Software is an ever-changing landscape. New vulnerabilities are found that need patched, new features are constantly added, and the limitations and boundaries of physical devices and hardware are always being pushed to run the most demanding versions.
As part of this change, it is important to keep Plesk up-to-date and on the most secure version. Plesk / Parallels / Odin have gone through a very interesting year of change as they have been sold, split, merged, and are now working to refocus on their individual goals and directions.
While Plesk has maintained clear end-of-life cycles for a while now, within the old structure they were a little more accommodating (although they did not need to be) with older versions of the software. Now, as the company stands on its own, they are updating and enforcing their clearly defined end-of-life software cycles and policies.
Plesk is committed to providing high-quality, cost-effective solutions to our customers. Rapidly changing technologies influence the level, timing and character of demand for particular product versions and components. All of this drives the need to introduce new products and services as well as to end support for older software versions.
To assist our customers in this regard, we provide a clear lifecycle and end-of-life (EOL) policy to assist in planning decisions around using and upgrading both Plesk and the environment in which it is running.
As a general rule, Plesk will support any new, major version for four years. After that, they will provide patches for extended support for only issues deemed “critical” for a period of six months. After that, “the product will cease to receive further development and technical support requests will no longer be accepted.”
Time to upgrade Plesk
We strongly recommend that you upgrade to the most current and secure version of Plesk. For only $15 /mo. (per dedicated server), you will be upgraded to the most current and secure version of Plesk; and, whenever new versions of Plesk are rolled out, you will be able to request an update to that latest version at no additional cost.
If you came to this KB by way of an email announcement or through one of our support team members, you’ll know that an end-of-life cycle is fast approaching. As such, it is extremely important that you update to the most current version of Plesk to ensure your dedicated server remains safe and secure.
Below, we answer the most commonly asked questions about upgrading Plesk on your dedicated server environments.
Let’s do this — How do I update Plesk?
Simply open a ticket with our support team with the subject “Plesk 12.5 Upgrade” and we’ll work with you to schedule the Plesk update for your dedicated server(s). Or you can email us directly at Support@Managed.com
with the subject “Plesk 12.5 Upgrade” or call our support team at one of the numbers below.
· North America: 877-604-3837
· Europe: +44 (0)20 8123 7362
· Australia: +61 2 8011 4610
The sooner you call to schedule your Plesk update, the more accommodating we can be with your preferred maintenance window day / time.
When do I have to let you know I want to update Plesk?
If your version of Plesk will be reaching its end-of-life software cycle date, please contact us as soon as possible to schedule your update.
Our ability to accommodate your preferred update time will be dependent on when you get back to us. The sooner you contact us to schedule your Plesk update, the better we can work with you to schedule your ideal update day and time.
The longer you take to get back to us, the more difficult it will be for us to accommodate tight update windows.
How do I find out what version of Plesk I am on?
What if I am already running Plesk 12.5?
If you have a newer server — or have already scheduled your Plesk upgrade — and you are running Plesk 12.5, then you don’t need to do anything. You’re covered.
What if I am on a shared hosting plan?
Since these servers are changeable at the host level, you don’t have to do anything. Our expert Support Team has already been systematically going through our shared servers and updating Plesk.
Why should I upgrade?
The latest version of Plesk will always have the newest features: updated control panel, native server security, server automation, webserver and site management, and much more.
Older versions of Plesk will no longer be supported by Plesk. While several of these versions have technically been well into their end-of-life cycle for a while now, Plesk had still been supporting them to some degree. Now, Plesk is ending that unofficial courtesy maintenance window, and they will be enforcing their clear end-of-life software cycles
This means all out-of-date versions will no longer be supported in any way by Plesk: no new features, no updates, and, most critically, no security or vulnerability patches. Since Plesk is ending support for those older versions, we must also do the same.
Do I have to update Plesk?
Short answer: No. However, we strongly recommend you update to the most current version of Plesk. If you do not, you will be on an unsupported version of Plesk and potentially leave your server vulnerable to any new security issues, exploits, or vulnerabilities. There will be no further patches to old versions of Plesk.
If you contact our support team with support-related issues in the future, and you have chosen to keep your sever on an old, unsupported version of Plesk that has passed its end-of-life timeline, we will not be able to guarantee support of your client. The official software manufacturer is no longer supporting the version; we cannot either.
What happens if I don’t update Plesk?
You will be missing out on any new features, updates, and options that Plesk adds to the software.
However, more concerning is the danger and potential security issues you open your server to by ignoring end-of-life deadlines and failing to update.
Using the recent Windows Server 2003 EOL as an example, they outline several issues.
End-of-life software dangers:
- Security vulnerabilities
- Software incompatibility
- Compliance issues
- High operating costs
- Poor performance and reliability
It is very important to be aware of your software EOL cycles, and to keep updated on the most current and secure versions of any software you use.
What happens after the Plesk end-of-life software date?
Once your software passes the Plesk end-of-life date (which is December 13, 2016, for Plesk 11), your software will no longer be supported by Plesk. This includes the end-of-life software dangers outlined above. New features will not be added, and future security vulnerabilities will not be patched.
You can see the Plesk version lifecycle dates here
Due to the infrastructure architecture structure of a modern datacenter, this poses potential risk to our customers who are located within the same network and rack / device system. Think of it as the classic Hollywood trope of the criminal gang who goes through the abandoned warehouse to break through the back wall of the jewelry store — no matter how secure the main business is, the fact that it shares infrastructure with an inherently insecure business opens it up to potential attack. While digital, this is a similar case that exists when fundamentally out-of-date software exists on devices next to others. They open up the others to potential attack, as well.
Because of this, we will be moving customers who choose to remain on outdated versions of Plesk. Again, we strongly recommend you update to the most current and secure version of Plesk to avoid this. However, if you choose to remain on an out-of-date Plesk version, we will be forced to take measures to protect our customers and our network integrity.
Servers on out-of-date versions of Plesk will be moved into a separate network architecture within our datacenter. Your websites and services will still function; however, these out-of-date Plesk devices will essentially be quarantined. Additionally, we will lock down certain ports by group policy and through firewall changes in order to protect our network.
This means you will lose some functionality you or your developers may use currently, such as navigating to the server directly through the web client. Now, instead, you will need to RDP into the server. This change will not be negotiable for users who decide to keep their devices on out-of-date versions of Plesk.
If I don't update Plesk, and it's past the end-of-life date, will I still get support?
Yes, we will still support your website, servers, and services. However, our system is built on top of Plesk, and Plesk is at the core of our daily use for many issues our Support Team frequently addresses.
If you choose to not update Plesk, it's past the end-of-life date, and you have a support ticket which would normally require us to use various Plesk features in order to fix the issue, it may fall outside of our SLA.
In short, we won't leave you hanging; however, there is the possibility that a fix for a support ticket may fall outside of our SLA due to the out-of-date, unsupported version of Plesk. In those instances we may be unable to fix an issue in our normal, timely fashion, or, in some rare cases, possibly not at all. If a potential fix will fall outside of our SLA, but is still doable by our team, we may need to assess additional engineering fees. In those cases, our team will contact you, outline the options available to you, and get your permission to proceed before tackling any fixes that may require an additional fee.
We will always try to help you. If you choose to remain on an unsupported version of Plesk, we can not guarantee our ability to support your websites and servers to our normal high standards.
Can I still update my server's Plesk after the end-of-life date?
Yes. Again, we strongly recommend you update your dedicated server to the most current and secure version of Plesk. You may contact our team and we will work with you to update your server to a new, fully secured Plesk installation.
The longer you choose to use a version of Plesk that has passed its end-of-life software cycle, the more at risk your sites, applications, and data are on that device. If a future attack vector uses a security exploit identified in the out-of-date software, there will be no updates from Plesk to fix that issue, and your data will be vulnerable.
Why do I need to pay for Plesk now?
Plesk is switching its licensing model from a direct-sales to a product-lease model. In other words: before, companies could buy large blocks of Plesk licenses and pay one upfront cost; now, they are switching to software-as-a-service (SAAS) licensing model, so there must be a monthly fee to cover the cost of the SAAS Plesk charge.
In the past, the one-time charge allowed hosting companies to subsidize the cost of Plesk licensing. However, with the new SAAS model and Plesk enforcing its end-of-life practices, we are no longer able to cover that cost across thousands of customers. The small additional fee will allow us to absorb the cost of Plesk licensing, and ensure that you are always on the most-current and secure version of Plesk to best protect your servers.
Switching to an SAAS model makes sense for them, as many other companies have successfully made the same transition.
How much does the Plesk upgrade cost?
This will be a $15 /mo. addition to your current bill. However, by doing this we will also keep your Plesk upgraded to the most-current version. At this time, that is the Plesk 12.5.x series. As new versions of Plesk are rolled out in the future, this small additional charge will cover you for any future updates.
What if I still have questions about the Plesk update?
Feel free to contact our support team by one of the methods above. We’ll be happy to work with you and ensure your dedicated servers are upgraded to the newest and most secure version of Plesk.
Works Cited / For Further Reading:
End-of-life software: What are the dangers? (Spiceworks
What version of Plesk am I running? (Managed.com