It would be good if there was an option not to run Apache as the same user as SSH / file owner. That way it would be possible to make files & folders read-only as far as the server / PHP is concerned.3 votes
i want to connect with telnet.1 vote
We don’t have plan to support telnet.
I now have a publicly accessible web interface to my database running om mydomain.com:8082
This is a security risk and I never use the MySQL manager so I would like to disable it. Please add this option!1 vote
Mysql manager is never open to the internet. Connection is opened and only allowed from the customer IP on the fly as you activate the manager. This happens backstage when you click the mysql manager button and, of course, transparent to end users.
We take security very seriously at Cloudways and it is one key point in our network design.
When we go to each app and "reset permissions" it gives www-data group full permissions to edit/create files. It's a security leak. Our server got hacked and all sites on server got exposed. If it's not taken care of, I have to post this at various places on social media that avoid using cloudways as this can expose your clients to risk.1 vote
The reset permissions button has nothing to do with the fact that your site may have been hacked. It simply sets the permissions to the default that Cloudways advises for content under the public_html folder (that is 775 for folders and 664 for files). This is the default too when installing a new application. Permissions are like this to allow different team members to work on the same application (team members userids are all part of the same group). This by itself does not constitute any flaw nor security issue and will not imply the server will be hacked. Application/server will be hacked if it is not updated, it uses old/insecure plugins …
phpinfo() reports the OpenSSL version to be 1.0.1e. This is a security hole that needs to be fixed. Please update to the latest version.1 vote
Our servers are fully and regularly patched and have all latest Debian stable (Wheezy) security updates.
The version we deploy is:
ii openssl 1.0.1e-2+deb7u13 amd64 Secure Socket Layer (SSL) binary and related cryptographic tools
And you can check here that this is the latest openssl release in Wheezy (stable) with the proper security patches:
We precisely chose Debian for the strong security and stability culture that the community has.
- Don't see your idea?