Service Improvement

Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. OCSP stapling

    Please switch on OCSP stapling. This feature makes access to HTTPS sites faster in case of OSCP present, so avoid clients requests to CA to verify certs.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add Blacklist section in your security tab

    The current server management console, has a n area where we can whitelist our IP address to avoid lockout problems. But could we also get for our servers a blacklist option?

    There are multiple WordPress sites I manage. And you have no idea how many hacking attempts I get daily. Being able to block the ip addresses from where these attempts are coming from...could really help us secure our WP sites even more.

    67 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Cloudways should add DDoS protection service

    DDoS is a common problem now, maybe Cloudways can add a DDoS Mitigation service and upgrade their Network hardware to secure against Level 3 DDoS attacks

    344 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    51 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    After some difficulties with Cloudflare, we have spoken now with Sucuri (https://sucuri.net/). They offer malware removal, website firewall (providing DDoS protection among other things, requires DNS redirection to point to their firewalls) and site scanning (via local agent). All features independent (we can offer all or some).

    We are thinking that a better approach to solving our customers problems when it comes to security and performance will be to offer (as add-ons) Sucuri (security centric and very focused on our most common apps) and MaxCDN (pure CDN focused on performance).

    Any one has had experience with Sucuri? We have already tested (and in talks with them) and looks very promising.

    Let us know thoughts on this (Sucuri + MaxCDN) approach (vs Cloudfront). We know this is well overdue and want to get it rolling.

    Cloudways Team

  4. Allow firewall options

    Allow us to customise the firewall (to define which port numbers can be opened)

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. SFTP access by white listed IP only

    SFTP access should be able to be set to only accept a white listed IP address.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Different MySQL users - one for managing database and one with limited permissions for usage in scripts

    As many apps stores MySQL credentials in a plain text inside code. I suggest to provide us with 2 MySQL users
    1) Admin user - with the most wide permissions
    2) Script user - allowed only to manipulate with rows (CRUD)

    This is common security practice on other hostings.

    40 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Be able to Change SSL Settings for Faster SSL

    http://unhandledexpression.com/2013/01/25/5-easy-tips-to-accelerate-ssl/

    Lists options to improve the speed of SSL transactions. It would be great to be able to enable these settings changes either manually through the console or via interface.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Block option for all IP address for SSH or Mysql and All server resources.

    Block option for all IP address for SSH or Mysql and All server resources. except we choose IP Address

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Caution Notifications if the bandwidth about to touch the default ceiling limits

    Caution Notifications if the bandwidth about to touch the default ceiling limits in order to take steps on illegitimate/spam hits. This may safe guard the ignorant developers from incurring a heavy loss and in some cases losing their business. Please consider.
    Thanks and regards,
    Venkat Chinniah
    App Consultant & Architect

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Fix password change system

    At the moment, when signing up there is no limit to password length, but when changing a password, it is limited to 20 characters. This results in the "old" password not being recognised correctly, presumably as it's looking for a password of maximum 20 characters.

    So if you create a password with more than 20 characters as your first password, you can't change it without logging out and doing "forgotten password". Rubbish!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. Spectre and Meltdown

    Please advise about specific measures did you take regarding Spectre and Meltdowns recent announced threats in order to give a word of trust to our final customers

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Do you have dashboard for the configured website to see security/vulnerability

    Do you have dashboard for the configured website to see security/vulnerability

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Changing MySQL Password in Cloudways Console Updates wp-config.php

    It seems logical that updating the password for MYSQL ACCESS in the Cloudways Application Management Access Details would also update the wp-config.php for that application to reflect the new password. But it does not?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. password

    Please allow users to insert special characters to change cloudways account password. because a password is used as security gate to enter into any account so it's very essential thing for every Cloudways user to set A Strong Password..

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Have a KB/support article regarding password requirements.

    The areas for passwords: Master Credentials, MySQL Access, and Application Credentials are different. It makes it difficult to use a password manager's generator.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. SSH On Warning / Auto Off

    It would be great to have some visual reminder on every page of your App settings that SSH is turned on with a simple button to disable it.

    Even better would be option to "Turn On for 1 Hour" or something like that so it automatically shuts off without you having to remember to shut it off.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Cloud Firewalls

    Will you offer a service similar to Cloud Firewalls, as provided by Digital Ocean? You can check the link here: https://blog.digitalocean.com/cloud-firewalls-secure-droplets-by-default/

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Enable Let's Encrypt Auto-renewal to work with .htaccess redirects in place

    When a website is SSL secured (https) it is recommended to have redirect rules in place which enforce https (redirect http to https) and of course redirecting to one version (www vs non-www).

    It appears that the Let's Encrypt Auto-Renewal does not work. It will fail saying there are htacces rules restricting it from working. I am not sure if this is an issue for Cloudways to fix, or Let's Encrypt.

    In either case, the solution provided by Cloudways support is to:
    1. Temporarily rename your .htaccess (so it is not in effect)
    2. REVOKE your Let's Encrypt Certificate
    3.…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base