Service Improvement

Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. eedback.cloudways.com is not loading on SSL you must use this

    eedback.cloudways.com is not loading on SSL you must use this

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Force SSL

    It would be nice if we could have a Force SSL option from the control panel for wordpress. Then you would not have to install a ssl plugin or add rules to HTACCESS

    32 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Ability to disable TLS 1.0 and 1.1 server wide

    After enabling SSL in my sites, I run multiple tools to scan for vulnerabilities and imisconfigurations. Every one of them is telling me that those protocols are insecure, deprecated and should be disabled. I asked support to do it server wide, but they said it can only be done manually on app basis. To me this is unacceptable, since this should be approached from a server perspective as a whole.

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Cloudways please document your security practices

    I would like to suggest that Cloudways publishes an article or other document that describes how Cloudways maintains, patches, updates servers and secures them.

    The intent is not to disclose details that puts security at risk but instead demonstrates the value Cloudways is providing in the area of helping its customers maintain a secure server and application environment.

    Information should include frequency of update / patch deployment, frequency of security scans for malware / unauthorized access, firewall ports and services that are open especially those for inbound traffic from the Internet, intrusion protection mechanisms, transparency reports for government information requests…

    48 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  7 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. TLS 1.3

    Please support TLS 1.3 since it's faster and more secure. Chrome 70 and Firefox 63 officialy support it now.

    https://www.ietf.org/blog/tls13/

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Block option for all IP address for SSH or Mysql

    Block option for all IP address for SSH or Mysql. except we choose IP Address

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    Hello

    This is already integrated into the platform.

    MYSQL Remote access is disabled by default, users will have to whitelist the IP to access MySQL remotely. For more details please visit https://support.cloudways.com/en/articles/5124817-how-to-whitelist-ip-addresses-for-remote-mysql-connections

    While for SSH we provide an option to disable access completely except the whitelisted IP addresses. please visit https://support.cloudways.com/en/articles/5121429-how-to-manage-ip-access-for-ssh-and-sftp-connections

    Best Regards,
    Cloudways Team.

  7. 46 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    25 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Enable Let's Encrypt Auto-renewal to work with .htaccess redirects in place

    When a website is SSL secured (https) it is recommended to have redirect rules in place which enforce https (redirect http to https) and of course redirecting to one version (www vs non-www).

    It appears that the Let's Encrypt Auto-Renewal does not work. It will fail saying there are htacces rules restricting it from working. I am not sure if this is an issue for Cloudways to fix, or Let's Encrypt.

    In either case, the solution provided by Cloudways support is to:
    1. Temporarily rename your .htaccess (so it is not in effect)
    2. REVOKE your Let's Encrypt Certificate
    3.…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    Hello

    We have resolved this issue, an update was deployed on all customer’s servers.

    LE SSL installation is now independent of rules added in htaccess, now users just have to make sure that the domain is added in the domain section of the application and the domain is pointing to Cloudways server, any rules in htaccess will not conflict with SSL installations.

    Best Regards
    Cloudways

  9. The git deployment documentation should tell the users to use GitHub's Deploy Keys feature.

    The documentation that shows user how to deploy from Git (https://support.cloudways.com/using-git-for-deployment) tells users to give CloudWays full access to their GitHub account. Ideally the documentation should show GitHub's "Deploy Keys" feature (https://developer.github.com/guides/managing-deploy-keys/#deploy-keys) which allows the user to give CloudWays access to just the repositories it needs.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    The documentation on how to deploy from Git on the Cloudways Platform has now been updated to promote the use of repository-specific deployment keys.

    Cloudways Team

  10. Please add TFA option for team account. Not only the main account

    Please add TFA option for team account. So the server security never get compromised by team account hijack

    16 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. Provide a way to edit/remove Let's Encrypt from application

    Currently there is no way to make a change to the installed certificate so it is not possible to change the domain once a cert has been installed. The only resolution available presently is to migrate to a new application.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. A better backup scheme

    So here my suggestion for a better backup scheme. Do something like keeping:
    = 1 - 3 monthly backups
    + 3 weekly backups
    + 4 - 6 daily backups
    This way a longer period is covered without increasing the space required for backups. You can try keeping it at 8, although 12 would be ideal as it will cover last 3 mo, last 3 wk, and last 6 days.

    Other suggestions:
    - Allow to choose the time of day to do backup so it won't slow down the server during busy hours.
    - Allow to choose external backup destination like…

    208 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We are closing this thread as we have implemented most of the features requested by OP and other features requested by users in the comments over the years. Here is the list of the features we have introduced around backups.

    1. We added the option to set backup retention from 1 to 4 weeks.
    2. We added the option to set the frequency of backups from 1 hour to 168 hours (1 week).
    3. We introduced on-demand application backup options.
    4. Users can now specify the time at which the backups process should be initiated on the server.
    5. Users can now restore their deleted servers from the Cloudways Platform. Previously this feature was limited to support but to give customers more control this feature is now available to all Cloudways customers.
    6. Users can now restore their deleted applications from the Cloudways Platform to an existing or new server.

  13. Add multiple domain ssl support for a single application.

    I have WordPress MU and I have multiple ssl certificates for the multiple domains but I can't use it within one application, therefore I have to create multiple wordpress instances for the domains.

    Very annoying that I can't use WordPress MU with multiple domains with multiple single domain ssl certifications.

    31 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We have added a support of SAN in our platform, which will allow you to have a support for multiple domains using single SSL certificate. Having SAN available there won’t be a need of getting separate SSL for multiple domains mapped to a single website.

    Moreover, work is already in progress for Let’sEncrypt (freeSSL) to support multiple domains using single SSL.

    Cloudways Team

  14. Rehabilitate SSH access with application credentials

    Rehabilitate SSH access with application credentials and not for only Master credentials.

    In my case, we have our software, installed on our software, that connect via SSH to single application for launch some php script with php-cli.

    Now, i can't give master password to our customer!

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. Fallback to SMS or Backup Codes (like Google) on Two-Factor Authentication issues

    Lost access to TFA authentication should fall back to SMS or Backup Codes (like Google) rather than a quick comment on the chat.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Let two-factor authentication remember your computer for 30 days

    Glad to have two-factor authentication, but it's a huge hassle to use every time I have to log in -- especially since the system automatically logs me out after such a short period of inactivity (an hour maybe?).

    Please add a "Remember this computer for 30 days" option -- the exact same way Google does it -- so that we only have to do the two-factor auth (on a known computer) once a month.

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. OCSP stapling

    Please switch on OCSP stapling. This feature makes access to HTTPS sites faster in case of OSCP present, so avoid clients requests to CA to verify certs.

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. Support 'Let's Encrypt' (automatic and free SSL/TLS)

    Mid 2015 the Let's Encrypt Certificate Authority (CA) is expected to go live. It would be great if Cloudways would join this effort and offer it as a service to their customers. This CA & software will allow automatic and free (domain validated) SSL/TLS for any domain.

    For more information visit https://letsencrypt.org/

    157 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    58 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. 27 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We have got into a partnership with Sucuri where we can offer their services at a discounted price. Read more here:
    https://support.cloudways.com/how-to-setup-sucuri-antivirus-website-monitoring/

    After extensive research, we think Sucuri is the best option for our customers. They are experts in the CMSs we deploy (Wordpress, Magento …) and their services have the flexibility our customers need (including on-demand site cleaning).

    Cloudways Team

  20. 10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    This has been completed. All new applications are deployed with proper settings and we are working on applying same settings to all existing applications.

    Cloudways Team

← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base