On October 19, 2021, we have enabled single-sign-on for our Plesk Support Center to provide a seamless login/account experience. This implies that you’ll be able to use a single account across any of our web-facing properties.
If you had already registered your account at Plesk 360 (formerly known as My Plesk) please use one for login. Otherwise please re-register it using the same email address as your existing Zendesk login (support account). It’s essential that you use the same email address on our support center to ensure that your tickets stay attached to the same account.

Articles in this section

See more

Warning: This setting conflicts with the server-wide security policy

Avatar
Julian Bonpland Mignaquy
Updated
Follow
Plesk for Windows Plesk for Linux kb: technical ABT: Group A

Applicable to:

  • Plesk for Linux
  • Plesk for Windows

Symptoms

  • Notification when trying to enable Web Deploy, change PHP handler for a service plan or when applying changes in Hosting Settings for a domain:

    PLESK_INFO: This setting conflicts with the server-wide security policy.

  • Service Plans > [service plan name] > Permission (tab) > Setup of potentially insecure web scripting option or Resellers > reseller_name> customize> Permissions>Setup of potentially insecure web scripting option are disabled.

Cause

Setup of potentially insecure web scripting option is not enabled for a Service/Reseller Plan.

Resolution

  1. Log in to Plesk

  2. Go to Service Plans > [service plan name] > Permission (tab) and enable Setup of potentially insecure web scripting option or for Resellers > reseller_name> customize> Permissions and enable Setup of potentially insecure web scripting option if the reseller does not have a service plan.

    Warning: Enabling this option is not recommended on shared hosting. It will override server-wide site isolation settings and make non-chrooted shells available for client SSH logins.

Comments

4 comments

Sort by Date Votes
  • Avatar
    Faris Raouf (Edited )

    Why would changing PHP handler be considered to conflict with the server-wide security policy in all cases?

    I can understand a warning if you chose to use mod_php in place of php_fcgi or php-fpm, but I cannot see a reason for the warning when you change from, for example, php_fcgi 5.3 (vendor) to 5.6 php-fpm (Plesk repo).

    0
    Comment actions Permalink
  • Avatar
    Artyom Baranov

    @Faris,

    Hi! The described behavior is under the investigation currently. New info may be added to the article depending on the investigation results.

    0
    Comment actions Permalink
  • Avatar
    Turgut Kalfaoglu

    Was anything found during these 2 years of investigation?

    The same warning still exists in Onyx..

     

    0
    Comment actions Permalink
  • Avatar
    Ivan Postnikov

    Hello @Turgut
    This warning is a security one and it's expected behavior.
    To avoid this warning, you can enable Setup of potentially insecure web scripting option in the Plesk > Service Plans > [service plan name] > Permission (tab), as is mentioned in the article.

    Though on our UserVoice portal there is a suggestion to enable security policy management per subscription instead of server-wide. If this suggestion seems important to you, you can vote for it:
    https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/34477117-security-policy-per-subscription

    Top-ranked suggestions are likely to be implemented in future versions of Plesk.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles