Firewall Management + fail2ban support
It would be useful to have the ability to configure the default firewall rules at server level, rather than relying on htaccess files which are useless for managing large data sets (i.e. IP lists/ranges).
Additionally, having fail2ban installed and bridging between the firewall would be extremely helpful for using plugins like wp-fail2ban, which automatically bans "bruteforce" login attempts at server level, rather than application level.
-
Coils commented
Better firewall management makes a real difference, especially when dealing with repeated login attempts and suspicious traffic. Having built in Fail2Ban support would simplify routine security tasks and reduce manual work. For users who also manage streaming apps through https://descargarxuperztv.com/, a stronger security setup helps keep services running more reliably.
-
Chrome Hearts Store commented
Adding Fail2Ban support alongside firewall management would give users better control over blocking repeated malicious login attempts while reducing manual intervention. A practical approach that keeps security simple is often the most effective, much like https://aliciacalc.com/calculadora-cientifica/ helps handle complex calculations in a straightforward way without unnecessary steps.
-
Floras12 commented
Adding built in firewall management with Fail2Ban support would make server security much easier to manage and reduce the need for manual intervention. It also helps to have a simple way to evaluate how well different security settings perform over time, and https://theeasygrader.com/ could be a practical reference when you want a consistent scoring approach for comparing results.
-
Andreas
commented
+1 for enabling wp-fail2ban, it's actually a simple thing to add support, just add the filter and jail rules to the fail2ban config on all servers like so: https://bjornjohansen.no/using-fail2ban-with-wordpress
This is assuming php already can write to the appropriate log files. -
Rhianne Jhane
commented
Wonderful post! We are linking to this particularly great article on our site. Keep posting!
-
Greg
commented
On the Features page, CW advertises, "Proactive Cloudways security practices keep all your servers safe and secure. ... All Cloudways hosted servers are protected by OS-level firewalls that filter out malicious traffic and keep out the intruders." This is not completely true, and there's no way to know to what extent it may be partially true. I had to request help hunting down what was causing outages, come to find it was a single IP address from China repeatedly trying to log in to one site, and was told to ban it in htaccess. That is the opposite of "proactive" and "OS-level."
-
Greg
commented
Yeah there definitely needs to be a better way to handle blocking IP/requests at the server level. Trying to do this at the application level is just inefficient, time consuming and eats up more resources.
The biggest issue with cloudways is the lack of automatic banning of brute force login attacks and vulnerability scan that are to aggressive. If there was a sever level solution to this Cloudways would be able to offer more secure and stable Cloud server solution then anyone else out there.