. For example, you could use your domain name or hostname – whatever you like.
Install INFRASTRUCTURE: This option installs the INFRASTRUCTURE agent on your server.
Install APM: This option installs the APM agent for PHP on your server. To install the agent, you need to select the PHP versions your applications are using. This configures the APM agent properly in order to analyze requests handled by your applications.
The Operating Systems that this extension supports are:
We love open source! So we also released the New Relic extension in our official Plesk GitHub account in a public repository.
We’d be happy to see your valuable input and contribution. Feel free to create pull requests or add GitHub issues to contribute to this project. If you like it, give it a star 
Now, have fun and get rid of those annoying bottlenecks in your code!
The post New Relic – Application Performance Monitoring with Plesk appeared first on Plesk.
In the April 2018 survey we received responses from 1,783,239,123 sites across 214,513,048 unique domain names and 7,387,066 web-facing computers. This reflects a gain of 12.8 million sites and 53,500 computers, but a loss of 261,000 domains.
Microsoft dominated this month’s hostname growth, with 25.1 million additional hostnames bringing its leading market share up by 1.15 percentage points to 36.9%. Meanwhile, Apache lost 8.2 million sites and nginx lost 5.7 million.
Microsoft fared less well in most other metrics, however. Despite its large increase in hostnames, Microsoft’s domain count fell by 1.4 million, and it also suffered a loss of 5,360 web-facing computers and 51,300 active sites. Nonetheless, its presence within the top million sites grew by 517 sites.
nginx may have lost 5.7 million hostnames, but it showed the strongest growth in some of the most important metrics. This included a gain of 46,700 web-facing computers, 3.8 million domains, and an additional 4,280 sites in the top million. The noticeable uptick in nginx-powered domains this month has increased its market share of domains by 1.81 percentage points to 22.5%, leaving it only 3.5 points behind Microsoft. nginx has demonstrated fairly consistent domain growth since this metric was introduced in 2009, and if these trends continue, it could feasibly take second place from Microsoft within a year.
Apache suffered losses in every metric this month, including a loss of 3.0 million domains and 1.1 million active sites, along with 2,840 sites within the top million. Nonetheless, it maintains a comfortable lead in every metric except hostnames, where its 25.6% market share is 11.4 points behind Microsoft’s.
Some of the highest-traffic sites using Apache today include news website www.bbc.com; financial sites like www.xe.com and www.paypal.com; the Steam online gaming store at store.steampowered.com and its community forum at steamcommunity.com; and sites used by ad networks, like ads.pubmatic.com and c.betrad.com.
More than 450 million websites are currently using the Apache HTTP server, but this is not the only web server product offered by the Apache Software Foundation. The Apache Tomcat project provides an open source implementation of Java Servlet and JSP technologies, but its deployment is hard to quantify.
Tomcat is often used as a backend application server, with the Apache Tomcat Connectors project connecting it to other web-facing servers like Apache and Microsoft IIS. In many of these cases, Tomcat cannot be detected passively, although it may be possible to confirm its use during a web application security test – for example, by tricking the application into returning a Java stack trace.
Tomcat also includes its own native HTTP connector that allows it to be used as a standalone HTTP server, and these servers can be passively identified from their “Apache Tomcat” server headers. However, this is not a commonly used configuration: Only 10,300 websites exhibited the Apache Tomcat server header this month, and only 35 of these sites were ranked within the top million.
Several different versions of Apache Tomcat are available, depending which version of Java needs to be supported. Surprisingly, most Tomcat servers that are exposed directly to the internet are running Apache Tomcat 4.1.x, which has not been supported for several years. Actively maintained versions include 9.x, 8.5.x, 8.0.x and 7.x, although support for 8.0.x will end on 30 June 2018. The most recent versions of Apache Tomcat are 8.5.30 and 9.0.7, which were both released on 7 April.
The mainline branch of nginx has seen three new releases since last month’s survey. nginx 1.13.10 was released on 20 March 2018, and added a few new features including the ngx_http_grpc_module module, which allows requests to be passed to a gRPC server. nginx 1.13.11 was subsequently released on 3 April, followed by nginx 1.13.12 on 10 April. These releases include a few bug fixes and an improved proxy protocol feature.
nginx also announced the release of njs 0.2.0 on 3 April. njs implements a subset of the JavaScript language, allowing location and variable handlers to be used in nginx’s ngx_http_js_module and ngx_stream_js_module modules.
OpenLiteSpeed 1.4.31 (stable) and 1.5.0 RC3 were released on 11 April 2018. This open source server cannot be distinguished from the commercially available LiteSpeed Web Server, as both products use the same “LiteSpeed” server header. More than 12.5 million sites exhibit this header, across 13,600 web-facing computers.
Nearly 28 million websites are using Taobao’s nginx-based Tengine web server, but 74% are still running a version that was released several years ago, despite later releases including not just new features, but also security fixes. The most extensive user of Tengine 1.4.2 – which was released in November 2012 – is the Chinese cloud computing infrastructure service provider Aiyun Network.
Uptake of new Tengine releases is generally slow across the internet. The latest version, Tengine 2.2.2, was released on 26 January 2018, but only 262 sites are currently using it. Most of these sites are hosted by Internet Vision in Lithuania, while handfuls of other early adopters are hosted on low-cost cloud hosting platforms provided by Aliyun, DigitalOcean and Linode.
The poor uptake of newer releases could be partly caused by their lack of visibility on the Tengine website at tengine.taobao.org. The latest version that can be downloaded from the News section on the homepage is the 2.2.0 development version that was released in December 2016, followed by the 2.1.2 stable version from December 2015. Download links for the much-newer 2.2.1 and 2.2.2 releases can only be found on a separate download page.
Cloudflare’s migration to its new <b>cloudflare</b> server header is not yet over, with more than 10,000 websites still using the old <b>cloudflare-nginx</b> header. These account for less than 0.07% of all Cloudflare sites in the survey, so the migration is very close to completion.
Cloudflare recently increased the size of its European network to 41 cities, expanding its global network to 151 cities across 74 countries. Its highest data centre is 2.6 km above sea level in the city of Bogotá, Columbia.
| Developer | March 2018 | Percent | April 2018 | Percent | Change |
|---|---|---|---|---|---|
| Microsoft | 633,719,941 | 35.80% | 658,800,756 | 36.94% | 1.15 |
| Apache | 464,340,535 | 26.23% | 456,169,336 | 25.58% | -0.65 |
| nginx | 409,124,174 | 23.11% | 403,381,961 | 22.62% | -0.49 |
| 21,802,670 | 1.23% | 22,460,562 | 1.26% | 0.03 |
| Developer | March 2018 | Percent | April 2018 | Percent | Change |
|---|---|---|---|---|---|
| Apache | 76,398,184 | 43.03% | 75,298,051 | 42.41% | -0.62 |
| nginx | 37,321,104 | 21.02% | 37,478,429 | 21.11% | 0.09 |
| 13,684,777 | 7.71% | 14,159,867 | 7.97% | 0.27 | |
| Microsoft | 11,986,413 | 6.75% | 11,935,138 | 6.72% | -0.03 |
For more information see Active Sites
| Developer | March 2018 | Percent | April 2018 | Percent | Change |
|---|---|---|---|---|---|
| Apache | 366,272 | 36.63% | 363,431 | 36.34% | -0.28 |
| nginx | 237,588 | 23.76% | 241,869 | 24.19% | 0.43 |
| Microsoft | 93,016 | 9.30% | 93,533 | 9.35% | 0.05 |
| LiteSpeed | 14,465 | 1.45% | 14,676 | 1.47% | 0.02 |
| Developer | March 2018 | Percent | April 2018 | Percent | Change |
|---|---|---|---|---|---|
| Apache | 3,018,056 | 41.15% | 3,018,020 | 40.86% | -0.30 |
| nginx | 1,798,113 | 24.52% | 1,844,837 | 24.97% | 0.46 |
| Microsoft | 1,536,371 | 20.95% | 1,531,014 | 20.73% | -0.22 |
| Developer | March 2018 | Percent | April 2018 | Percent | Change |
|---|---|---|---|---|---|
| Apache | 80,745,341 | 37.60% | 77,731,493 | 36.24% | -1.36 |
| Microsoft | 57,136,501 | 26.60% | 55,746,915 | 25.99% | -0.62 |
| nginx | 44,450,473 | 20.70% | 48,269,102 | 22.50% | 1.81 |
| 1,878,467 | 0.87% | 1,901,783 | 0.89% | 0.01 |
52 queries. 8.5 mb Memory usage. 0.469 seconds.