Product Improvements: Flexible
Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!
93 results found
-
Cloudflare - add option to prevent bypass
I suggest you add a Cloudflare option which prevents any ip having direct access to website unless its through Cloudflare. Currently it's very easy to bypass Cloudflare unless you add a custom rule for us. But it would be better if it was an options
8 votes -
Passkey support
Passkeys need to be implemented for logging in to Cloudways. Passkeys are better / more secure than traditional passwords and 2FA. Big players like Google, Apple, Amazon, PayPal, etc are all already using passkeys.
7 votes -
Teeth whitening near stoke on trent
If you're looking for professional teeth whitening services near Stoke-on-Trent, there are several reputable dental clinics offering advanced treatments to help you achieve a brighter smile. These clinics provide safe and effective whitening procedures, using the latest techniques to remove stains and discoloration caused by food, drinks, or smoking. Many offer both in-office whitening treatments for immediate results and take-home kits for a more gradual approach. Whether you're preparing for a special occasion or simply want to enhance your smile, teeth whitening near Stoke-on-Trent can give you the confidence boost you're looking for.
https://www.kidsgrovedental.com/teeth-whitening-stoke-on-trent/1 vote -
MetaMask Extension
MetaMask Extension is a leading tool in the world of cryptocurrency and decentralized finance (DeFi). This browser extension, available for Chrome, Firefox, Brave, and Edge, acts as a bridge between traditional web browsers and the Ethereum blockchain. By using MetaMask, users gain secure access to their Ethereum wallet, enabling them to manage assets, interact with decentralized applications (dApps), and execute transactions seamlessly.
https://sites.google.com/metamaskapk.com/metamask-extension/home
https://sites.google.com/metamaskapk.com/metamaskextension/home
1 vote -
Blacklist and block IP addresses
Via the Bot Protection section, which is Malware, it would be really beneficial to be able to click a red X (next to the whitelist green check) to block and blacklist an IP listed in the log.
2 votes -
xss
%27%09);%0d%0a%09%09[1].find(alert)//
1 vote -
Phantom Wallet Extension for Chrome, Safari and Firefox
Secure and manage your Solana assets with Phantom Wallet Extension. Enjoy seamless transactions, DeFi integrations, and NFT support. Trusted by users for its intuitive interface and robust security.
https://sites.google.com/phantom-extension.app/phantomwalletextension/home
https://sites.google.com/phantom-extension.app/phantom-extension/home
1 vote -
Whitelist IPs for the API
Like the MySQL and SFTP IP whitelisting options, the API should have a whitelisting function. Or at least the ability to see connected domains and block specific connections.
For example, if I have 1,000 client sites that use the API and just one leaks the API auth details somehow, I would need to manually change 1,000 sites immediately. But by being able to whitelist the servers the clients are on, I would have more time to change the keys, without worrying.
I want to whitelist only my servers so only my clients' websites can use the API.
1 vote -
2 votes
-
wp-config file permissions for secure install
Wordpress wp-config file permissions are 664, should be 640 I think. This is the first thing I changed after migrating our sites here. 664 means the DB credentials are readable by any bot, malware scanner, or public user. We got hacked 10 years ago on this very setting being open to the public.
1 vote -
Ability to view SFTP users for application made by other users
Currently, if another account in your Cloudways system makes an SFTP account for a server you own/manage you cannot see the account that was created! It does not show up in the GUI at all.
This is a huge security concern, as it allows for shadow users to be added with no feedback to the owner of the account.
As an account owner, your owner login should be able to view all SFTP accounts created by server and application, listed in the application as if you created it yourself.
Even if you setup allow-listing for IP addresses, this still does…
1 vote -
Let server admins (not just account owners) mute alerts OR let server admins disable vulnerability alerts
The "Alert: Vulnerabilities detected on your application" emails can only be disabled by account owners by muting the alerts (here's how: https://support.cloudways.com/en/articles/5119834-how-to-mute-cloudways-bot-notifications). We have their sites set up with automatic plugin updates and that works fine for us. These alerts are making our customers worried for no good reason, and it's making maintenance more of a pain for me since I now have to reassure them everything's fine.
It isn't a big annoyance for a customer to receive such an alert but try to imagine a web maintainer (like myself) having to answer multiple questions from concerned customers. We…
2 votes -
Add Bytespider and PetalBot to the Bot Protection list
Please add the following nasty bots to the Bot Protection by default.
Bytespider & PetalBot
Thanks
1 vote -
onion for kabobs
Mastering how to cut an onion for kabobs is a game-changer! Start by halving the onion through the root, then peel off the skin. Place each half flat-side down and slice into wedges, ensuring they're even for consistent grilling. To prep for skewering, separate the layers gently and thread them onto your skewers, alternating with your favorite veggies and meats. This method ensures even cooking and adds a delightful flavor to your kabobs. Elevate your grilling game with this simple yet crucial onion-cutting technique for perfectly assembled kabobs every time https://juicerhunter.com/how-to-cut-onions-for-kabobs/
1 vote -
Audit / Security / Action Logs
It is critical for many businesses to be able check the actions and changes that are made on an account in order to debug, detect abnormal activities, intrusion or restoring certain setting back to their original, etc.
After discussing with the support on a separate ticket about an incident we detected as unusual, we felt the need for this feature more than ever.
Right now it is time consuming for support to check system logs and it is not easy to have a clear picture of WHAT happened and WHO did EXACTLY what and WHERE it was happening.
We got…
4 votes -
start caring about security & uptime
This is my idea --- Cloudways should start caring about security. Yes. My idea is that basic. How do I go for days not knowing that my clien'ts small local business website is redirecting to a russian domain selling crappy products?
I got NO alert. Nothing.
But this isn't all. I don't get alerts for 404s, soft 404s, 500s, nothing.
Cloudways assumes that if a page is throwing a 404 that it still up and good.
What I am asking for feels like the most basic things... things that hosting company would take care of long before hundreds of far…
1 vote -
you are being hacked by the civil and federal police in Brazil. Just to let you know.
you are being hacked by the civil and federal police in Brazil. Just to let you know. they said they are hacking you
1 vote -
Use stricter default WordPress permissions
I think the default WordPress file/folder permissions should be the stricter options available rather than those currently used on Cloudways.
https://www.google.com/search?q=default+wordpress+permissions&oq=default+wordpress+permissions&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCDI2MzdqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-81 vote -
Security Vulnerability in the "Nickname" System for Administrator Users in Control Panel
Hello,
We appreciate your hosting of our website, and we would like to draw your attention to a security vulnerability in the "Nickname" system for the administrator user in the control panel.
Based on our experience, the email address of the administrator user is displayed by default in the "Nickname" field. This represents a significant security risk, as attackers can rely on this information to hack the website.
We strongly recommend assigning a different username for the administrator user and avoiding the use of any personal information in the nicknames.
We hope that you take this matter seriously and take…
1 vote -
OpenSSH 8.1 Upgrade
Needed for PCI/DSS compliance.
3 votes
- Don't see your idea?