Gradual rollout for CageFS paused — PHP sites return 503 on Plesk servers with LiteSpeed

Incident Report for CloudLinux

Monitoring

The issue is resolved in cagefs-7.6.41-1, which has been released, and the gradual rollout of CageFS has now resumed. Affected servers can apply the fix immediately with:
yum update cagefs --enablerepo=cloudlinux-rollout-19-bypass

We're monitoring the rollout.
Posted Jul 15, 2026 - 13:18 UTC

Investigating

We have identified a regression in the cagefs-7.6.40-1 package delivered via gradual rollout (slot #19). On CloudLinux OS servers using the Plesk control panel together with LiteSpeed Web Server (Enterprise), the per-user PHP (lsphp) processes fail to start after this update, and all PHP websites on the server return "503 Service Unavailable".

The LiteSpeed error log shows entries like:
connection to [uds://usr/local/lsws/extapp-sock/APVH_<user>_Suphp*.sock]
... error: Connection reset by peer! / No such file or directory!
Max retries has been reached, 503!


The defect is in a CageFS wrapper used on Plesk to start PHP processes.

Servers with cPanel or DirectAdmin, and Plesk servers not using LiteSpeed, are not affected.


Affected packages (delivered together from rollout slot #19; the defect itself is in cagefs):
- cagefs-7.6.40-1
- cagefs-safebin-7.6.40-1

ETA

The fix is included in cagefs-7.6.41-1, which is being released today, July 15, 2026, after which the gradual rollout will be resumed. This post will be updated once the fixed package is available.


Workaround for affected servers
If your websites are currently down, downgrade to the previous package versions (commands are for CloudLinux 8; adjust the .el suffix for your OS version):

dnf downgrade -y cagefs-7.6.38-1.el8.cloudlinux cagefs-safebin-7.6.38-1.el8.cloudlinux
rm -f /usr/local/lsws/extapp-sock/APVH_*
systemctl restart lsws

dnf install -y python3-dnf-plugin-versionlock
dnf versionlock add cagefs cagefs-safebin

Note: For Plesk servers either disable entire slot with dnf config-manager --set-disabled cloudlinux-rollout-19 cloudlinux-updates-testing until you can update to cagefs-7.6.41-1 enable repo back later with dnf config-manager --set-enabled cloudlinux-rollout-19
or disable Plesk auto update, details in this Plesk article

For other servers, please use the version lock (not an exclude= line in dnf.conf) — automatic nightly updates will otherwise reinstall the affected version.
Once cagefs-7.6.41-1 is available, remove the lock and update:

dnf versionlock delete cagefs cagefs-safebin
dnf update
Posted Jul 15, 2026 - 11:37 UTC
This incident affects: CloudLinux OS Components (CageFS).