Product Improvements: Flexible
Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!
91 results found
-
Caution Notifications if the bandwidth about to touch the default ceiling limits
Caution Notifications if the bandwidth about to touch the default ceiling limits in order to take steps on illegitimate/spam hits. This may safe guard the ignorant developers from incurring a heavy loss and in some cases losing their business. Please consider.
Thanks and regards,
Venkat Chinniah
App Consultant & Architect2 votes -
Fix security problem with Team Member
My niche is high risk for online hacking. In Cloudways I can add a team member, which sends his un-encrypted password to his account. This is high risk. As owner of my account I should be able to change his password, and then I can share via a secure app like Last Pass. Please consider this a high priority request. Thank You
2 votes -
Add ability to add multiple IP addresses at once in the Security panel
Provide the ability to add multiple IP addresses at once in the Security panel for when we need to whitelist IPs for managewp and other services.
2 votes -
Provide an Edit feature for the admin panel URL path name
Vendors (magento) recommend changing the control panel name from "admin" to something else, it would be great if you can provide an edit facility so we can modify the admin URL so that we can launch the control panel from within cloudways as it only permits the default control panel name.
2 votes -
Deny all, permit only from my country
I would like to have the capability to permit connections to my website only from my country. The site is on our local language and there is little to no reason to permit connections from other places (aside from Google robots).
2 votes -
Reflection test
Hacked by Hxp7
1 vote -
Allow whitelist/blacklist of IPV6 addresses for shell access.
I need to be able to whitelist IPV6 address for SSH so I can access it.
1 vote -
Play Basketball Stars game!
The accessibility of basketball stars significantly contributes to its appeal. The simplicity of its use allows players of all ability levels to enjoy it. Participants are captivated by the narrative and the rapid action. Basketball Stars offers numerous customization options that enable gamers to personalize their avatars and adorn them with appealing items.
In addition to its engaging gameplay, Basketball Stars facilitates communication among basketball enthusiasts. A thrilling social aspect is the opportunity to compete against friends or adversaries globally in multiplayer modes.
In conclusion, Basketball Stars is an exhilarating online game that provides a unique basketball experience. The rapid…
1 vote -
Allow Master account to change files ownership to Application user
- Connect via SSH using the Master Account
- Write new files in an Application (e.g. via git pull)
- use chown to set ownership to the Application user account
- You have: Operation not permitted
This is a problem when creating scripts to update part of an application (I cannot use the global git pull that you provide).
And it is not possible to use git pull for private Git repositories with the Application account because ~/.ssh is not writable for it.1 vote -
Whitelist IPs for the API
Like the MySQL and SFTP IP whitelisting options, the API should have a whitelisting function. Or at least the ability to see connected domains and block specific connections.
For example, if I have 1,000 client sites that use the API and just one leaks the API auth details somehow, I would need to manually change 1,000 sites immediately. But by being able to whitelist the servers the clients are on, I would have more time to change the keys, without worrying.
I want to whitelist only my servers so only my clients' websites can use the API.
1 vote -
wp-config file permissions for secure install
Wordpress wp-config file permissions are 664, should be 640 I think. This is the first thing I changed after migrating our sites here. 664 means the DB credentials are readable by any bot, malware scanner, or public user. We got hacked 10 years ago on this very setting being open to the public.
1 vote -
Ability to view SFTP users for application made by other users
Currently, if another account in your Cloudways system makes an SFTP account for a server you own/manage you cannot see the account that was created! It does not show up in the GUI at all.
This is a huge security concern, as it allows for shadow users to be added with no feedback to the owner of the account.
As an account owner, your owner login should be able to view all SFTP accounts created by server and application, listed in the application as if you created it yourself.
Even if you setup allow-listing for IP addresses, this still does…
1 vote -
Add Bytespider and PetalBot to the Bot Protection list
Please add the following nasty bots to the Bot Protection by default.
Bytespider & PetalBot
Thanks
1 vote -
start caring about security & uptime
This is my idea --- Cloudways should start caring about security. Yes. My idea is that basic. How do I go for days not knowing that my clien'ts small local business website is redirecting to a russian domain selling crappy products?
I got NO alert. Nothing.
But this isn't all. I don't get alerts for 404s, soft 404s, 500s, nothing.
Cloudways assumes that if a page is throwing a 404 that it still up and good.
What I am asking for feels like the most basic things... things that hosting company would take care of long before hundreds of far…
1 vote -
Use stricter default WordPress permissions
I think the default WordPress file/folder permissions should be the stricter options available rather than those currently used on Cloudways.
https://www.google.com/search?q=default+wordpress+permissions&oq=default+wordpress+permissions&gs_lcrp=EgZjaHJvbWUyBggAEEUYOdIBCDI2MzdqMGo3qAIAsAIA&sourceid=chrome&ie=UTF-81 vote -
Security Vulnerability in the "Nickname" System for Administrator Users in Control Panel
Hello,
We appreciate your hosting of our website, and we would like to draw your attention to a security vulnerability in the "Nickname" system for the administrator user in the control panel.
Based on our experience, the email address of the administrator user is displayed by default in the "Nickname" field. This represents a significant security risk, as attackers can rely on this information to hack the website.
We strongly recommend assigning a different username for the administrator user and avoiding the use of any personal information in the nicknames.
We hope that you take this matter seriously and take…
1 vote -
TFA via Text messaging
Please offer TFA on unique code via Mobile Text message.
For those who do NOT want to use Google Authentication on mobile phones please use this.
Digital Ocean have been doing it successfully for almost 7 years.
Send TFA on mobile text message.1 vote -
1 vote
-
Highlight Invalid Domain(s) When Creating or Renewing SSL
When you have multiple domains under an SSL and in our case over 50 and the SSL cert fails due to 1 or more domains not being pointed correctly it would be helpful to have those domains highlighted so they could be fixed and not having to go through each domain to see what is causing the error.
1 vote -
Able to turn-off session timeout in the Cloudways Platform
Throughout the day, I am logged out of the Cloudways platform and must re-login in order to access it. When you need to monitor sites then this can become very annoying.
I understand this is due to security reasons, when talking to customer support they also confirmed this and mentions that this is due to a session timeout and an additional layer of security for the portal. They also mentioned that there is no option to unset it.
It would be great if we can decide ourselves if we want to use this security measure and it should be possible…
1 vote
- Don't see your idea?