Service Improvement
Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!
-
Spectre and Meltdown
Please advise about specific measures did you take regarding Spectre and Meltdowns recent announced threats in order to give a word of trust to our final customers
3 votesAdminCloudways (Admin, Cloudways) responded
Hi Filipe:
We’ve put up an update on our blog about Meltdown and Spectre: https://www.cloudways.com/blog/protection-against-meltdown-and-spectre/
Cloudways Team
-
Changing MySQL Password in Cloudways Console Updates wp-config.php
It seems logical that updating the password for MYSQL ACCESS in the Cloudways Application Management Access Details would also update the wp-config.php for that application to reflect the new password. But it does not?
1 vote -
password
Please allow users to insert special characters to change cloudways account password. because a password is used as security gate to enter into any account so it's very essential thing for every Cloudways user to set A Strong Password..
1 vote -
Have a KB/support article regarding password requirements.
The areas for passwords: Master Credentials, MySQL Access, and Application Credentials are different. It makes it difficult to use a password manager's generator.
1 vote -
SSH On Warning / Auto Off
It would be great to have some visual reminder on every page of your App settings that SSH is turned on with a simple button to disable it.
Even better would be option to "Turn On for 1 Hour" or something like that so it automatically shuts off without you having to remember to shut it off.
2 votes -
Support for IDN and Let's Encrypt
Let's encrypt supports IDN (Internationalized domain name), domain names with accented characters. However Cloudways implementation does not support Let's Encrypt with IDN,. Please update the Cloudways code
1 vote -
SSL Autorenewal Doesn't Work - Email Notification before Expiry?
The autorenewal of SSLs doesn't work. I know you're working on it. But to minimise the down time could you at least notify by email before the SSL expires so we can quickly act on it and manual renew?
1 vote -
U2F
Alternative 2 factor authentication. Currently you only support smart phone app.
2 votes -
1 vote
-
Allow other SQL GUIs to connect to the database
Cloudways should allow their users to connect to their databases with the MYSQL GUI of their choice. I was unable to use MySQL Workbench and Cloudways support essentially told me they couldn't help me because the tech believed there was an incompatibility with the OSX version and the Cloudways server. So I'm stuck using the Cloudways interface, which is not nearly as powerful as Sequel Pro.
5 votes -
Allow two-factor authentication with Duo
Duo is a great platform for two-factor authentication and already supported by a great number of platforms. It would be very nice if it would also be supported by Cloudways.
1 vote -
Add Securi Auto Site Scan every 24 hours
Add a securi site scan bundle for an extra $5 per month for a scan and report every 24 hours
5 votes -
Two step verification - Sms instead of scanning bar code
Instead of only scanning bar code, I would request you to add sms msg for this as all smartphones are not supportive. Thanks
1 vote -
Add GoDaddy Hosting which include DDOS
Godaddy Cloud Servers are about the same price as DigitalOcean and already provide DDOS protection by default. This information is something you will find if you call them for it's not listed on their website.
1 vote -
Add the ability to lock down file write access per application (so one a compromised application cannot affect other)
Applications on the same server currently have write access to each others' files by default, which is an unnecessary security risk. For example, if you have multiple Wordpress applications on the same server and one gets compromised, the hacker could also compromise any other applications on the same server. If possible, it would be worthwhile to at least have the option to lock down file write access on a per application basis. I believe you already have apache running under separate users for each application, so this might be as simple as disabling the www-data group permissions.
3 votes -
add SMS option for two factor authentication
Two factor authentication is important but at the moment I don't really feel I have this option.
Please add SMS as an option for two factor authentication.
I prefer SMS as a two factor authentication method.
I don't really want to use google authentication anymore as I just had the IOS app lose all the settings. Plus I find it more cumbersome than SMS.
Thanks!
2 votes -
Please allow a connection from Code Guard
Code Guard provides incremental backup where I can roll back as far as I like.
Critically, they also provide an alert if a file has changed which allows me to investigate if it's something I wasn't expecting.
All they need is SFTP and database access but for some reason this is not being allowed by Cloud Ways. In chat I was told that "custom changes" to the server were not allowed.1 voteAdminCloudways (Admin, Cloudways) responded
Michael, we definitely allow SFTP access https://support.cloudways.com/how-to-connect-to-your-application-using-sftp/.
About database access, it can only be done via SSH with the master credentials (https://support.cloudways.com/how-to-manage-your-databases-using-mysql-workbench/). For security reasons, we can’t leave the mysql port open to the world.
Cloudways Team
-
Drupal secure on install
Please could you find a way to keep up-to-date with Drupal core security updates (eg. current 7.38 has a critical security flaw). It's a PITA to get a security email immediately on install and have to go in and update. Isn't there a way to pull the latest secure core as part of your install process?
Thanks, Neil
3 votes -
Add a text option for 2 factor authentication
The 2 factor authentication is a great feature! You might even get more users on board if there could be an option to receive a text instead of a message through Google Authenticator (ease of use).
1 vote -
Official statement on how Cloudways implements OWASP guidelines for security.
Would like to see official statement on how Cloudways has implemented OWASP guidelines, ref: https://www.owasp.org/index.php/Top_10_2013-Top_10
2 votes
- Don't see your idea?