Skip to content

Product Improvements: Flexible

Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

28 results found

  1. Force SSL

    It would be nice if we could have a Force SSL option from the control panel for wordpress. Then you would not have to install a ssl plugin or add rules to HTACCESS

    32 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  4 comments  ·  Security  ·  Admin →
  2. eedback.cloudways.com is not loading on SSL you must use this

    eedback.cloudways.com is not loading on SSL you must use this

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  1 comment  ·  Security  ·  Admin →
  3. Cloudways please document your security practices

    I would like to suggest that Cloudways publishes an article or other document that describes how Cloudways maintains, patches, updates servers and secures them.

    The intent is not to disclose details that puts security at risk but instead demonstrates the value Cloudways is providing in the area of helping its customers maintain a secure server and application environment.

    Information should include frequency of update / patch deployment, frequency of security scans for malware / unauthorized access, firewall ports and services that are open especially those for inbound traffic from the Internet, intrusion protection mechanisms, transparency reports for government information requests…

    48 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  13 comments  ·  Security  ·  Admin →
  4. Ability to disable TLS 1.0 and 1.1 server wide

    After enabling SSL in my sites, I run multiple tools to scan for vulnerabilities and imisconfigurations. Every one of them is telling me that those protocols are insecure, deprecated and should be disabled. I asked support to do it server wide, but they said it can only be done manually on app basis. To me this is unacceptable, since this should be approached from a server perspective as a whole.

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  0 comments  ·  Security  ·  Admin →
  5. TLS 1.3

    Please support TLS 1.3 since it's faster and more secure. Chrome 70 and Firefox 63 officialy support it now.

    https://www.ietf.org/blog/tls13/

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  1 comment  ·  Security  ·  Admin →
  6. 46 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    25 comments  ·  Security  ·  Admin →
  7. A better backup scheme

    So here my suggestion for a better backup scheme. Do something like keeping:
    = 1 - 3 monthly backups
    + 3 weekly backups
    + 4 - 6 daily backups
    This way a longer period is covered without increasing the space required for backups. You can try keeping it at 8, although 12 would be ideal as it will cover last 3 mo, last 3 wk, and last 6 days.

    Other suggestions:
    - Allow to choose the time of day to do backup so it won't slow down the server during busy hours.
    - Allow to choose external backup destination like…

    208 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  Security  ·  Admin →

    We are closing this thread as we have implemented most of the features requested by OP and other features requested by users in the comments over the years. Here is the list of the features we have introduced around backups.

    1. We added the option to set backup retention from 1 to 4 weeks.
    2. We added the option to set the frequency of backups from 1 hour to 168 hours (1 week).
    3. We introduced on-demand application backup options.
    4. Users can now specify the time at which the backups process should be initiated on the server.
    5. Users can now restore their deleted servers from the Cloudways Platform. Previously this feature was limited to support but to give customers more control this feature is now available to all Cloudways customers.
    6. Users can now restore their deleted applications from the Cloudways Platform to an existing or new server.

  8. Enable Let's Encrypt Auto-renewal to work with .htaccess redirects in place

    When a website is SSL secured (https) it is recommended to have redirect rules in place which enforce https (redirect http to https) and of course redirecting to one version (www vs non-www).

    It appears that the Let's Encrypt Auto-Renewal does not work. It will fail saying there are htacces rules restricting it from working. I am not sure if this is an issue for Cloudways to fix, or Let's Encrypt.

    In either case, the solution provided by Cloudways support is to:
    1. Temporarily rename your .htaccess (so it is not in effect)
    2. REVOKE your Let's Encrypt Certificate
    3.…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

    Hello

    We have resolved this issue, an update was deployed on all customer’s servers.

    LE SSL installation is now independent of rules added in htaccess, now users just have to make sure that the domain is added in the domain section of the application and the domain is pointing to Cloudways server, any rules in htaccess will not conflict with SSL installations.

    Best Regards
    Cloudways

  9. Please add TFA option for team account. Not only the main account

    Please add TFA option for team account. So the server security never get compromised by team account hijack

    16 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Security  ·  Admin →
  10. OCSP stapling

    Please switch on OCSP stapling. This feature makes access to HTTPS sites faster in case of OSCP present, so avoid clients requests to CA to verify certs.

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Security  ·  Admin →
  11. Cloudways should add DDoS protection service

    DDoS is a common problem now, maybe Cloudways can add a DDoS Mitigation service and upgrade their Network hardware to secure against Level 3 DDoS attacks

    344 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  53 comments  ·  Security  ·  Admin →
  12. SSH On Off Button

    A simple button to turn ssh on and off, ssh can be turned off until the admin needs to use it so it adds an additional level of security straight on the dashboard. Thanks

    26 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  3 comments  ·  Security  ·  Admin →
  13. SSH keys to access my servers (instead of passwords)

    Ability to add SSH keys as per digital ocean. Saves password logins when making and deploying changes.

    19 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Security  ·  Admin →
  14. Block option for all IP address for SSH or Mysql

    Block option for all IP address for SSH or Mysql. except we choose IP Address

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Admin →

    Hello

    This is already integrated into the platform.

    MYSQL Remote access is disabled by default, users will have to whitelist the IP to access MySQL remotely. For more details please visit https://support.cloudways.com/en/articles/5124817-how-to-whitelist-ip-addresses-for-remote-mysql-connections

    While for SSH we provide an option to disable access completely except the whitelisted IP addresses. please visit https://support.cloudways.com/en/articles/5121429-how-to-manage-ip-access-for-ssh-and-sftp-connections

    Best Regards,
    Cloudways Team.

  15. The git deployment documentation should tell the users to use GitHub's Deploy Keys feature.

    The documentation that shows user how to deploy from Git (https://support.cloudways.com/using-git-for-deployment) tells users to give CloudWays full access to their GitHub account. Ideally the documentation should show GitHub's "Deploy Keys" feature (https://developer.github.com/guides/managing-deploy-keys/#deploy-keys) which allows the user to give CloudWays access to just the repositories it needs.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

    The documentation on how to deploy from Git on the Cloudways Platform has now been updated to promote the use of repository-specific deployment keys.

    Cloudways Team

  16. Add multiple domain ssl support for a single application.

    I have WordPress MU and I have multiple ssl certificates for the multiple domains but I can't use it within one application, therefore I have to create multiple wordpress instances for the domains.

    Very annoying that I can't use WordPress MU with multiple domains with multiple single domain ssl certifications.

    31 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Security  ·  Admin →

    We have added a support of SAN in our platform, which will allow you to have a support for multiple domains using single SSL certificate. Having SAN available there won’t be a need of getting separate SSL for multiple domains mapped to a single website.

    Moreover, work is already in progress for Let’sEncrypt (freeSSL) to support multiple domains using single SSL.

    Cloudways Team

  17. Provide a way to edit/remove Let's Encrypt from application

    Currently there is no way to make a change to the installed certificate so it is not possible to change the domain once a cert has been installed. The only resolution available presently is to migrate to a new application.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Admin →
  18. Rehabilitate SSH access with application credentials

    Rehabilitate SSH access with application credentials and not for only Master credentials.

    In my case, we have our software, installed on our software, that connect via SSH to single application for launch some php script with php-cli.

    Now, i can't give master password to our customer!

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Security  ·  Admin →
  19. Support 'Let's Encrypt' (automatic and free SSL/TLS)

    Mid 2015 the Let's Encrypt Certificate Authority (CA) is expected to go live. It would be great if Cloudways would join this effort and offer it as a service to their customers. This CA & software will allow automatic and free (domain validated) SSL/TLS for any domain.

    For more information visit https://letsencrypt.org/

    157 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    58 comments  ·  Security  ·  Admin →
  20. Fallback to SMS or Backup Codes (like Google) on Two-Factor Authentication issues

    Lost access to TFA authentication should fall back to SMS or Backup Codes (like Google) rather than a quick comment on the chat.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base