Service Improvement

Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add to CloudwaysCDN DDoS Protection and WAF

    Now that there is a Partnership With StackPath this shouldn't be hard. Add another option, charge more, but add the possibility please. If you look at the comments about CloudwaysCDN on the Facebook Group and on the blogpost about it you'll see there is a demand for it.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Check the PrestaShop area and remove all the spam posts and ads for casinos in Chinese.........

    Seriously? Things like this make it seem like you never visit the boards here...

    These have been up since early August:

    http://feedback.cloudways.com/forums/203824-service-improvement/category/83930-prestashop

    So, you haven't checked the PrestaShop Service Improvement since July. How often do you check these posts here? Please remove this crap. It is unprofessional and makes it look like you never read anything posted here.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Virus Sanner to find infected malicious files

    Hi, I have found my wordpress file corrupted by some malicious code due to which our site is running slow. This code was found in all functin.php files. I was not understanding suddenly why site performance got so much degraded. After checking all file and uninstalling plugin then too i didnt find reason for same. After long research i got to know that some code has been uploaded to function.php file. I haven't reseted file permission so its some server security lack that such code was uploaded. Now i want to scan file to check that no more infacted files…

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Security Log for Team Members

    I would love to see some form of a actions/security log which is stores X amount of entries per month.

    What Security/Actions Log?

    Ability to track who has logged in from where.
    Which Team Member has moved, created, deleted applications.
    Which Team Member has changed a setting within Servers/Applictions.

    Any other detailed information.

    Here is an example that PHPBB uses, or Wordpress Security Audit which has similar functions as to what im suggesting.

    http://cdn.inmotionhosting.com/support/images/stories/edu/phpbb/maintenance/mod-log.png
    http://files.staticfsr.org/files/images/PhpBB%203%20Admin%20Logs.jpeg

    Ability to export the log via csv would be great too. This would keep your DB less cluttered as you would purge the entries every…

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Enable/ Disable mod_security

    Please add Enable/ Disable for mod_security . This will increase our servers and applications security.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. A better backup scheme

    So here my suggestion for a better backup scheme. Do something like keeping:
    = 1 - 3 monthly backups
    + 3 weekly backups
    + 4 - 6 daily backups
    This way a longer period is covered without increasing the space required for backups. You can try keeping it at 8, although 12 would be ideal as it will cover last 3 mo, last 3 wk, and last 6 days.

    Other suggestions:
    - Allow to choose the time of day to do backup so it won't slow down the server during busy hours.
    - Allow to choose external backup destination like…

    159 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under review  ·  15 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Please make your cloud server SOC2 compliant.

    Please make your cloud server SOC2 compliant.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow customers to create database users

    When having Master Credentials you con go to the MySQL Manager and create a user, but when you want to save you get:
    "Access denied; you need (at least one of) the CREATE USER privilege(s) for this operation"
    You should allow permissons for Master Credentials to creat DB users

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add BitNinja.io security for both Server and Apps

    Would be great having this installed as an option. Would protect server and all the Apps installed so we don't necessary have to go for Sucuri for each single App when clients cannot afford.

    36 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. mod security

    Please add mod_security

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Single Sign-on / SAML authentication for access to the cloudways console

    Provide the ability to leverage SAML providers like Okta, OneLogin, or ADFS for single sign-on to the cloud console. This would improve security for as well as the user experience.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Require SSH keys for login / SFTP

    Once SSH keys have been set up on a server, password login should be disabled, or at least have an option to disable it.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. HSTS (Strict Transport Security)

    Hi,

    Do you support HSTS (Strict Transport Security) in the future? Maybe it will add more security.

    31 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. fail2ban

    I was wondering if fail2ban was available on cloudways instances. I would love managing login attempts and throttling bots with it.
    This could even be integrated in the console at application level.

    I know I can do this with WordFence and others, but it's so much more efficient. Doing this kind of thing with WP plugins is so inefficient, it still require PHP processes.

    While not replacing a full DDoS and WAF service, this is probably still a good affordable and efficient protection and I have the feeling that is being already used for handling ssh login attempts.

    20 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. OCSP stapling

    Please switch on OCSP stapling. This feature makes access to HTTPS sites faster in case of OSCP present, so avoid clients requests to CA to verify certs.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add Blacklist section in your security tab

    The current server management console, has a n area where we can whitelist our IP address to avoid lockout problems. But could we also get for our servers a blacklist option?

    There are multiple WordPress sites I manage. And you have no idea how many hacking attempts I get daily. Being able to block the ip addresses from where these attempts are coming from...could really help us secure our WP sites even more.

    64 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Cloudways should add DDoS protection service

    DDoS is a common problem now, maybe Cloudways can add a DDoS Mitigation service and upgrade their Network hardware to secure against Level 3 DDoS attacks

    333 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    49 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    After some difficulties with Cloudflare, we have spoken now with Sucuri (https://sucuri.net/). They offer malware removal, website firewall (providing DDoS protection among other things, requires DNS redirection to point to their firewalls) and site scanning (via local agent). All features independent (we can offer all or some).

    We are thinking that a better approach to solving our customers problems when it comes to security and performance will be to offer (as add-ons) Sucuri (security centric and very focused on our most common apps) and MaxCDN (pure CDN focused on performance).

    Any one has had experience with Sucuri? We have already tested (and in talks with them) and looks very promising.

    Let us know thoughts on this (Sucuri + MaxCDN) approach (vs Cloudfront). We know this is well overdue and want to get it rolling.

    Cloudways Team

  18. Allow firewall options

    Allow us to customise the firewall (to define which port numbers can be opened)

    31 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. SFTP access by white listed IP only

    SFTP access should be able to be set to only accept a white listed IP address.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Different MySQL users - one for managing database and one with limited permissions for usage in scripts

    As many apps stores MySQL credentials in a plain text inside code. I suggest to provide us with 2 MySQL users
    1) Admin user - with the most wide permissions
    2) Script user - allowed only to manipulate with rows (CRUD)

    This is common security practice on other hostings.

    39 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base