Service Improvement

Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Allow Country Blocking at the Server Level

    Please consider allowing us to choose Server access to specific countries at the Server Level. If our WP sites or other applications (even our clients) are selling only within the US, why should we not block access to all other countries trying to access the server. There are so many daily hack attempts from countries outside the US, but even if this were not the case, allowing the user to manage Country Access (perhaps by blocking IP ranges) would greatly reduce the effect of DDOS attacks and also reduce server load from unrelated or unnecessary website visits. Thanks!

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Authenticated Origin Pulls / SSLVerifyClient require

    I'm new customer, and previous tenant has domains pointing to my IP.
    My server is being hammered, tried blocking malicious traffic many different ways already, but need to enable Apache option SSLVerifyClient require.

    It means, the webserver will only accept connections from cloudflare, and nobody else. Quite common for people to bypass cloudflare, and hack into the origin server directly.

    If you let me edit the server.apache file, I would put the following:

    SSLCertificateFile "/applications/xxx/privatehtml/cert2020.crt"
    SSLCertificateKeyFile "/applications/xxx/private
    html/cert2020.key"
    SSLCACertificateFile "/applications/xxx/private_html/server-ca.crt"
    SSLVerifyClient require

    Authenticated Origin Pulls
    Authenticated Origin Pulls allow you to cryptographically verify that requests to your origin server…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Block other domains visibility from whois services

    Hi, I'd like to suggest a new feature to server owner's security, to block other domains visibility from whois services. at the moment, anyone can go to any whois service (i.e. http://reverseip.domaintools.com) and by typing domain name, or the IP address can check what other domains are hosted on this server. i think, to privacy of users and server owners, this is a lack. it may be just an additional feature, but i'm sure people would love to see this as an option to disable this from public view.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    14 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Check for the blacklist IP before assigning Server IP

    Hello Team,

    Can you please add some feature where it'll check for the blacklist before assigning server IP?

    It seems like someone else was using assigned server IP before it's assigning to the user and they have abused the server so their IP is under blacklist and that blacklist server IP is not going to be useful for the new user.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. create a drop-down for "SSL ciphers" in the "APPLICATION SETTINGS" below the "TLS VERSIONS" for customers who want only strong SSL ciphers

    Customers can get an A+ rating on https://www.ssllabs.com/ssltest/ if you:
    Add an "SSL ciphers" drop-down for customers that are interested in only using strong SSL ciphers.

    You can consider your current ciphers as "default", and add an option for "most secure" that allows customers to select a pre-defined "A+ rated" SSL cipher configuration.

    The "SSL Cipher" configuration would go below the existing "TLS VERSIONS" option in the "APPLICATION SETTINGS" > "GENERAL" > "TLS VERSIONS" configuration interface.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Force SSL

    It would be nice if we could have a Force SSL option from the control panel for wordpress. Then you would not have to install a ssl plugin or add rules to HTACCESS

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Remove Server Signature for Improved Security

    Provide a way to disable the server signature to improve security by not disclosing the server type and server software, along with other information, which could allow hackers to determine vulnerabilities by listing server and software specifications.

    Thanks!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Labels and wildcards for database whitelist

    Add the ability to label IPs added to the remote DB whitelist so you can add your own identifier to IPs. And also add the ability to wildcard IPs by range eg. 5.40.%.%, and also the ability to add by domain name in addition to IP. This will allow for better management and greater control of whitelisted IPs

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. SSH keys should accept eliptic curves - not only RSA

    SSH keys should accept eliptic curves - not only RSA
    RSA is old, using too big big length.
    I would like to see possibility to use standard eliptic curves that are used everywhere. For some reason this is still not possible on Cloudways.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. SSH/Platform Login Alerts

    As an agency hosting a magnitude of customers through Cloudways we would like to see the ability to get Cloudways Bot alerts and email alerts for the following:


    • Cloudways Login

    • SSH Login (IP/Location etc)

    • SFTP Login

    • Changes to application/server configiration

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add WAF module StackPath

    Like done with CloudFlare and Sucuri a WAF module for StackPath's WAF would be great. So, one will be able to see the real IP - just like with CloudFlare and Sucuri

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. whitelist

    Please add Remark Option with Whitelist IP address in Server Security Section. Right now its difficult to find out which IP is pointing to external important server and which is IP is added for temporary use. Deleting an IP by mistake can take us into trouble as some live App IP's are listed in Whitelist IP list.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. provide a way for site-administrators to view the auth.log

    When sites are hacked the first thing to check is the auth.log to see who accessed what, when. When a compromise happens we need to be able to investigate immediately and find a fix.
    Can site owners be provided with a way to see the auth.log for their site, similar to how we can currently view web access/error logs?

    Specifically what I'm requesting is live (and perhaps filtered to my site) visibility on:
    * auth.log
    * sftpserver.log
    * history of auth and sftp
    server logs so that we can go back at least a week to see if we…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Upgrade PHP 7.3, 7.2 & 7.1 to current iterations

    Upgrade PHP 7.3, 7.2 & 7.1 to current iterations.
    Security vulnerability alerts for the following versions of PHP

    PHP 7.1 versions prior to 7.1.32
    
    PHP 7.2 versions prior to 7.2.22
    PHP 7.3 versions prior to 7.3.9

    As of today, There are currently no reports of these vulnerabilities being exploited in the wild.
    Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the affected application. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Failed…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. PHP versions per app

    be able to upgrade or downgrade php versions per app, that overrides server default

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Backup Improvement

    It'll be nice that you enable the restore of single files/directories or just the database not forcibly the whole thing.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow closing shellinabox

    The shellinabox service that runs on port 4200 is not secure enough, for a number of reasons:
    * it accepts non-TLS traffic
    * no multifactor authentication
    * no battle-tested frontend webserver like nginx before it

    Instead of fixing all of these, perhaps just allow to disable this service like you allow for other services.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Automatic IP attack blocking

    I would suggest that ips be blocked automatically by Cloudways when they were hitting on the site of yours continuously

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. close the different IP verify

    Our different colleagues need sign in cloudways frequently, so we suggest if can close the different IP verify

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base