It would be nice if we could have a Force SSL option from the control panel for wordpress. Then you would not have to install a ssl plugin or add rules to HTACCESS

eedback.cloudways.com is not loading on SSL you must use this

Provide Let's Encrypt free wildcard SSL

https://letsencrypt.org/2017/07/06/wildcard-certificates-coming-jan-2018.html

Please add TFA option for team account. So the server security never get compromised by team account hijack

DDoS is a common problem now, maybe Cloudways can add a DDoS Mitigation service and upgrade their Network hardware to secure against Level 3 DDoS attacks

The documentation that shows user how to deploy from Git (https://support.cloudways.com/using-git-for-deployment) tells users to give CloudWays full access to their GitHub account. Ideally the documentation should show GitHub's "Deploy Keys" feature (https://developer.github.com/guides/managing-deploy-keys/#deploy-keys) which allows the user to give CloudWays access to just the repositories it needs.

I have WordPress MU and I have multiple ssl certificates for the multiple domains but I can't use it within one application, therefore I have to create multiple wordpress instances for the domains.

Very annoying that I can't use WordPress MU with multiple domains with multiple single domain ssl certifications.

Currently there is no way to make a change to the installed certificate so it is not possible to change the domain once a cert has been installed. The only resolution available presently is to migrate to a new application.

Rehabilitate SSH access with application credentials and not for only Master credentials.

In my case, we have our software, installed on our software, that connect via SSH to single application for launch some php script with php-cli.

Now, i can't give master password to our customer!

Mid 2015 the Let's Encrypt Certificate Authority (CA) is expected to go live. It would be great if Cloudways would join this effort and offer it as a service to their customers. This CA & software will allow automatic and free (domain validated) SSL/TLS for any domain.

For more information visit https://letsencrypt.org/

Lost access to TFA authentication should fall back to SMS or Backup Codes (like Google) rather than a quick comment on the chat.

Glad to have two-factor authentication, but it's a huge hassle to use every time I have to log in -- especially since the system automatically logs me out after such a short period of inactivity (an hour maybe?).

Please add a "Remember this computer for 30 days" option -- the exact same way Google does it -- so that we only have to do the two-factor auth (on a known computer) once a month.

I would like to set retention to 1 year if I want to.

A simple button to turn ssh on and off, ssh can be turned off until the admin needs to use it so it adds an additional level of security straight on the dashboard. Thanks

Please check why here https://www.eff.org/fr/deeplinks/2014/04/why-web-needs-perfect-forward-secrecy and how here https://www.digicert.com/ssl-support/ssl-enabling-perfect-forward-secrecy.htm#apacheforwardsecrecy

Would love for the option of two step authentication when logging into your site using Google Authenticator or Authy.

I would like to see the ability to have multiple SSL certificates on ONE server instance. Right now you have to create another server instance, with its additional costs.

Ability to add SSH keys as per digital ocean. Saves password logins when making and deploying changes.