• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Input New "Clone" feature for Wordpress requires insecure PHP commands

Bitpalast

Bitpalast

Plesk addicted!
Plesk Guru
The new, enhanced Wordpress management interface in Onyx is a great thing! Unfortunately the important "clone" feature to copy a whole Wordpress installation into a new domain or subdomain requires the PHP proc_open() function. This function must normally be disabled in shared hosting, because it can enable users to execute code on the shell level. For that reason, this great new "clone" feature cannot be used in shared hosting environments :(

The problem seems to be that the clone function is run by the subscription user's PHP, not by Plesk PHP engine. If cloning was done by the same PHP instance that Plesk is run under, the disabled PHP commands on the subscription level would not affect the process.

For that reason I suggest to revise the code of the clone function so that it is not affected by disabled PHP commands on subscription level.
 
Hello!

Thank you very much for feedback! I confirm a bug EXTWPTOOLK-456, we will fix it in nearest updates of WordPress Toolkit Plesk extension.
 
You must log in or register to reply here.

Similar threads

Zalem Citizen
Question PHP net_get_interfaces and IPs privacy
Replies
0
Views
668
Zalem Citizen
Zalem Citizen
P
Question Drupal CMS 1.0 with Plesk: Composer PATH issue for automatic updates
Replies
7
Views
1K
horvan
H
Hangover2
Forwarded to devs Disabled PHP "Hosting performance settings management" can be bypassed by using .user.ini or ini_set()
Replies
9
Views
3K
Sebahat.hadzhi
Sebahat.hadzhi
D
Resolved PHP Websockets
Replies
7
Views
5K
Andrew B
A
M
Question Sitejet Builder extension requires allow_url_fopen to be enabled
Replies
0
Views
1K
Maarten
M
Back
Top