Skip to content

Product Improvements: Flexible

Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

89 results found

  1. Cloudflare - add option to prevent bypass

    I suggest you add a Cloudflare option which prevents any ip having direct access to website unless its through Cloudflare. Currently it's very easy to bypass Cloudflare unless you add a custom rule for us. But it would be better if it was an options

    11 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    29 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Add user agent exclusion in immunify360 firewall rules

    I would like to be able to add a user agent exclusion to the new immunity firewall, so for example not be blacklisted for screaming frog spider scans

    maybe also the possibility to add ip whitelist via api service

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Play Basketball Stars game!

    The accessibility of basketball stars significantly contributes to its appeal. The simplicity of its use allows players of all ability levels to enjoy it. Participants are captivated by the narrative and the rapid action. Basketball Stars offers numerous customization options that enable gamers to personalize their avatars and adorn them with appealing items.

    In addition to its engaging gameplay, Basketball Stars facilitates communication among basketball enthusiasts. A thrilling social aspect is the opportunity to compete against friends or adversaries globally in multiplayer modes.

    In conclusion, Basketball Stars is an exhilarating online game that provides a unique basketball experience. The rapid…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Allow Master account to change files ownership to Application user

    1. Connect via SSH using the Master Account
    2. Write new files in an Application (e.g. via git pull)
    3. use chown to set ownership to the Application user account
    4. You have: Operation not permitted

    This is a problem when creating scripts to update part of an application (I cannot use the global git pull that you provide).
    And it is not possible to use git pull for private Git repositories with the Application account because ~/.ssh is not writable for it.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Passkey support

    Passkeys need to be implemented for logging in to Cloudways. Passkeys are better / more secure than traditional passwords and 2FA. Big players like Google, Apple, Amazon, PayPal, etc are all already using passkeys.

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Blacklist and block IP addresses

    Via the Bot Protection section, which is Malware, it would be really beneficial to be able to click a red X (next to the whitelist green check) to block and blacklist an IP listed in the log.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Whitelist IPs for the API

    Like the MySQL and SFTP IP whitelisting options, the API should have a whitelisting function. Or at least the ability to see connected domains and block specific connections.

    For example, if I have 1,000 client sites that use the API and just one leaks the API auth details somehow, I would need to manually change 1,000 sites immediately. But by being able to whitelist the servers the clients are on, I would have more time to change the keys, without worrying.

    I want to whitelist only my servers so only my clients' websites can use the API.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. 2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. wp-config file permissions for secure install

    Wordpress wp-config file permissions are 664, should be 640 I think. This is the first thing I changed after migrating our sites here. 664 means the DB credentials are readable by any bot, malware scanner, or public user. We got hacked 10 years ago on this very setting being open to the public.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Ability to view SFTP users for application made by other users

    Currently, if another account in your Cloudways system makes an SFTP account for a server you own/manage you cannot see the account that was created! It does not show up in the GUI at all.

    This is a huge security concern, as it allows for shadow users to be added with no feedback to the owner of the account.

    As an account owner, your owner login should be able to view all SFTP accounts created by server and application, listed in the application as if you created it yourself.

    Even if you setup allow-listing for IP addresses, this still does…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. Let server admins (not just account owners) mute alerts OR let server admins disable vulnerability alerts

    The "Alert: Vulnerabilities detected on your application" emails can only be disabled by account owners by muting the alerts (here's how: https://support.cloudways.com/en/articles/5119834-how-to-mute-cloudways-bot-notifications). We have their sites set up with automatic plugin updates and that works fine for us. These alerts are making our customers worried for no good reason, and it's making maintenance more of a pain for me since I now have to reassure them everything's fine.

    It isn't a big annoyance for a customer to receive such an alert but try to imagine a web maintainer (like myself) having to answer multiple questions from concerned customers. We…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. Add Bytespider and PetalBot to the Bot Protection list

    Please add the following nasty bots to the Bot Protection by default.

    Bytespider & PetalBot

    Thanks

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Audit / Security / Action Logs

    It is critical for many businesses to be able check the actions and changes that are made on an account in order to debug, detect abnormal activities, intrusion or restoring certain setting back to their original, etc.

    After discussing with the support on a separate ticket about an incident we detected as unusual, we felt the need for this feature more than ever.

    Right now it is time consuming for support to check system logs and it is not easy to have a clear picture of WHAT happened and WHO did EXACTLY what and WHERE it was happening.

    We got…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. start caring about security & uptime

    This is my idea --- Cloudways should start caring about security. Yes. My idea is that basic. How do I go for days not knowing that my clien'ts small local business website is redirecting to a russian domain selling crappy products?

    I got NO alert. Nothing.

    But this isn't all. I don't get alerts for 404s, soft 404s, 500s, nothing.

    Cloudways assumes that if a page is throwing a 404 that it still up and good.

    What I am asking for feels like the most basic things... things that hosting company would take care of long before hundreds of far…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Security Vulnerability in the "Nickname" System for Administrator Users in Control Panel

    Hello,

    We appreciate your hosting of our website, and we would like to draw your attention to a security vulnerability in the "Nickname" system for the administrator user in the control panel.

    Based on our experience, the email address of the administrator user is displayed by default in the "Nickname" field. This represents a significant security risk, as attackers can rely on this information to hack the website.

    We strongly recommend assigning a different username for the administrator user and avoiding the use of any personal information in the nicknames.

    We hope that you take this matter seriously and take…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. OpenSSH 8.1 Upgrade

    Needed for PCI/DSS compliance.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. TFA via Text messaging

    Please offer TFA on unique code via Mobile Text message.
    For those who do NOT want to use Google Authentication on mobile phones please use this.
    Digital Ocean have been doing it successfully for almost 7 years.
    Send TFA on mobile text message.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. Force log out from all devices

    It's a really must have option for all server owners.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base