Skip to main content

Pantheon Changelog

We're transitioning away from publishing product updates in this section of Pantheon Docs to release notes.

Introducing Pantheon release notes

We're moving!

We're excited to present Pantheon release notes - a rebrand of our beloved changelog! This upgraded platform brings you better navigation and the latest product announcements.

Changelogs are still accessible today, but this area of the Pantheon Docs site will soon be redirected to release notes following the completion of a content migration.

Visit Pantheon release notes:

December 2023 Changelog

Feature and Product Release Updates

Delete Front-End Sites Multidevs Directly From Dashboard for Streamlined Management

We've enhanced your site management experience by enabling the ability to delete Multidevs directly from your Front-End Sites dashboard. This upgrade simplifies project organization, providing you with a seamless process to remove unnecessary Multidevs.

This intuitive addition streamlines site management, offering a hassle-free solution to keep your projects organized and optimized. Find detailed instructions here.

Elevated Experience With Front-End Sites Drupal Starter Kit

The Pantheon Drupal Starter Kit for Front-End Sites has undergone significant improvements.

  • Setup experience: The setup process is now more user-friendly and guided for a seamless experience.
  • Health check script: The newly introduced health check script alerts you to known configuration issues before a build fails.
  • Front-End Sites settings: Effortlessly navigate through the Settings page, simplifying the testing of your preview endpoint, and allowing convenient copying of environment variables for use in the Front-End Sites Dashboard.

Curious about creating a new Drupal project with these enhancements? Find detailed instructions here.

For further insights and discussions on similar sites, join the #front-end-frameworks Slack channel.

Platform Updates

Upgraded Security Measures for Uninterrupted WebOps Experience

We're thrilled to announce an impactful upgrade to Pantheon's security infrastructure, reinforcing our commitment to safeguarding your websites. In response to the escalating sophistication of distributed denial-of-service (DDoS) attacks, we've implemented innovative solutions to fortify our defenses. Particularly, we've addressed a surge in Layer 7 attacks targeting content management systems, ensuring resilience even without our Advanced Global CDN's Web Application Firewall (WAF).

Key benefits:

  • Advanced DDoS protection: Our engineers have proactively countered Layer 7 attacks, mitigating risks posed by inauthentic traffic targeting web content management systems.
  • Rate limiting capabilities: We've introduced rate limiting capabilities within our Global CDN, curbing abusive traffic effectively. This ensures a stable online presence, even during large-scale attacks, preventing wider stability issues.

For more in-depth insights into the measures we've taken and the value they bring to your Pantheon experience, delve into the full blog post. Your website's security and stability are our top priorities, and this enhancement is another step in our ongoing commitment to delivering a robust WebOps platform.

WordPress 6.4.2 Now Available for Enhanced Security

In response to a critical security vulnerability, WordPress 6.4.2 was released on December 6, 2023. To ensure the safety of your site, Pantheon strongly advises an immediate upgrade. Prioritize your site's security – upgrade now!

Optimized Monitoring for High-Volume Directories

Introducing proactive alerts tailored for directories with substantial file counts, which could impact performance or accessibility. Stay informed with timely notifications delivered directly to your dashboard and via email when file counts reach 50,000 and 100,000. This feature empowers you to efficiently manage your file system and address potential issues promptly.

November 2023 Changelog

Feature and Product Release Updates

VPAT issued for product accessibility

  • As part of Pantheon’s commitment to accessibility, diversity, and inclusion, we are proud to announce that we have completed an external audit of our platform’s accessibility features and the results are available in our WCAG 2.1 AA VPAT.
  • Our teams have ongoing efforts to improve accessibility further and have outlined goals to improve our support of WCAG 2.1 AA criteria for the next two quarters.
  • Our partners and customers who depend on WCAG compliant products can confidently continue to use the platform knowing that we hold accessibility to be an important function of the services we provide.

Faster Backups

The File System team at Pantheon achieved significant speed improvements in backup processes. The Valhalla export process was overhauled, allowing backups to be constructed from new objects, cutting down export times by 25-83%. This was accomplished by initiating object retrieval immediately after receiving MANIFEST metadata, omitting empty files, and promptly archiving received files.

Composer Logs Visibility

Visibility into composer logs has been a top customer request. Now, if you need to debug a composer build failure due to an error, install the Terminus Composer Logs plugin on your machine to view more details. Upstream Update logs are also available. Installation instructions and command usage can be found here in the plugin's GitHub repository.

Streamlined User Offboarding

Administrators of large workspaces will now be able to easily remove access for offboarded users at scale. When a member of your team changes jobs, or for whatever reason you need to remove a person from your sites, you can now do so faster

As you remove users from your workspace or site team, you will be prompted to remove access across all sites that a given user may be connected to, which can save multiple clicks and manual labor to ensure the right access levels are maintained.

To learn more about how this new offboarding process works, take a look at our documentation.

Platform Updates

Front-End Sites Build Caching and Node.js Versions

Pantheon introduced a new build pipeline for Front End Sites to significantly improve build times. Beginning on November 13th, 2023, newly created sites are automatically using the new pipeline and cannot opt back to the old pipeline. Sites made prior to that date can opt-in to the new pipeline to take advantage of the new features. All pre-existing sites that do not opt-in will be switched over for new builds on or around January 15th.

Additionally, we are adding support for Node 18 (for dynamic sites) and 20 (for both static and dynamic sites). To select a specific version, Pantheon is moving away from using .nvmrc and will instead look to the “engines” field in your project’s package.json file.

To find out more about adopting the new pipeline, check out our documentation, and read our blog post about how we’re already experiencing the benefits of this internally at Pantheon.

WordPress Native PHP Sessions 1.4 Update

The WordPress Native PHP Sessions plugin added primary keys to its custom tables in 1.2.2 for greater performance and redundancy, but did not upgrade existing sites. Now, version 1.4 includes an optional upgrade command for sites that installed the plugin prior to the 1.2.2 release.

Our open source WordPress Native PHP Sessions is available in the plugins repo.


Join us Wednesday December 6, 2023 for a conversation with guest speakers from Forrester, Scale Consortium, and Sherpera as they walk through how to compose the perfect digital experience stack for your organization, including how to evaluate potential solutions, and the questions you should ask vendors and your stakeholders along the way. Register for our Life After DXPs: Composing Your Ideal Solution webinar today.

October 2023 Changelog

Feature and Product Release Updates

Design System Integration: Docs

We're excited to announce that our documentation site has been seamlessly integrated with our brand-new design system. This enhancement brings a fresh and cohesive look to our documentation, providing a unified and visually appealing experience for our users. Explore the updated, improved, and more accessible Docs site today.

Docs Design System

Platform Updates

Drupal Security Update

On September 20th, Drupal core updates were released to address a critical vulnerability in the JSON:API module. Those updates became immediately available within the Pantheon dashboard for one-click code updates. Additionally, our engineers updated our CDN to mitigate potential attacks.

If you have a Drupal site using JSON:API we suggest you update as soon as possible if you haven't done so already. And even if you aren't using JSON:API, it'll still feel good to apply an update, right? To better understand the nature of security updates, come watch the Pantheon YouTube Livestream on October 25th.

PHP Memory Limits Updates

Sometimes you just need more memory to serve your site reliably. To learn more about why we doubled the memory for most site plans, check out this blog by Rachel Whitton, Lead Technical Writer here at Pantheon.

To take advantage of the increased memory limit, contact our customer support team. Or drop by our regular Zoom-based office hours.

Front-End Sites Settings

The Pantheon Front-End Sites Settings page is now available for users of the WordPress for Front-End project. It provides a simplified post install experience where users can copy environment variables for use in the Front-End Sites dashboard, and also test their preview endpoint. Instructions for creating a new WordPress project can be found here. Want to chat more about these kinds of sites? Join the #front-end-frameworks Slack Channel.

WPML Improved Edge Caching Compatibility - Cache Hit Ratio Increased 24%

Global CDN now has improved compatibility with the WPML multilingual WordPress plugin. Page variations for each language can be cached at the edge. This update was rolled out automatically for all sites that use the WPML plugin and increased site cache hit ratio by 24% on average.

PHP 8.1 and 8.2 updated to their latest patch releases

PHP 8.2.11 and 8.1.24 were released on the platform. They contain the latest bug fixes and security releases for PHP. As a reminder, PHP 8.0 will reach End-of-Life on 26 November 2023. For the best performance and security, Pantheon recommends running PHP 8.1 and above.


WordPress Performance Office Hours

Optimizing your WordPress site to boost performance can result in higher conversion rates and a better user experience! Join us Wednesday October 18th, at 2pm EST/11am PST to learn more about how to best configure your site's edge & object caching, scale your database, and troubleshoot slow pages.

Looking to connect with other WordPress developers? Join the Pantheon Community #WordPress Slack Channel.

Cybersecurity Month Livestream

October is Cybersecurity Awareness Month! Join us on October 25th for a special YouTube Livestream as we discuss how security releases play out in the open source ecosystem.

September 2023 Changelog

Feature and Product Release Updates

Object Cache Pro

WordPress sites can now leverage an upgraded object caching solution on Pantheon! Object Cache Pro is a highly optimized premium WordPress plugin that integrates with Redis for business class performance. Find out more about our perspective Object Caching from Steve Persch, Director of Developer Experience.

See Pantheon’s documentation for instructions on how to enable Object Cache Pro. Or join the #WordPress Slack Channel to connect with other customers using Object Cache Pro.

Front-End Sites Enhancements

We released version 1.0.5 of the WP Decoupled Preview plugin which contains a bug fix specific to WordPress 6.3. WP Decoupled Preview enables content editors to see their changes in the context of a front-end framework (served through Pantheon's Front-End Sites) like Next.js. To try this functionality, request access to Front-End Sites and follow our tutorial for spinning up our WordPress + Next.js starter.

Can you tell we want more teams to sign up for Front-End Sites? If you don't yet have access, as of the last month you'll now see callouts in the site creation flow that lead to Front-End Sites Access:

Sign up page in the Pantheon dashboard for decoupled Early Access

Thanks to efforts in the last month, once you spin up new codebases in Front-End Sites, you will also find:

  • Newly improved readme files in your fresh projects.
  • Health checks that fire early in the build process if your Front-End Site may be likely to fail due to missing variables for a back-end CMS
  • A better navigation and search functionality for the Decoupled Kit project documentation.

Want to chat more about these kinds of sites? Join the #front-end-frameworks Slack Channel.

WordPress Multisite Search and Replace

WordPress Multisites can now run automated Search and Replace when cloning the database between environments or spinning up new environments.

Subdomain Multisites can use a domain map to define the URLs between environments, or auto-convert to a subdirectory Multisite in non-live environments.

For more information, see Pantheon’s documentation on Search and Replace. Or join the #WordPress Slack Channel to connect with other Pantheon customers & super-users.

Early Access: Customer Scheduled Jobs

The Terminus Scheduled Jobs Plugin allows you to schedule and automate specific cron jobs according to site requirements without affecting performance.

You can specify the desired frequency (e.g., daily, weekly, monthly, hourly), and the actions to be performed. The system then executes the scheduled jobs automatically based on the provided instructions. Helps with long running jobs by granting a total budget of 300 mins (in a 24 hr period) to run jobs.

Early Access: Streamlined User Offboarding

Helps Workspace Admins more effectively manage user access by providing the ability to offboard users from multiple sites in a single click.

For more information, see Pantheon’s documentation on Workspace Offboarding. Or join the #WordPress Slack Channel to connect with other Pantheon customers & super-users.

Platform Updates

PHP Security Updates

Pantheon has deployed PHP versions 8.2.9, 8.1.22, and 8.0.30 to customer sites running on the platform. These releases address vulnerabilities disclosed in CVE-2023-3823 and CVE-2023-3824.

If you are using PHP 8.2, 8.1 or 8.0, there is nothing further that you need to do. If you are still on PHP 7.4 or earlier, though, you should schedule some time to upgrade to a supported version.While the vulnerabilities patched in these latest releases are not reported to affect PHP 7.4, the fact remains that there could be (and probably are) unpatched vulnerabilities in the end-of-life versions. Read more about it in Greg Anderson’s blog post.

New PHP Defaults

Pantheon has pushed an update to WordPress and Drupal 7 core upstreams which sets PHP 8.1 as the new default PHP version, rather than 7.4.

Please test this core update thoroughly before deploying to the Live environment. If your site requires an older version of PHP, or if you'd like to upgrade to PHP 8.2, see Pantheon’s documentation on how to manage PHP versions via the pantheon.yml configuration file.

Solr Search for WordPress 2.5.0 Update

We released an update for the Solr Search for WordPress plugin which disables auto-commit by default and allows cron to push solr commits regularly instead.

This drastically improves the performance of large sites and avoids 503 errors related to hard committing on every update. This update is recommended for all WordPress sites currently running the plugin.

You can still enable auto-commit by explicitly setting SOLRPOWER_DISABLE_AUTOCOMMIT to false.

Pantheon Advanced Page Cache WordPress Plugin Updates

We released an update for the Pantheon Advanced Page Cache WordPress plugin which adds a filter to allow disabling surrogate keys for posts' taxonomy terms. This can be especially helpful for posts with large numbers of taxonomies (such as WooCommerce products with a large number of global attributes).

For more information, see Pantheon documentation.

July 2023 Changelog

Platform Updates

Drupal 7.98

Drupal 7.98 is available on the Pantheon platform. Users may update their sites immediately. Detailed information on applying and debugging core updates can be found in the Core Updates documentation.

WP-CLI 2.8.1

WP-CLI 2.8.1 is now live on the platform.

Deprecation of Obsolete TLS 1.2 Cipher Suites

In Pantheon's continual efforts to stay up to date with modern web security standards, Pantheon is removing support for a certain set of cipher suites for TLS 1.2. By removing support for specific TLS 1.2 ciphers, Pantheon is enhancing overall platform security. This change ensures that the websites hosted on Pantheon will only use stronger and more secure encryption protocols, which helps protect sensitive information transmitted between users and the websites.

The following obsolete TLS 1.2 ciphers have known vulnerabilities and have been removed:


Pantheon has proactively identified and communicated with affected customers. No action is required at this time, but if you have any questions/concerns, please feel free to reach out to your Account Team at Pantheon or to Pantheon Support via a ticket or chat.

Feature and Product Release Updates

Integrated Composer

Pantheon customers can now re-run Integrated Composer builds via Terminus - without creating a new commit. Previously, pushing a new commit to the Dashboard was the only way to trigger a build. Occasionally site developers experience failed builds for external reasons (external repo issue, broken key, etc.). This update brings even greater functionality and flexibility to Integrated Composer.


Gain access to a knowledge-sharing community of WebOps thought leaders who are embracing the tools and best practices of WebOps to create magic on the internet, while unlocking limited-edition swag & other amazing perks for completing Pantheon Missions.

Join the new Pantheon Community Hub today to start earning!