Articles in this section

See more

Warning: This setting conflicts with the server-wide security policy

Avatar
Julian Bonpland Mignaquy
Updated
Follow
Plesk for Windows Plesk for Linux kb: technical ABT: Group A

Applicable to:

  • Plesk for Linux
  • Plesk for Windows

Symptoms

  • Notification when trying to enable Web Deploy, change PHP handler for a service plan or when applying changes in Hosting Settings for a domain:

    PLESK_INFO: This setting conflicts with the server-wide security policy.

  • Service Plans > [service plan name] > Permission (tab) > Setup of potentially insecure web scripting option or Resellers > reseller_name> customize> Permissions>Setup of potentially insecure web scripting option are disabled.

Cause

Setup of potentially insecure web scripting option is not enabled for a Service/Reseller Plan.

Resolution

  1. Log in to Plesk

  2. Go to Service Plans > [service plan name] > Permission (tab) and enable Setup of potentially insecure web scripting option or for Resellers > reseller_name> customize> Permissions and enable Setup of potentially insecure web scripting option if the reseller does not have a service plan.

    Warning: Enabling this option is not recommended on shared hosting. It will override server-wide site isolation settings and make non-chrooted shells available for client SSH logins.

Comments

4 comments

Sort by Date Votes
  • Avatar
    Faris Raouf (Edited )

    Why would changing PHP handler be considered to conflict with the server-wide security policy in all cases?

    I can understand a warning if you chose to use mod_php in place of php_fcgi or php-fpm, but I cannot see a reason for the warning when you change from, for example, php_fcgi 5.3 (vendor) to 5.6 php-fpm (Plesk repo).

    0
    Comment actions Permalink
  • Avatar
    Artyom Baranov

    @Faris,

    Hi! The described behavior is under the investigation currently. New info may be added to the article depending on the investigation results.

    0
    Comment actions Permalink
  • Avatar
    Turgut Kalfaoglu

    Was anything found during these 2 years of investigation?

    The same warning still exists in Onyx..

     

    0
    Comment actions Permalink
  • Avatar
    Ivan Postnikov

    Hello @Turgut
    This warning is a security one and it's expected behavior.
    To avoid this warning, you can enable Setup of potentially insecure web scripting option in the Plesk > Service Plans > [service plan name] > Permission (tab), as is mentioned in the article.

    Though on our UserVoice portal there is a suggestion to enable security policy management per subscription instead of server-wide. If this suggestion seems important to you, you can vote for it:
    https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/34477117-security-policy-per-subscription

    Top-ranked suggestions are likely to be implemented in future versions of Plesk.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles