Service Improvement

Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!

I suggest you ...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Cloudways please document your security practices

    I would like to suggest that Cloudways publishes an article or other document that describes how Cloudways maintains, patches, updates servers and secures them.

    The intent is not to disclose details that puts security at risk but instead demonstrates the value Cloudways is providing in the area of helping its customers maintain a secure server and application environment.

    Information should include frequency of update / patch deployment, frequency of security scans for malware / unauthorized access, firewall ports and services that are open especially those for inbound traffic from the Internet, intrusion protection mechanisms, transparency reports for government information requests…

    21 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

      This is indeed a good suggestion. We at Cloudways believe in being transparent to our users in all operational areas. We have added this idea to our Product Improvement Ideas list, and information about security would be available on the Cloudways Platform in the coming days.

      Cloudways Team

    • TLS 1.3

      Please support TLS 1.3 since it's faster and more secure. Chrome 70 and Firefox 63 officialy support it now.

      https://www.ietf.org/blog/tls13/

      7 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
      • Integrate firewall with CDN

        There are probably many needed enhancements to the firewall. One that would be especially helpful would be to block traffic that doesn't originate through the CDN.

        For example, with Cloudflare, hackers can sometimes use historical dns records to discover your server's origin IP address. They can then circumvent Cloudflare's ddos and firewall features.

        An option in the Cloudways firewall to only accept traffic through the CDN would eliminate this whole class of vulnerabilities.

        3 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
        • 2 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
          • Give FTP Access to a specific folder within an application

            For now you get access to all folders and files, which might cause security problems. And GDPR Problems, as anybody that has been given access could delete or copy any personal Data of web shop clients, for example

            2 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
            • Allow disabling of weak SSH key exchange algorithms

              PCI Compliance now regards weak ssh key exchange algorithms as a liability. There should be a way to disable them. It's fairly easy to set up in open-ssh: https://infosec.mozilla.org/guidelines/openssh#Configuration

              3 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
              • access to .conf file for Nginx

                I needed to do some security tweaks and could not access the .conf file for Nginx to make the changes. I think it would be a good idea to allow access for customization. I wanted to be able to...

                1.Prevent Information Disclosure

                Often servers are incorrectly configured, and can allow an attacker to get access to sensitive information that can be used in attacks.

                2. Prevent PHP execution

                Overview
                By default, a plugin/theme vulnerability could allow a PHP file to get uploaded into your site's directories and in turn execute harmful scripts that can wreak havoc on your website. Prevent…

                1 vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                • Add ability to add multiple IP addresses at once in the Security panel

                  Provide the ability to add multiple IP addresses at once in the Security panel for when we need to whitelist IPs for managewp and other services.

                  2 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                  • Firewall Management + fail2ban support

                    It would be useful to have the ability to configure the default firewall rules at server level, rather than relying on htaccess files which are useless for managing large data sets (i.e. IP lists/ranges).

                    Additionally, having fail2ban installed and bridging between the firewall would be extremely helpful for using plugins like wp-fail2ban, which automatically bans "bruteforce" login attempts at server level, rather than application level.

                    13 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                    • A better backup scheme

                      So here my suggestion for a better backup scheme. Do something like keeping:
                      = 1 - 3 monthly backups
                      + 3 weekly backups
                      + 4 - 6 daily backups
                      This way a longer period is covered without increasing the space required for backups. You can try keeping it at 8, although 12 would be ideal as it will cover last 3 mo, last 3 wk, and last 6 days.

                      Other suggestions:
                      - Allow to choose the time of day to do backup so it won't slow down the server during busy hours.
                      - Allow to choose external backup destination like…

                      148 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        under review  ·  14 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                      • Allow customers to create database users

                        When having Master Credentials you con go to the MySQL Manager and create a user, but when you want to save you get:
                        "Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation"
                        You should allow permissons for Master Credentials to creat DB users

                        14 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                        • fail2ban

                          I was wondering if fail2ban was available on cloudways instances. I would love managing login attempts and throttling bots with it.
                          This could even be integrated in the console at application level.

                          I know I can do this with WordFence and others, but it's so much more efficient. Doing this kind of thing with WP plugins is so inefficient, it still require PHP processes.

                          While not replacing a full DDoS and WAF service, this is probably still a good affordable and efficient protection and I have the feeling that is being already used for handling ssh login attempts.

                          17 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                          • Cloudways should add DDoS protection service

                            DDoS is a common problem now, maybe Cloudways can add a DDoS Mitigation service and upgrade their Network hardware to secure against Level 3 DDoS attacks

                            304 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              42 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

                              After some difficulties with Cloudflare, we have spoken now with Sucuri (https://sucuri.net/). They offer malware removal, website firewall (providing DDoS protection among other things, requires DNS redirection to point to their firewalls) and site scanning (via local agent). All features independent (we can offer all or some).

                              We are thinking that a better approach to solving our customers problems when it comes to security and performance will be to offer (as add-ons) Sucuri (security centric and very focused on our most common apps) and MaxCDN (pure CDN focused on performance).

                              Any one has had experience with Sucuri? We have already tested (and in talks with them) and looks very promising.

                              Let us know thoughts on this (Sucuri + MaxCDN) approach (vs Cloudfront). We know this is well overdue and want to get it rolling.

                              Cloudways Team

                            • SFTP access by white listed IP only

                              SFTP access should be able to be set to only accept a white listed IP address.

                              14 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                              • Block option for all IP address for SSH or Mysql and All server resources.

                                Block option for all IP address for SSH or Mysql and All server resources. except we choose IP Address

                                3 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                • Ability to add multiple SSL certificates per application (neither wildcard nor SAN)

                                  If we have a multisite, we need a wildcard SSL for the subdomains. However if we go further, and provide custom domain (domain mapping) the problem comes that the SSL certificate is only for our domain not the mapped. Would be great if we can (even manually) create more than one certificate. SAN certificates is not the good option, since:

                                  - We are using the wildcard for the own subdomains.
                                  - There is a hard limit with the 100 domains.
                                  - All the custom domains would be listed as secondary domains in the certificate details.

                                  1 vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                  • 1 vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                    • 2 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Caution Notifications if the bandwidth about to touch the default ceiling limits

                                        Caution Notifications if the bandwidth about to touch the default ceiling limits in order to take steps on illegitimate/spam hits. This may safe guard the ignorant developers from incurring a heavy loss and in some cases losing their business. Please consider.
                                        Thanks and regards,
                                        Venkat Chinniah
                                        App Consultant & Architect

                                        2 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Force 2FA for Team Members

                                          As account owner, I can setup 2FA on the main account, but I can't force my team members (some of whom have full access) to do so. This obviously creates a security loophole.

                                          2 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4
                                          • Don't see your idea?

                                          Feedback and Knowledge Base