Currently, we have to manage SSH keys individually for every server. It would be awesome to be able to add global SSH keys, and then when a new server is created, those SSH keys are automatically installed on every server.

Additionally, it would be nice if when we added a account-level SSH key, it was added to all existing servers.

Customers can get an A+ rating on https://www.ssllabs.com/ssltest/ if you:
Add an "SSL ciphers" drop-down for customers that are interested in only using strong SSL ciphers.

You can consider your current ciphers as "default", and add an option for "most secure" that allows customers to select a pre-defined "A+ rated" SSL cipher configuration.

The "SSL Cipher" configuration would go below the existing "TLS VERSIONS" option in the "APPLICATION SETTINGS" > "GENERAL" > "TLS VERSIONS" configuration interface.

Please add Enable/ Disable for mod_security . This will increase our servers and applications security.

Enabling Encrypted MySQL Database on Amazon AWS would enable encryption at rest and improve security.

This would be a truly unique offering (trust me, I have been researching this for days), one that I can't believe isn't more requested or offered given the hacks and breaches we have seen over the last few years.

Add the ability to label IPs added to the remote DB whitelist so you can add your own identifier to IPs. And also add the ability to wildcard IPs by range eg. 5.40.%.%, and also the ability to add by domain name in addition to IP. This will allow for better management and greater control of whitelisted IPs

As account owner, I can setup 2FA on the main account, but I can't force my team members (some of whom have full access) to do so. This obviously creates a security loophole.

Will you offer a service similar to Cloud Firewalls, as provided by Digital Ocean? You can check the link here: https://blog.digitalocean.com/cloud-firewalls-secure-droplets-by-default/

Please provide alerts on successful SSH and SFTP logins to a server.

These alerts are important for visibility of when someone has accessed the server and making sure that access was expected.

I want to know if there is a possibility to enable bot protection on all of the apps under a server at once. I asked the support team but they have said no. I badly need that since that could possibly save days of work as I have over 100 websites running under your servers.

Like done with CloudFlare and Sucuri a WAF module for StackPath's WAF would be great. So, one will be able to see the real IP - just like with CloudFlare and Sucuri

would be great to add hardware 2FA devices with fallback to google auth or SMS.. :)

Cloudways should allow their users to connect to their databases with the MYSQL GUI of their choice. I was unable to use MySQL Workbench and Cloudways support essentially told me they couldn't help me because the tech believed there was an incompatibility with the OSX version and the Cloudways server. So I'm stuck using the Cloudways interface, which is not nearly as powerful as Sequel Pro.

Add a securi site scan bundle for an extra $5 per month for a scan and report every 24 hours

Provide an SSL badge for Cloudways users to display on their sites. Most SSL companies provide an HTML Coded badge for website users to click on which then opens a security check popup that shows that the site is, in fact, secure at the very moment of use. It's reassuring for users, especially on an e-commerce site, to know they are protected.

Please add the ability for main/primary account holders to force TFA use for all Team Member accounts. Not having this capability (or the ability to see TFA status on Team Member accounts) is a significant security hole, of the type that could lead us to migrate away.

Hello Team,

Can you please add some feature where it'll check for the blacklist before assigning server IP?

It seems like someone else was using assigned server IP before it's assigning to the user and they have abused the server so their IP is under blacklist and that blacklist server IP is not going to be useful for the new user.