The most popular web hosting control panel celebrates its anniversary with a feature-packed update focused on cybersecurity, efficiency, and broader compatibility with PHP 8.4, Ubuntu 24.04, and modern cloud platforms.
Plesk has released version 18.0.70 of Obsidian, an anniversary edition full of technical enhancements, reinforced security, performance optimizations, and updates across its most-used extensions. As a light-hearted celebration, Plesk included a small Easter egg — typing DISCO on the Plesk screen triggers a festive animation to mark the occasion.
Strengthened Protection Against Brute-Force Attacks
One of the standout new features is improved protection against brute-force login attempts via a new rate-limiting mechanism. Admins can enable and configure this security layer by adding the following entries to the panel.ini file:
[security]
bruteforceProtection.enabled = true
bruteforceProtection.rateLimit = 5
bruteforceProtection.rateLimitPeriod = 300
Code language: JavaScript (javascript)This system limits the number of failed login attempts per IP, helping to prevent unauthorized access without requiring third-party tools.
Updated Cloud Images with Ubuntu 24.04
Users deploying Plesk in the cloud now benefit from official images updated to Ubuntu 24.04 LTS, available on Microsoft Azure, Google Cloud, AWS (including Lightsail), and DigitalOcean.
Additionally, Plesk’s QCOW2 images have been optimized to use less disk space, scale better with increased storage, and include the latest packaging and security updates.
Improved Accessibility and Task Manager Efficiency
To improve usability, the interface and installer can now be scaled up to 200%, addressing accessibility needs for visually impaired users.
Performance-wise, the Task Manager has been improved to query fewer tasks simultaneously and now performs batch cleanups. These changes reduce CPU and RAM usage on high-load servers. Debug logs have also been added to all Task Manager API operations.
Smarter Backup Validation
Administrators can now define a backup validation window via panel.ini. This new feature controls how long backups remain eligible for validation and can be disabled by setting the value to 0.
[pmm]
backupsValidationPeriod = 7
Platform-Specific Enhancements
For Linux:
- New installations now include a secure default TLS configuration.
- It is no longer possible to override default PHP-FPM performance settings using
.user.inifiles orini_set()— these defaults are considered optimal for most websites.
For Windows:
- Support for BIND DNS has been removed due to maintenance and security risks. Admins must switch to Microsoft DNS before upgrading.
- A new CLI utility has been added to manage server components via terminal:
plesk bin components.
Dozens of Bug Fixes for a More Stable Experience
Version 18.0.70 includes fixes for over 20 known issues, including:
- False MariaDB 11.4+ deprecation warnings for
mysqlandmysqldump. - Deadlocks in HTTP requests caused by overloaded session tables.
- Incorrect branding in email setup pages for resellers.
- Problems with moving databases between subscriptions or clearing corrupted FTP backup files.
- CLI limits for traffic plans capped at 99TB are now fixed.
- Improved clarity for “Maximum message size” in mail settings.
- Resolved logo scaling issues and UX inconsistencies in dynamic views.
Updated Extensions and Ruby Support
Alongside the core update, key Plesk extensions have been refreshed:
- Plesk Migrator 2.28.0: now compatible with MariaDB 11.4, faster pre-migration checks.
- Docker 2.1.3: allows CMD/ENTRYPOINT reset during container recreation.
- WP Toolkit 6.6.8: post-action hooks for custom scripts enabled by default.
- Ruby 1.5.1: now supports Ruby 3.4.4, 3.3.8 and updated legacy versions up to 2.4.10.
- Updates to Grafana, Roundcube, Route 53, Log Browser, Joomla! Toolkit, Email Security, WHMCS Installer, Social Login, and more.
Upgraded Third-Party Components
Updated third-party libraries and runtimes include:
- PHP 8.4.7 and PHP 8.3.21
- Node.js 20.19.2
- ASP.NET Core 9.0.5 and 8.0.16
- MailEnable 10.52
- ModSecurity 2.9.9 (Linux) for CVE-2025-47947
- Roundcube 1.4.15 and 1.6.10 to patch CVE-2025-49113
Future-Ready Hosting Platform
With this anniversary release, Plesk continues to evolve as the leading web hosting control panel. The updates reflect a clear focus on stability, modern cloud readiness, enhanced security, and DevOps-friendly features.
Before upgrading, administrators are advised to review compatibility — especially on Windows servers still using BIND, which will block the update until the DNS server is switched.
Plesk Obsidian 18.0.70 marks a powerful step forward — a reliable, secure, and future-proof platform for managing the digital core of the internet.
