Many shared hosting customers are not professional web designers. These customers need the most basic administrative functions and should not, if possible, be asked to use multiple tools to manage their services. At the same time, web designers as well as more sophisticated users, need the administrative power of panels to get their work done.
Parallels Web Presence Builder isn’t just for Parallels Plesk Panel anymore.
There’s a bit of a rivalry between users of Parallels Plesk Panel and users of cPanel. Those who host a handful of websites tend to lean toward cPanel, while those who host hundreds or thousands professionally prefer Parallels Plesk Panel and Parallels Plesk Automation. But no matter which hosting control panel you prefer, you have something in common – you can now offer Parallels Web Presence Builder via both control panels, and beef up your shared hosting offers to attract new customers.
A full one-third of all Parallels Plesk Panel web designers and web developers switched to Plesk from cPanel. I was quite surprised to discover this preference, especially after being exposed to 10+ years of the single-panel shared hoster’s strong polarizing views and unyielding preferences towards one solution over the other.
Parallels Plesk Automation is rapidly becoming the hosting solution of choice, giving professional shared hosters a new opportunity for efficiency and growth. Now deployed by more than 500 service providers in over 60 countries, Parallels Plesk Automation has been field tested with thousands of users, websites and mailboxes and is proving to be efficient, secure and scalable beyond anything a single panel can provide.
This past week The Register reported that Google is migrating a thousand plus instances of MySQL to MariaDB. At Parallels we made the decision about six months ago to release the newest version of our popular Parallels Plesk Panel with support for MariaDB. Parallels Plesk Panel, used for web hosting and management, is now running on over 270,000 servers world-wide and the MariaDB support in Parallels Plesk Panel 11.5 has helped drive growth and adoption over the past few months. We are a strong supporter of the MariaDB Foundation and applaud Google’s move which, along with RedHat’s announcement earlier this year, further validates MariaDB market momentum. It is a healthy reaction to Oracle’s control of MySQL and the moves they have made to limit community involvement.
Q&A with Joe Alagna, VP of Channel Development at 101domain.com
101domain.com was one of the first registrars to launch a scaled implementation of server nodes using Parallels Plesk Automation. The platform allows web hosting providers to manage tasks asynchronously, including provisioning and infrastructure updates, adding hosting accounts, and managing multiple servers from a single access point. It is also designed to be more secure and to limit vulnerability to attack by isolating production workloads.
The project was managed by 101domain.com’s Hosting Services Manager, Rodolfo Elias. We wanted to learn about his experience and tracked him down for some Q & A.
Q. Now that you’ve had a chance to work with Parallels Plesk Automation what are your overall impressions?
A. The product gives us the ability to separate services, making it a lot more efficient for us to balance accounts and provision servers as necessary. The centralized management of accounts and resellers allows us to track usage more efficiently.
Q. As an early adopter, what advice would you give someone getting started on Parallels Plesk Automation to help them do it better?
A. We took advantage of every one of the features the product offers. Our integration was a bit complex. I’d suggest that they acquaint themselves with the documentation ahead of time so they can understand better how to provision and manage the software within the platform. Use the resources that Parallels Plesk Panel provides and work closely with their team. They’ve been very supportive to us.
Q. What are some of the benefits that the platform offers to clients?
A. The client interface is exactly the same as our previous Parallels Plesk Panel interface (Parallels Plesk Panel 11). This was a big advantage because those clients didn’t see any difference at all. We also consolidated all of our clients who used previous versions of Parallels Plesk Panel (versions 8 – 10) so now our entire customer base is on a single platform as we move forward. Future upgrades will be much easier because everything is centralized.
Q. But what about other clients? Will they see any other benefits to this?
A. Surely. With the separation of services, there will be less of a load on each server. Their websites will respond quicker. That’s the biggest benefit. The platform is more secure because one service doesn’t affect another. Apache, email, MySQL and web services are all independent. We can monitor the servers better and separate the impact of each service on a server. That makes our client’s websites and email hosting more reliable.
Now our clients can host all of their domains without worrying about overages. They get centralized management of all domains in one place. They also get unlimited email boxes at a very low price. We’re really proud our revamped hosting services platform and we think it’s a great value for our clients.
Q. What about resellers? Are there any important benefits for them?
A. Yes, a lot. Our new hosting reseller program will allow us to provide resellers with a branded solution for their hosting ventures. We’re still working on that piece but it will be coming out soon. It’s going to be really nice.
A variation is being reported of a previously-reported zero-day vulnerability in older versions of Parallels Plesk Panel. Since the original vulnerability was first reported, the majority of Parallels Plesk Panel customers took the necessary steps to upgrade to a non-vulnerable version of the product.
Today only 4% of servers running Parallels Plesk Panel are potentially impacted. This means 96% of Parallels Plesk Panel servers have been updated to a non-vulnerable version of Parallels Plesk Panel.
If you are still running Parallels Plesk Panel 9.0 to 9.2, please take the action to upgrade today. There are multiple version options to upgrade to in order to help you secure and protect your customers.
How to upgrade
+ The best version to upgrade to is Parallels Plesk Panel 11.0. It has been available for over a year and is the version with the highest deployment rate, lowest support cost, best performance and, of course, highest security.
+ On June 13, 2013, Parallels will launch Parallels Plesk Panel 11.5. This new version will come with additional usability, performance and security benefits.
+ If you cannot upgrade to the latest version, you can update now to Parallels Plesk Panel 9.5.4. This is a direct upgrade through the AutoInstaller. On June 13 you can then upgrade to version 11.5.
If you are unable to upgrade at this time, you can apply a script to automatically update your Parallels Plesk Panel for Linux 9.0-9.2.3 server. You can download that script (wrapper.zip) from the “Attachments” section of http://kb.parallels.com/116241.
Details about the vulnerability
This vulnerability is not new. It is a variation of the long-known CVE-2012-1823 vulnerability related to the CGI mode of PHP in selected older and end-of-life versions of Parallels Plesk Panel. The exploit for this vulnerability uses a combination of two issues:
+ PHP vulnerability CVE-2012-1823 related to CGI mode used in older versions of Parallels Plesk Panel (http://kb.parallels.com/en/113818)
+ Parallels Plesk Panel phppath script alias usage in Parallels Plesk Panel versions 9.0-9.2
All currently supported versions of Parallels Plesk Panel 9.5.4, 10.x and 11.x, as well as Parallels Plesk Automation, are NOT vulnerable. Also, Parallels Plesk Panel 8.x (now end-of-life) is NOT vulnerable.
There also are some additional resources to insure that your Parallels Plesk Panel installation is secure, and malware, if present, is removed:
+ Parallels has created a comprehensive page on securing Parallels Plesk Panel at http://kb.parallels.com/en/114396
+ Parallels has created a malware removal tool at http://kb.parallels.com/en/115025
Adam Bogobowicz, Sr. Director of Product Marketing
Parallels Plesk Panel 11 has gained strong adoption since its launch 12 months ago. Superior user experience, best in class performance further enhanced with NGINX integration and cloud friendly cloning features make it the preferred choice for service providers looking for a professional grade cloud panel solution. Parallels Plesk Panel 11 is the fastest growing panel product in the company’s history.
Recently Verio, a subsidiary of NTT Communications and a leading provider of innovative online business solutions to SMBs worldwide, became a Parallels Platinum partner. As part of the partnership, Verio gained access to the broad portfolio of Parallels products, research, training and support which allowed the company to deliver greater value to partners and customers.
Verio took advantage of the cloud features of Parallels Plesk Panel 11 and added Parallels Plesk Panel to its cloud offering.
Yesterday Verio announced an impressive 102 percent growth quarter over quarter for Verio Cloud. This service takes full advantage of both the exceptional user experience of the Parallels Plesk Panel as well its cloud features.
Parallels Plesk Panel 11 cloud support includes a panel cloning features that allows Verio to copy the same Parallels Plesk Panel instance to different virtual machines without compromising panel operability due to changing IP addresses and other unique entities. To support Virtual Private Server (VPS) cloning, Parallels Plesk Panel 11 includes tools for preparing images, automatic reconfiguration to new environments (including KVM, XEN, VMware, Hyper-V), and optional automated delivery of a license into a new environment.
The upcoming release of Parallels Plesk Panel 11.5 is now available in feature complete preview and will further improve customer experience. Parallels Plesk Panel 11.5 will be more secure, easier to adopt, easier to upsell, and will provide full control and industry-best usability for website owners, helping service providers like Verio to deliver new value to the cloud users.
As small and medium businesses (SMBs) continue to increase their use of cloud services, web hosters have been asking, “How can I leverage this opportunity to better serve my customers’ needs and grow my business?” Here are some tips on how offering a competitive core bundle and upselling value added services can be a successful way to increase your average revenue per user (ARPU), reduce churn and differentiate your services.
• Increase ARPU – To increase the revenue your customers generate, you need to continuously offer them new services. Upselling and cross-selling additional services and products—both during and after the point of sale—will play a major role in maximizing revenues from your existing customer base.
• Reduce customer churn – Customer retention is the litmus test of your ability to differentiate yourself as a service provider and demonstrate to your customers you understand their needs. Studies show that when SMBs buy additional services through their Web service provider, they are less likely to leave. You can also differentiate yourself by engaging customers with great service; educating them on how to derive the greatest value from the solutions they purchase from you; and offering them outstanding support.
But how can you determine which solutions SMBs need? Our Parallels SMB Cloud Insights™ research can help give you the answers:
30% of SMBs plan to add site building tools in the next three years – to capture your fair share, offer Parallels Web Presence Builder, a full-featured website design tool that any SMB can use. With Parallels Web Presence Builder, you can attract new customers and differentiate your services by offering try-and-buy evaluations or configuring a freemium website offer and upselling to paid or hosting packages.
50% of US SMBs have or plan to build mobile websites – with the highest growth in next three years. The time to start selling mobile optimized websites is now and UNITY Mobile will enable your customers to quickly create and publish a mobile site that run on any mobile phone and tablet. You can offer mobile services bundled or as standalone and UNITY Mobile products also offer you upsell options.
44% of SMBs are concerned about security – Web Hosters can help reduce security fears by upselling key services such as StopTheHacker, a great website security solution to help your customers prevent, detect and quickly recover from hacker or malware attacks. Another important application is CloudFlare, which extends your network globally with 23 points-of-presence on four continents, making your customer’s websites load twice as fast, while keeping them safe and optimized.
If you’re an Infrastructure Provider, you should offer server-wide services to protect your customers, secure your reputation and improve customer satisfaction – Parallels Premium Antivirus and Parallels Premium Outbound Antispam are two must-have applications. With Parallels Plesk Panel Power Pack you can extend Parallels Panel capabilities with high-value add-ons. As an example, Panel Power Pack includes five mailbox licenses for Kaspersky Antivirus server-side e-mail scanning software. These licenses are resalable, so you can use them to upsell your customers to additional mailbox protection, you can also upsell to an unlimited per server license.
Channel Marketing Director
Recently, a Cisco security research analyst used an old Parallels Plesk Panel vulnerability as an example of why it is important to patch servers that may be running old software. His point is valid, and Parallels agrees fully that “the active exploit of this year-old vulnerability serves as an important reminder that website operators and administrators must keep systems up-to-date.”
It turns out the exploit this researcher was referring to was (a) for Parallels Plesk Panel 9.3 and earlier – products from 2009 and earlier that are now at end-of-life, and (b) in the 3rd party Horde webmail component, not in the Parallels Plesk control panel itself. A patch was promptly issued by Parallels in February 2012.
This reported vulnerability – which certainly is not anything new (considering the patch has been out for over a year), was later confused in some subsequent blogs and comments with another vulnerability in Parallels Plesk 10.3 and earlier versions (products from summer 2011 and earlier) also discovered and fixed in February 2012. Though the current version of Parallels Plesk Panel at that time, 10.4, did not have this vulnerability, Parallels immediately issued a security advisory and patches in February 2012 for all prior impacted versions and advised partners about actions to take. Additionally, Parallels created a comprehensive page on securing Parallels Plesk Panel and a Malware Removal Tool, responding quickly and thoroughly to these exploits.
For Parallels partners who install patches and reset passwords, Parallels Plesk Panel is not subject to this vulnerability. Customers running Parallels Plesk Panel 10.4 and 11 never had this vulnerability in the first place.
Parallels agrees that the point of the Cisco researcher is still very valid: “The active exploit of this year-old vulnerability serves as an important reminder that website operators and administrators must keep systems up-to-date. This is especially urgent with vulnerabilities that are remotely detectable. This means not just the operating system, but every program and add-on for those programs also needs to be kept up-to-date. A vulnerability left unpatched in any one of them can lead to total system compromise.”
Parallels Plesk Panel 11 and the upcoming 11.5 are the most secure versions ever, and we strongly encourage our Partners and customers to upgrade to these versions. In Parallels Plesk Panel 11, all Security Updates are clearly reported in the panel. Partners can force Security Updates when they choose. The option to turn on auto-upgrades is also highly recommended for anyone on Parallels Plesk Panel 10 or above. It is the best way to keep you fully secure.
– The Parallels Plesk Panel Team