🔥 New Features

🌟 Client Reports For Professional Branded Website Maintenance Reports

Build Trust With Clear Website Maintenance Reports for Your Clients. Generate professional, fully branded site reports for your clients directly from the xCloud dashboard in just a few clicks.

• Comprehensive Site Reports: Generate reports covering performance, security, backups, updates, and traffic all in one place. Choose your reporting period and customize which sections to include or exclude.

• Full Branding Control: Add your own logo, company name, colors, and custom intro/outro messages. Your clients see your brand, not ours.

• Custom Development Logging: Log custom development work you delivered during the reporting period so clients see exactly what they’re paying for.

• Report Preview & History: Preview reports live before generating to avoid surprises. Access your full report history with download and delete options anytime.

• Reports Include: App details and SSL certificate status, WordPress core and plugin/theme update logs, backup summary, security and vulnerability status, snapshots, PageSpeed Insights scores (mobile and desktop), traffic statistics, and custom development entries with hours and descriptions.

✨ Improvements

• Improved dashboard workflows for a smoother site and server management experience.

• Enhanced several user interface areas to make key information easier to find and understand.
• Improved overall platform stability and reliability across common actions.

✨ Bug Fixes

• Fixed issues affecting some site and server management workflows.
• Resolved minor UI inconsistencies across the dashboard.
• Improved error handling for a more reliable user experience.

🔥 New Features

🌟 Introduced Site Rules For OLS Server

Manage HTTP Headers & Redirects for WordPress Sites. Create and manage HTTP headers and redirect rules for WordPress sites running OLS directly from the xCloud dashboard.

• Add Custom Headers: Define custom HTTP response headers (security headers, caching headers, CORS, etc.) for your WordPress site directly from the dashboard. Strengthen site security, control browser caching, and manage cross-origin policies without manually editing nginx configuration files.

• Redirects: Set up 301/302 redirects for URLs, paths, or patterns from a clean, intuitive interface. Manage post-migration URL changes, enforce trailing slashes, or route legacy paths to new destinations — all without writing a single rewrite rule by hand.

⚡ Improvements

✅ Patchstack now tracks each site individually for more reliable scans, updates, and SSO.

✅ Vulnerability counts now match across all pages, “Last Scanned” is back, and you’ll get instant alerts on new threats.

🐛 Bug Fixes

🔧 Fixed Cloudflare WAF rule that was blocking Googlebot and breaking SEO on 100+ sites.

🔧 Fixed Push-to-Deploy toggle so disabling it actually stops deployments.

🔧 Fixed 502 errors on Node.js, N8N, and Uptime Kuma sites after re-enable.

🔧 Fixed misleading “select at least one database” error when editing database users.

🔧 Fixed orphaned staging sites left behind when deleting a production site.

🔧 Fixed backup table to show the real total instead of just the current page count.

✨ Improvements

• Improved Mailbox Admin Visibility – NEW Mailbox management now has better admin tooling and reporting support.
• Safer Staging Pull from Production – Pulling data from production to staging is now safer. – Sensitive mailer credentials are sanitized during staging sync. WordPress salts are refreshed for staging environments.PHP version parity is improved between production and staging. Helps prevent accidental use of production credentials in staging
• Faster OpenClaw Server Readiness – We improved the infrastructure flow for OpenClaw server creation so eligible OpenClaw servers can be prepared and assigned faster.
• Better Server Resize Billing Flow – Server resize billing now works more smoothly with the invoice payment modal.
• Improved Service Sync ReliabilityWe added a more reliable server service sync flow to keep server service records aligned.
• Cleaner Alert Notifications – We improved alert handling to prevent duplicate notifications for some alert events.This helps reduce noise and keeps notifications more accurate.
• Stronger Supply Chain Protection – We added an npm package safety guard to reduce the risk of installing newly published potentially unsafe packages too quickly.
• The server creation stack input has been updated with better design and positioning.

🐛 Bug Fixes:

• Fixed an issue where the Rank Math NGINX rewrite template could generate unsafe or unreliable rewrite output.
• Fixed an issue where the first server bill could be missing in some billing repair flows.
• Fixed a duplicate bill hash issue during server bill repair.
• Fixed server bill matching so products are matched correctly by renewal period.
• Fixed an issue where PHP auto-healing installation could run incorrectly on Al Agent Hosting and Docker-based stacks.
• Fixed a Redis extension issue that could cause instability during PHP installs on OpenLiteSpeed or NGINX servers.
• Fixed an issue where the caching page could appear blank for sites without a Redis password.
• Improved Redis password show/hide behavior on the caching page.
• Hardened the sudo user provisioning script for better reliability.
• Fixed server permission tests and backend handling around the newer server service structure.

🔥 New Features

• ⚡ xCloud now provisions servers nearly 50% faster – We optimized how xCloud prepares new servers. Required services are prioritized first, while non-essential setup tasks are handled more efficiently in the background.
  📌 New servers can become ready faster.  
  📌 Initial setup feels smoother and less blocked.  
  📌 Users can start working sooner after creating a server.

• Install Services from the Dashboard – When you install a site, your required services will be auto-installed. But if you want, you can now also install supported services directly from the server management dashboard.
  Instead of relying on manual setup, users can open the Install a Service panel and choose which service or runtime they want to add to the server.
  📌 Install services from the server dashboard.
  📌 Supported options include PHP, Node.js, Redis, MySQL, and MariaDB.
  📌 Version-specific options appear after selecting a service.
  📌 Makes server customization easier without manual command-line work.
  
  Visit Server > Settings

Then you can install the required service as per your need:

• Service Auto-Healing Foundation – xCloud now has a stronger foundation for detecting and recovering failed services.
  📌 Services can be tracked more reliably.
  📌 Failed or inactive services are easier to detect.
  📌 This improves long-term server reliability and prepares xCloud for better automatic recovery flows.

✨ Improvements

• Smarter Service Management – Server services are now tracked in a more structured and reliable way.
  📌 More accurate service status tracking.
  📌 Clearer separation between services and runtimes.
  📌 Easier management for start, stop, restart, and install actions.
  📌 Better foundation for real-time service updates.
  
• Live Service Status Updates — Service actions now provide better real-time feedback in the dashboard.
  📌 See service status changes without constantly refreshing the page.
  📌 Better visibility when installing, starting, stopping, or restarting services.
  📌 Easier to understand what is happening on your server.
  
• Clearer Services and Runtime Display – The server management interface now shows services and runtimes more clearly.
  📌 Easier to understand which services are installed.  
  📌 Cleaner labels for server components.  
  📌 Better organization for PHP, Node.js, database services, and other runtimes.
  
• Improved Database Options – Database-related options are now cleaner and easier to understand.
  📌 Better database picker during site creation.
  📌 More consistent naming and capitalization.
  📌 Less confusion when selecting database options.
  
  No action is required from users. Existing servers will continue working normally.

🐛 Bug Fixes:

📌 Improved WordPress migration verification so xCloud can better confirm when a migration has completed successfully.

🔥 New Features

🚀 xCloud MailBox – Free Professional Mailbox With Advanced Features

The xCloud MailBox Addon is now a complete business productivity suite — not just email anymore. Create professional email addresses with your own domain (e.g., yourname@yourbusiness.com), build trust with customers, and manage everything from one place.

• Free Mailbox for xCloud Server/Provider Users — Every unique domain hosted on an xCloud Managed or Provider Server now gets one free professional mailbox with the full suite included. No setup fee, no commitment.

• Professional Email Features — Threaded conversations, unlimited email signatures, built-in rules engine for auto-filtering and tagging, spam and phishing protection, unified inbox for all accounts, IMAP & POP client support, aliases, mail forwarding, catch-all addresses, mail templates, schedule send, undo send, snooze, and follow-up reminders.

• Full Business Workspace — Built-in calendar with smart scheduling, RSVP, recurring events, and resource booking. Shared task lists with due dates, reminders, priority flags, and team collaboration. Personal address book with smart autocomplete. Dark mode and app access on any device.

• Upgrade to Unlock Even More — Cloud Drive with file sharing, version history, WebDAV, and sync clients. Built-in document, spreadsheet, and presentation editors with real-time collaboration. Shared contacts across your organization. Read receipts and follow-up reminders.

• Enterprise-Grade Security — Two-factor authentication, WebAuthn hardware key support, end-to-end encryption, and premium antivirus, antispam, and antiphishing protection.

• Plans Starting at Just $1/mo — 8GB at $1/mo, 25GB at $2.5/mo, 50GB at $5/mo, and 80GB at $8/mo with support for 25+ languages.

• Easy Migration from Legacy Mailbox — Existing users can migrate seamlessly to the new mailbox using the built-in migration tool. Move all emails in bulk per domain, keep the same pricing and billing, and unlock more features at no additional cost.

• AI-Powered Email Productivity — Auto-generate email replies and subject lines, summarize long email threads in seconds, smart classification to sort your inbox automatically, automate routine tasks with Smart Tasks, and text-to-speech for emails read aloud.

✨ Improvements

• Cloudflare integration no longer requires the Origin CA Key, so new Cloudflare users can connect without it.
• Users now see AI-powered answer suggestions while creating support tickets.

🐛 Bug Fixes

• Fixed site environment stays as Production when the domain update fails during the demo-to-live transition.
• Fixed Authorization header being dropped on OpenLiteSpeed Node-app reverse proxy.
• Fixed an issue related to the  MariaDB database settings.
• Billing accuracy and invoice reconciliation improvements
• Internal admin reporting and MRR visibility enhancements
• Missing bill detection and recovery workflow improvements
• Server billing calculation fixes for resize and plan changes
• Provider data sync improvements for Vultr backups, server size, and billing status
• Mailbox migration backend improvements, including migration flow, plan handling, and provider architecture
• Multi-provider mailbox architecture improvements with OX Mail integration
• Abuse report handling improvements with better queue processing
• WordPress vulnerability scanning performance improvements
• White-label product picker and storage information improvements
• Server SSH authentication state handling improvements
• Domain update rollback improvements for safer failed updates
• Internal API callback error response improvements
• Meta Ads purchase tracking and deduplication improvements
• Internal report access control and permission handling improvements
• Site deletion and PHP-FPM restart safety improvements
• GitHub release and cache handling improvements
• Internal test coverage and rollback test improvements
• Various UI polish, route guards, loader states, and admin action improvements

🔖 Resources

• How to Set Up xCloud MailBox Addon
• How to Configure Your Email Client with xCloud Mailbox Addon
• How to Migrate Emails From Legacy Mailbox To The New xCloud MailBox

Security Release – 🔒 Dirty Frag Linux Kernel Vulnerability Mitigation Applied

Dirty Frag mitigation has been applied across all connected xCloud servers, including xCloud-managed and self-managed servers, via the existing security patch system. The vulnerable kernel modules are safely disabled and unloaded where applicable. Nothing needs to be done from your end, and there is no downtime or reboot requirement.

🔥 New Features

OpenClaw & Hermes Reseller Panel

– Resellers can offer fully managed OpenClaw, Hermes & Paperclip hosting to their own customers.
– Customers get AI agent hosting powered by xCloud, while resellers manage sales and customer access from one place.
– This makes it easier for agencies, hosting providers, and AI service businesses to launch their own AI hosting services without building the infrastructure themselves.

✨ Improvements

1. xCloud Free Vulnerability Checker is now up-to-date with the latest Wordfence workflow
2. New clients get a more user-friendly approach to set up their already paid servers during the signup and onboarding process.
3. Server and Site now show the correct MySQL or MariaDB version.
4. Improved the domain update process so the dashboard shows more accurate status updates during domain changes.
5. Improved server provider credential validation with clearer error messages when credentials are incorrect.
6. Improved the WordPress vulnerability scan page with a cleaner layout, better action buttons, and clearer security status.
7. Improved OpenLiteSpeed Rescue Site handling so custom PHP worker settings are preserved.
8. Improved Google Drive restore handling so remote site backup restore errors are shown more clearly instead of failing silently.
9. During ticket creation users can now also see helpful related documentation in real time.

🐛 Bug Fixes

1. Fixed an issue where Cloudflare actions could fail if an older Cloudflare integration had an invalid API token.
2. Fixed WP-CLI warnings appearing on WordPress multisite environments.
3. Fixed an issue where whitelabel brand logos and landing page navbar logos could overwrite each other.
4. Fixed incorrect failure titles on site delete, clone, and migration progress pages.
5. Fixed reserved xCloud platform domains being allowed during go-live or additional domain setup.
6. Fixed SSL status showing as failed while certificates were still being generated. It now correctly shows as pending.
7. Fixed the cookie banner showing on error pages and overlapping important error messages.
8. Fixed dropdowns closing unexpectedly when interacting with modals.
9. Fixed OpenClaw session file cleanup to prevent large session files from slowing down the chat UI.

Security Release – 🔒 CVE-2026-31431 (“Copy Fail”) Mitigation Applied
Automatically disables the vulnerable algif_aead Linux kernel module across all connected servers — both xCloud-managed and non-managed — via the existing security patch system. The module is permanently blacklisted, safely unloaded if running, and verified blocked without impacting older or custom server configurations. No action required from your side.

New Features

🆕 Introducing Hermes Agent Hosting on xCloud

Deploy your own self-improving AI agent with persistent memory, auto-built skills, and multi-platform messaging — fully managed on xCloud. No terminal or DevOps experience needed.

Hermes Agent remembers you across sessions, builds new skills as it works, and runs 24/7 on autopilot. You sign up, we deploy, you start chatting.

• Persistent memory – remembers everything across sessions, no re-explaining needed.
• Self-building skills – gets smarter the longer it runs by learning from every task.
• Multi-platform messaging – manage from Telegram, Discord, Slack, WhatsApp & more.
• Built-in scheduling for reports, monitoring, and automations.
• 40+ tools out of the box – web search, browser automation, code execution, vision, and more.

🌟 With xCloud, you get one-click deployment, built-in Telegram support, auto SSL, daily backups, managed updates, and security – all in one place.

👉 Visit the page for more details.

🐛 Improvements

📌 Added a combined stack called Agentic for OpenClaw, Paperclip, and Hermes Agent for xCloud Managed Servers.

📌 Added Cloudflare Security Settings support for OpenLiteSpeed sites

🐛 Bug Fixes

📌 Fixed an issue related to Nginx regeneration

📌 Fixed incorrect commit details showing in GIT deployment history

📌 Fixed deployment issues for GitHub auto-deploys

📌 Fixed SSL retry options for failed certificates

📌 Fixed silent failures with Disable Nginx Regeneration across multiple site actions

📌 Fixed SSL-related issues affecting failed certificates, multisite subdomains, and staging/live sites

🔥 New Features

🆕 Introducing Paperclip Hosting on xCloud

Deploy and run an autonomous company powered entirely by AI agents — fully managed on xCloud. No coding or server skills needed.

Paperclip lets you hire AI employees, set goals and budgets, and let your agents run 24/7. You stay in control. They handle the work.

✅ Full org chart setup – hire AI employees for any role 

✅ Set goals and budgets, agents work toward them automatically 

✅ Per-agent budgets to prevent runaway API costs 

✅ Audit log of every decision and tool call

🌟With xCloud, you get a fully managed server with automatic updates, security, logs, SSH, and more – all in one place.

📑 Requirements:

• xCloud Managed Server with at least 4GB RAM
• Dedicated server (no other apps run alongside Paperclip)

🆕 Gemma 4 Variants Support for Ollama

Gemma 4 is Google’s lightweight open model family – and it’s now supported in Ollama on xCloud. You can pull Gemma 4 variants directly from your Ollama dashboard and connect them to OpenClaw or other agent workflows for fully self-hosted, private, API-cost-free AI.🔥

Great for teams that want to experiment with local models alongside options like DeepSeek R1, or run sensitive workloads entirely on their own infrastructure.

🆕 Cloudflare Under Attack Mode Toggle

Cloudflare’s Under Attack mode performs additional security checks to help mitigate layer 7 DDoS attacks. Validated users access your website and suspicious traffic is blocked. It is designed to be used as one of the last resorts when a zone is under attack (and will temporarily pause access to your site and impact your site analytics).

You can now enable or disable Cloudflare’s “Under Attack Mode” directly from the Site security settings page of xCloud dashboard. 

🆕 Git Integration for Docker Compose Sites

You can now deploy custom Docker Compose projects directly from a Git repository on xCloud. Connect your public, private, or linked Git provider, auto-detect ports from your docker-compose.yml, map services to domains, and go live – all from the xCloud dashboard.

🐛 Improvements & Bug Fixes

📌Fixed Codex authentication flow issue

📌Fixed UI related issues across multiple pages

📌Fixed an issue related to the blank server monitoring page

📌Fixed MySQL installation version issue on Ubuntu 24.04

📌Fixed Docker site deletion getting stuck when a Redis file is missing

📌Fixed package upgrades showing as failed after a reboot

📌Fixed Fail2Ban timeout issue

📌Fixed staging option showing for unsupported WordPress multisite

📌Fixed empty site title issue in Bulk Nginx Customization