97 results found
Add Malware protection, scanning and removal in the Bot Protection in the Cloudways Console.
Right now we have to have a 3rd party security for malware plus bot protection in Cloudways console. It's redundant.
Add Malware protection, scanning and removal in the Bot Protection in the Cloudways Console.20 votes
Passkeys need to be implemented for logging in to Cloudways. Passkeys are better / more secure than traditional passwords and 2FA. Big players like Google, Apple, Amazon, PayPal, etc are all already using passkeys.3 votes
I suggest you add a Cloudflare option which prevents any ip having direct access to website unless its through Cloudflare. Currently it's very easy to bypass Cloudflare unless you add a custom rule for us. But it would be better if it was an options2 votes
Currently, if another account in your Cloudways system makes an SFTP account for a server you own/manage you cannot see the account that was created! It does not show up in the GUI at all.
This is a huge security concern, as it allows for shadow users to be added with no feedback to the owner of the account.
As an account owner, your owner login should be able to view all SFTP accounts created by server and application, listed in the application as if you created it yourself.
Even if you setup allow-listing for IP addresses, this still does…1 vote
Let server admins (not just account owners) mute alerts OR let server admins disable vulnerability alerts
The "Alert: Vulnerabilities detected on your application" emails can only be disabled by account owners by muting the alerts (here's how: https://support.cloudways.com/en/articles/5119834-how-to-mute-cloudways-bot-notifications). We have their sites set up with automatic plugin updates and that works fine for us. These alerts are making our customers worried for no good reason, and it's making maintenance more of a pain for me since I now have to reassure them everything's fine.
It isn't a big annoyance for a customer to receive such an alert but try to imagine a web maintainer (like myself) having to answer multiple questions from concerned customers. We…2 votes
Please add the following nasty bots to the Bot Protection by default.
Bytespider & PetalBot
Mastering how to cut an onion for kabobs is a game-changer! Start by halving the onion through the root, then peel off the skin. Place each half flat-side down and slice into wedges, ensuring they're even for consistent grilling. To prep for skewering, separate the layers gently and thread them onto your skewers, alternating with your favorite veggies and meats. This method ensures even cooking and adds a delightful flavor to your kabobs. Elevate your grilling game with this simple yet crucial onion-cutting technique for perfectly assembled kabobs every time https://juicerhunter.com/how-to-cut-onions-for-kabobs/1 vote
It is critical for many businesses to be able check the actions and changes that are made on an account in order to debug, detect abnormal activities, intrusion or restoring certain setting back to their original, etc.
After discussing with the support on a separate ticket about an incident we detected as unusual, we felt the need for this feature more than ever.
Right now it is time consuming for support to check system logs and it is not easy to have a clear picture of WHAT happened and WHO did EXACTLY what and WHERE it was happening.
We got…4 votes
This is my idea --- Cloudways should start caring about security. Yes. My idea is that basic. How do I go for days not knowing that my clien'ts small local business website is redirecting to a russian domain selling crappy products?
I got NO alert. Nothing.
But this isn't all. I don't get alerts for 404s, soft 404s, 500s, nothing.
Cloudways assumes that if a page is throwing a 404 that it still up and good.
What I am asking for feels like the most basic things... things that hosting company would take care of long before hundreds of far…1 vote
I do want to live the dream, Pool Boy (When cloudway will integrate WAF and Scan Malware in the server)
I have been with cloudway for a long time and my dream is that they can integrate a malware scan (free cleaning) and waf to their servers. Without having to depend on other providers like sucuri, wordfence and other company.2 votes
you are being hacked by the civil and federal police in Brazil. Just to let you know. they said they are hacking you1 vote
I think the default WordPress file/folder permissions should be the stricter options available rather than those currently used on Cloudways.
We appreciate your hosting of our website, and we would like to draw your attention to a security vulnerability in the "Nickname" system for the administrator user in the control panel.
Based on our experience, the email address of the administrator user is displayed by default in the "Nickname" field. This represents a significant security risk, as attackers can rely on this information to hack the website.
We strongly recommend assigning a different username for the administrator user and avoiding the use of any personal information in the nicknames.
We hope that you take this matter seriously and take…1 vote
Please offer TFA on unique code via Mobile Text message.
For those who do NOT want to use Google Authentication on mobile phones please use this.
Digital Ocean have been doing it successfully for almost 7 years.
Send TFA on mobile text message.1 vote
Needed for PCI/DSS compliance.2 votes
I prefer to pay to cloudway for malware scan and not buying plugins.1 vote
Building applications in PHP more users/clients ask for Single-Sign-On to Azure ActiveDirectory - an add-on solution in cloudways to help connection between PHP-app and AD would be very usefull2 votes
It's a really must have option for all server owners.3 votes
While the CloudWays service is great, I've been concerned for a while now that I can simply click to copy passwords for SFTP, SSH, databases & WordPress. My concerns have been amplified as yesterday over 1.2 million compromised passwords were stolen from GoDaddy because they stored their details in a similar way: https://wptavern.com/godaddy-data-breach-exposes-1-2-million-active-and-inactive-managed-wordpress-hosting-accounts
Simply put: ALL passwords stored on CloudWays should be salted & hashed. There should be no way for CloudWays (or me) to retrieve them once they've been saved. The fact that I can indicates they are being stored as plaintext, which is a huge security issue. Passwords…14 votes
- Don't see your idea?