Service Improvement
Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!
109 results found
-
Allow "global" or account-level SSH keys, which are automatically added to every server
Currently, we have to manage SSH keys individually for every server. It would be awesome to be able to add global SSH keys, and then when a new server is created, those SSH keys are automatically installed on every server.
Additionally, it would be nice if when we added a account-level SSH key, it was added to all existing servers.
8 votes -
create a drop-down for "SSL ciphers" in the "APPLICATION SETTINGS" below the "TLS VERSIONS" for customers who want only strong SSL ciphers
Customers can get an A+ rating on https://www.ssllabs.com/ssltest/ if you:
Add an "SSL ciphers" drop-down for customers that are interested in only using strong SSL ciphers.You can consider your current ciphers as "default", and add an option for "most secure" that allows customers to select a pre-defined "A+ rated" SSL cipher configuration.
The "SSL Cipher" configuration would go below the existing "TLS VERSIONS" option in the "APPLICATION SETTINGS" > "GENERAL" > "TLS VERSIONS" configuration interface.
8 votes -
Stop server from leaking SSL information
If the application is served through a WAF, you don't want anyone to bypass the WAF by accessing the server using its IP address.
Cloudways gives us the option to disable access to the application using the IP address only (apache Access Application via IP). However, the web server is still responding to SSL requests, thus leaking the certificate information that would include the common name.
The SSL certificate should only be presented to the WAF/requests using the hostname/URL and not by accessing the IP address.
It seems that cloudways is using nginx as a reverse proxy in front of…
7 votes -
Enable/ Disable mod_security
Please add Enable/ Disable for mod_security . This will increase our servers and applications security.
7 votes -
Enable Encrypted RDS MySQL Database
Enabling Encrypted MySQL Database on Amazon AWS would enable encryption at rest and improve security.
This would be a truly unique offering (trust me, I have been researching this for days), one that I can't believe isn't more requested or offered given the hacks and breaches we have seen over the last few years.
7 votes -
Provide alerts on successful SSH and SFTP login
Please provide alerts on successful SSH and SFTP logins to a server.
These alerts are important for visibility of when someone has accessed the server and making sure that access was expected.
6 votes -
Labels and wildcards for database whitelist
Add the ability to label IPs added to the remote DB whitelist so you can add your own identifier to IPs. And also add the ability to wildcard IPs by range eg. 5.40.%.%, and also the ability to add by domain name in addition to IP. This will allow for better management and greater control of whitelisted IPs
6 votes -
yubikey support
would be great to add hardware 2FA devices with fallback to google auth or SMS.. :)
6 votes -
Force 2FA for Team Members
As account owner, I can setup 2FA on the main account, but I can't force my team members (some of whom have full access) to do so. This obviously creates a security loophole.
6 votes -
Cloud Firewalls
Will you offer a service similar to Cloud Firewalls, as provided by Digital Ocean? You can check the link here: https://blog.digitalocean.com/cloud-firewalls-secure-droplets-by-default/
6 votes -
Change wordpress login page url within cloudways to prevent brute-force login attempts
It would be great If I could change the login url of my wordpress site from website.com/wp-admin to website.com/my-custom-login-url in order to prevent unwanted brute-force login attempts.
5 votes -
Bulk enable bot protection on all apps over a server
I want to know if there is a possibility to enable bot protection on all of the apps under a server at once. I asked the support team but they have said no. I badly need that since that could possibly save days of work as I have over 100 websites running under your servers.
5 votes -
Add WAF module StackPath
Like done with CloudFlare and Sucuri a WAF module for StackPath's WAF would be great. So, one will be able to see the real IP - just like with CloudFlare and Sucuri
5 votes -
5 votes
-
Allow other SQL GUIs to connect to the database
Cloudways should allow their users to connect to their databases with the MYSQL GUI of their choice. I was unable to use MySQL Workbench and Cloudways support essentially told me they couldn't help me because the tech believed there was an incompatibility with the OSX version and the Cloudways server. So I'm stuck using the Cloudways interface, which is not nearly as powerful as Sequel Pro.
5 votes -
Add Securi Auto Site Scan every 24 hours
Add a securi site scan bundle for an extra $5 per month for a scan and report every 24 hours
5 votes -
5 votes
-
Show Two factor Auth status on Team page.
Users can turn on two-factor authentification in their account.
But there is currently no way to see if the team members you have in your team have enabled it. It makes it impossible to enforce two-factor auth and poses a security risk.Suggestion: Show "2FA enabled" next to team members that have enabled it on the Team page.
4 votes -
Provide an SSL badge for Cloudways users to display on their sites. Most SSL companies provide an HTML Coded badge for website users to see.
Provide an SSL badge for Cloudways users to display on their sites. Most SSL companies provide an HTML Coded badge for website users to click on which then opens a security check popup that shows that the site is, in fact, secure at the very moment of use. It's reassuring for users, especially on an e-commerce site, to know they are protected.
4 votes -
Two factor authentication - Mandatory for Team Members
Please add the ability for main/primary account holders to force TFA use for all Team Member accounts. Not having this capability (or the ability to see TFA status on Team Member accounts) is a significant security hole, of the type that could lead us to migrate away.
4 votes
- Don't see your idea?