Service Improvement

Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. yubikey support

    would be great to add hardware 2FA devices with fallback to google auth or SMS.. :)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow disabling of weak SSH key exchange algorithms

    PCI Compliance now regards weak ssh key exchange algorithms as a liability. There should be a way to disable them. It's fairly easy to set up in open-ssh: https://infosec.mozilla.org/guidelines/openssh#Configuration

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. access to .conf file for Nginx

    I needed to do some security tweaks and could not access the .conf file for Nginx to make the changes. I think it would be a good idea to allow access for customization. I wanted to be able to...

    1.Prevent Information Disclosure

    Often servers are incorrectly configured, and can allow an attacker to get access to sensitive information that can be used in attacks.

    2. Prevent PHP execution

    Overview
    By default, a plugin/theme vulnerability could allow a PHP file to get uploaded into your site's directories and in turn execute harmful scripts that can wreak havoc on your website. Prevent…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Force 2FA for Team Members

    As account owner, I can setup 2FA on the main account, but I can't force my team members (some of whom have full access) to do so. This obviously creates a security loophole.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Fix security problem with Team Member

    My niche is high risk for online hacking. In Cloudways I can add a team member, which sends his un-encrypted password to his account. This is high risk. As owner of my account I should be able to change his password, and then I can share via a secure app like Last Pass. Please consider this a high priority request. Thank You

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Firewall Management + fail2ban support

    It would be useful to have the ability to configure the default firewall rules at server level, rather than relying on htaccess files which are useless for managing large data sets (i.e. IP lists/ranges).

    Additionally, having fail2ban installed and bridging between the firewall would be extremely helpful for using plugins like wp-fail2ban, which automatically bans "bruteforce" login attempts at server level, rather than application level.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add ability to add multiple IP addresses at once in the Security panel

    Provide the ability to add multiple IP addresses at once in the Security panel for when we need to whitelist IPs for managewp and other services.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add to CloudwaysCDN DDoS Protection and WAF

    Now that there is a Partnership With StackPath this shouldn't be hard. Add another option, charge more, but add the possibility please. If you look at the comments about CloudwaysCDN on the Facebook Group and on the blogpost about it you'll see there is a demand for it.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Virus Sanner to find infected malicious files

    Hi, I have found my wordpress file corrupted by some malicious code due to which our site is running slow. This code was found in all functin.php files. I was not understanding suddenly why site performance got so much degraded. After checking all file and uninstalling plugin then too i didnt find reason for same. After long research i got to know that some code has been uploaded to function.php file. I haven't reseted file permission so its some server security lack that such code was uploaded. Now i want to scan file to check that no more infacted files…

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Security Log for Team Members

    I would love to see some form of a actions/security log which is stores X amount of entries per month.

    What Security/Actions Log?

    Ability to track who has logged in from where.
    Which Team Member has moved, created, deleted applications.
    Which Team Member has changed a setting within Servers/Applictions.

    Any other detailed information.

    Here is an example that PHPBB uses, or Wordpress Security Audit which has similar functions as to what im suggesting.

    http://cdn.inmotionhosting.com/support/images/stories/edu/phpbb/maintenance/mod-log.png
    http://files.staticfsr.org/files/images/PhpBB%203%20Admin%20Logs.jpeg

    Ability to export the log via csv would be great too. This would keep your DB less cluttered as you would purge the entries every…

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. A better backup scheme

    So here my suggestion for a better backup scheme. Do something like keeping:
    = 1 - 3 monthly backups
    + 3 weekly backups
    + 4 - 6 daily backups
    This way a longer period is covered without increasing the space required for backups. You can try keeping it at 8, although 12 would be ideal as it will cover last 3 mo, last 3 wk, and last 6 days.

    Other suggestions:
    - Allow to choose the time of day to do backup so it won't slow down the server during busy hours.
    - Allow to choose external backup destination like…

    154 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  15 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow customers to create database users

    When having Master Credentials you con go to the MySQL Manager and create a user, but when you want to save you get:
    "Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation"
    You should allow permissons for Master Credentials to creat DB users

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add BitNinja.io security for both Server and Apps

    Would be great having this installed as an option. Would protect server and all the Apps installed so we don't necessary have to go for Sucuri for each single App when clients cannot afford.

    34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Single Sign-on / SAML authentication for access to the cloudways console

    Provide the ability to leverage SAML providers like Okta, OneLogin, or ADFS for single sign-on to the cloud console. This would improve security for as well as the user experience.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. HSTS (Strict Transport Security)

    Hi,

    Do you support HSTS (Strict Transport Security) in the future? Maybe it will add more security.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. fail2ban

    I was wondering if fail2ban was available on cloudways instances. I would love managing login attempts and throttling bots with it.
    This could even be integrated in the console at application level.

    I know I can do this with WordFence and others, but it's so much more efficient. Doing this kind of thing with WP plugins is so inefficient, it still require PHP processes.

    While not replacing a full DDoS and WAF service, this is probably still a good affordable and efficient protection and I have the feeling that is being already used for handling ssh login attempts.

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add Blacklist section in your security tab

    The current server management console, has a n area where we can whitelist our IP address to avoid lockout problems. But could we also get for our servers a blacklist option?

    There are multiple WordPress sites I manage. And you have no idea how many hacking attempts I get daily. Being able to block the ip addresses from where these attempts are coming from...could really help us secure our WP sites even more.

    57 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Cloudways should add DDoS protection service

    DDoS is a common problem now, maybe Cloudways can add a DDoS Mitigation service and upgrade their Network hardware to secure against Level 3 DDoS attacks

    322 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    46 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    After some difficulties with Cloudflare, we have spoken now with Sucuri (https://sucuri.net/). They offer malware removal, website firewall (providing DDoS protection among other things, requires DNS redirection to point to their firewalls) and site scanning (via local agent). All features independent (we can offer all or some).

    We are thinking that a better approach to solving our customers problems when it comes to security and performance will be to offer (as add-ons) Sucuri (security centric and very focused on our most common apps) and MaxCDN (pure CDN focused on performance).

    Any one has had experience with Sucuri? We have already tested (and in talks with them) and looks very promising.

    Let us know thoughts on this (Sucuri + MaxCDN) approach (vs Cloudfront). We know this is well overdue and want to get it rolling.

    Cloudways Team

  19. SFTP access by white listed IP only

    SFTP access should be able to be set to only accept a white listed IP address.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Different MySQL users - one for managing database and one with limited permissions for usage in scripts

    As many apps stores MySQL credentials in a plain text inside code. I suggest to provide us with 2 MySQL users
    1) Admin user - with the most wide permissions
    2) Script user - allowed only to manipulate with rows (CRUD)

    This is common security practice on other hostings.

    38 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base