Service Improvement

Cloudways values its customers and their feedback! You can now give us your feedback on how we can improve Cloudways services, solution and products by pitching in your ideas!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. telnet

    i want to connect with telnet.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Option to disable MySQL manager

    I now have a publicly accessible web interface to my database running om mydomain.com:8082

    This is a security risk and I never use the MySQL manager so I would like to disable it. Please add this option!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    Mysql manager is never open to the internet. Connection is opened and only allowed from the customer IP on the fly as you activate the manager. This happens backstage when you click the mysql manager button and, of course, transparent to end users.

    We take security very seriously at Cloudways and it is one key point in our network design.

    Cloudways Team

  3. Security flaws

    When we go to each app and "reset permissions" it gives www-data group full permissions to edit/create files. It's a security leak. Our server got hacked and all sites on server got exposed. If it's not taken care of, I have to post this at various places on social media that avoid using cloudways as this can expose your clients to risk.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    Hi Amit,

    The reset permissions button has nothing to do with the fact that your site may have been hacked. It simply sets the permissions to the default that Cloudways advises for content under the public_html folder (that is 775 for folders and 664 for files). This is the default too when installing a new application. Permissions are like this to allow different team members to work on the same application (team members userids are all part of the same group). This by itself does not constitute any flaw nor security issue and will not imply the server will be hacked. Application/server will be hacked if it is not updated, it uses old/insecure plugins …

    Cloudways Team

  4. Upgrade OpenSSL!

    phpinfo() reports the OpenSSL version to be 1.0.1e. This is a security hole that needs to be fixed. Please update to the latest version.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    Hi there,

    Our servers are fully and regularly patched and have all latest Debian stable (Wheezy) security updates.

    The version we deploy is:
    ii openssl 1.0.1e-2+deb7u13 amd64 Secure Socket Layer (SSL) binary and related cryptographic tools

    And you can check here that this is the latest openssl release in Wheezy (stable) with the proper security patches:
    https://packages.debian.org/search?keywords=openssl

    We precisely chose Debian for the strong security and stability culture that the community has.

    Cloudways Team

  • Don't see your idea?

Feedback and Knowledge Base