✨ Improvements

• Improved Mailbox Admin Visibility – NEW Mailbox management now has better admin tooling and reporting support.
• Safer Staging Pull from Production – Pulling data from production to staging is now safer. – Sensitive mailer credentials are sanitized during staging sync. WordPress salts are refreshed for staging environments.PHP version parity is improved between production and staging. Helps prevent accidental use of production credentials in staging
• Faster OpenClaw Server Readiness – We improved the infrastructure flow for OpenClaw server creation so eligible OpenClaw servers can be prepared and assigned faster.
• Better Server Resize Billing Flow – Server resize billing now works more smoothly with the invoice payment modal.
• Improved Service Sync ReliabilityWe added a more reliable server service sync flow to keep server service records aligned.
• Cleaner Alert Notifications – We improved alert handling to prevent duplicate notifications for some alert events.This helps reduce noise and keeps notifications more accurate.
• Stronger Supply Chain Protection – We added an npm package safety guard to reduce the risk of installing newly published potentially unsafe packages too quickly.
• The server creation stack input has been updated with better design and positioning.

🐛 Bug Fixes:

• Fixed an issue where the Rank Math NGINX rewrite template could generate unsafe or unreliable rewrite output.
• Fixed an issue where the first server bill could be missing in some billing repair flows.
• Fixed a duplicate bill hash issue during server bill repair.
• Fixed server bill matching so products are matched correctly by renewal period.
• Fixed an issue where PHP auto-healing installation could run incorrectly on Al Agent Hosting and Docker-based stacks.
• Fixed a Redis extension issue that could cause instability during PHP installs on OpenLiteSpeed or NGINX servers.
• Fixed an issue where the caching page could appear blank for sites without a Redis password.
• Improved Redis password show/hide behavior on the caching page.
• Hardened the sudo user provisioning script for better reliability.
• Fixed server permission tests and backend handling around the newer server service structure.

🔥 New Features

• ⚡ xCloud now provisions servers nearly 50% faster – We optimized how xCloud prepares new servers. Required services are prioritized first, while non-essential setup tasks are handled more efficiently in the background.
  📌 New servers can become ready faster.  
  📌 Initial setup feels smoother and less blocked.  
  📌 Users can start working sooner after creating a server.

• Install Services from the Dashboard – When you install a site, your required services will be auto-installed. But if you want, you can now also install supported services directly from the server management dashboard.
  Instead of relying on manual setup, users can open the Install a Service panel and choose which service or runtime they want to add to the server.
  📌 Install services from the server dashboard.
  📌 Supported options include PHP, Node.js, Redis, MySQL, and MariaDB.
  📌 Version-specific options appear after selecting a service.
  📌 Makes server customization easier without manual command-line work.
  
  Visit Server > Settings

Then you can install the required service as per your need:

• Service Auto-Healing Foundation – xCloud now has a stronger foundation for detecting and recovering failed services.
  📌 Services can be tracked more reliably.
  📌 Failed or inactive services are easier to detect.
  📌 This improves long-term server reliability and prepares xCloud for better automatic recovery flows.

✨ Improvements

• Smarter Service Management – Server services are now tracked in a more structured and reliable way.
  📌 More accurate service status tracking.
  📌 Clearer separation between services and runtimes.
  📌 Easier management for start, stop, restart, and install actions.
  📌 Better foundation for real-time service updates.
  
• Live Service Status Updates — Service actions now provide better real-time feedback in the dashboard.
  📌 See service status changes without constantly refreshing the page.
  📌 Better visibility when installing, starting, stopping, or restarting services.
  📌 Easier to understand what is happening on your server.
  
• Clearer Services and Runtime Display – The server management interface now shows services and runtimes more clearly.
  📌 Easier to understand which services are installed.  
  📌 Cleaner labels for server components.  
  📌 Better organization for PHP, Node.js, database services, and other runtimes.
  
• Improved Database Options – Database-related options are now cleaner and easier to understand.
  📌 Better database picker during site creation.
  📌 More consistent naming and capitalization.
  📌 Less confusion when selecting database options.
  
  No action is required from users. Existing servers will continue working normally.

🐛 Bug Fixes:

📌 Improved WordPress migration verification so xCloud can better confirm when a migration has completed successfully.

🔥 New Features

🚀 xCloud MailBox – Free Professional Mailbox With Advanced Features

The xCloud MailBox Addon is now a complete business productivity suite — not just email anymore. Create professional email addresses with your own domain (e.g., yourname@yourbusiness.com), build trust with customers, and manage everything from one place.

• Free Mailbox for xCloud Server/Provider Users — Every unique domain hosted on an xCloud Managed or Provider Server now gets one free professional mailbox with the full suite included. No setup fee, no commitment.

• Professional Email Features — Threaded conversations, unlimited email signatures, built-in rules engine for auto-filtering and tagging, spam and phishing protection, unified inbox for all accounts, IMAP & POP client support, aliases, mail forwarding, catch-all addresses, mail templates, schedule send, undo send, snooze, and follow-up reminders.

• Full Business Workspace — Built-in calendar with smart scheduling, RSVP, recurring events, and resource booking. Shared task lists with due dates, reminders, priority flags, and team collaboration. Personal address book with smart autocomplete. Dark mode and app access on any device.

• Upgrade to Unlock Even More — Cloud Drive with file sharing, version history, WebDAV, and sync clients. Built-in document, spreadsheet, and presentation editors with real-time collaboration. Shared contacts across your organization. Read receipts and follow-up reminders.

• Enterprise-Grade Security — Two-factor authentication, WebAuthn hardware key support, end-to-end encryption, and premium antivirus, antispam, and antiphishing protection.

• Plans Starting at Just $1/mo — 8GB at $1/mo, 25GB at $2.5/mo, 50GB at $5/mo, and 80GB at $8/mo with support for 25+ languages.

• Easy Migration from Legacy Mailbox — Existing users can migrate seamlessly to the new mailbox using the built-in migration tool. Move all emails in bulk per domain, keep the same pricing and billing, and unlock more features at no additional cost.

• AI-Powered Email Productivity — Auto-generate email replies and subject lines, summarize long email threads in seconds, smart classification to sort your inbox automatically, automate routine tasks with Smart Tasks, and text-to-speech for emails read aloud.

✨ Improvements

• Cloudflare integration no longer requires the Origin CA Key, so new Cloudflare users can connect without it.
• Users now see AI-powered answer suggestions while creating support tickets.

🐛 Bug Fixes

• Fixed site environment stays as Production when the domain update fails during the demo-to-live transition.
• Fixed Authorization header being dropped on OpenLiteSpeed Node-app reverse proxy.
• Fixed an issue related to the  MariaDB database settings.
• Billing accuracy and invoice reconciliation improvements
• Internal admin reporting and MRR visibility enhancements
• Missing bill detection and recovery workflow improvements
• Server billing calculation fixes for resize and plan changes
• Provider data sync improvements for Vultr backups, server size, and billing status
• Mailbox migration backend improvements, including migration flow, plan handling, and provider architecture
• Multi-provider mailbox architecture improvements with OX Mail integration
• Abuse report handling improvements with better queue processing
• WordPress vulnerability scanning performance improvements
• White-label product picker and storage information improvements
• Server SSH authentication state handling improvements
• Domain update rollback improvements for safer failed updates
• Internal API callback error response improvements
• Meta Ads purchase tracking and deduplication improvements
• Internal report access control and permission handling improvements
• Site deletion and PHP-FPM restart safety improvements
• GitHub release and cache handling improvements
• Internal test coverage and rollback test improvements
• Various UI polish, route guards, loader states, and admin action improvements

🔖 Resources

• How to Set Up xCloud MailBox Addon
• How to Configure Your Email Client with xCloud Mailbox Addon
• How to Migrate Emails From Legacy Mailbox To The New xCloud MailBox

Security Release – 🔒 Dirty Frag Linux Kernel Vulnerability Mitigation Applied

Dirty Frag mitigation has been applied across all connected xCloud servers, including xCloud-managed and self-managed servers, via the existing security patch system. The vulnerable kernel modules are safely disabled and unloaded where applicable. Nothing needs to be done from your end, and there is no downtime or reboot requirement.

🔥 New Features

OpenClaw & Hermes Reseller Panel

– Resellers can offer fully managed OpenClaw, Hermes & Paperclip hosting to their own customers.
– Customers get AI agent hosting powered by xCloud, while resellers manage sales and customer access from one place.
– This makes it easier for agencies, hosting providers, and AI service businesses to launch their own AI hosting services without building the infrastructure themselves.

✨ Improvements

1. xCloud Free Vulnerability Checker is now up-to-date with the latest Wordfence workflow
2. New clients get a more user-friendly approach to set up their already paid servers during the signup and onboarding process.
3. Server and Site now show the correct MySQL or MariaDB version.
4. Improved the domain update process so the dashboard shows more accurate status updates during domain changes.
5. Improved server provider credential validation with clearer error messages when credentials are incorrect.
6. Improved the WordPress vulnerability scan page with a cleaner layout, better action buttons, and clearer security status.
7. Improved OpenLiteSpeed Rescue Site handling so custom PHP worker settings are preserved.
8. Improved Google Drive restore handling so remote site backup restore errors are shown more clearly instead of failing silently.
9. During ticket creation users can now also see helpful related documentation in real time.

🐛 Bug Fixes

1. Fixed an issue where Cloudflare actions could fail if an older Cloudflare integration had an invalid API token.
2. Fixed WP-CLI warnings appearing on WordPress multisite environments.
3. Fixed an issue where whitelabel brand logos and landing page navbar logos could overwrite each other.
4. Fixed incorrect failure titles on site delete, clone, and migration progress pages.
5. Fixed reserved xCloud platform domains being allowed during go-live or additional domain setup.
6. Fixed SSL status showing as failed while certificates were still being generated. It now correctly shows as pending.
7. Fixed the cookie banner showing on error pages and overlapping important error messages.
8. Fixed dropdowns closing unexpectedly when interacting with modals.
9. Fixed OpenClaw session file cleanup to prevent large session files from slowing down the chat UI.

Security Release – 🔒 CVE-2026-31431 (“Copy Fail”) Mitigation Applied
Automatically disables the vulnerable algif_aead Linux kernel module across all connected servers — both xCloud-managed and non-managed — via the existing security patch system. The module is permanently blacklisted, safely unloaded if running, and verified blocked without impacting older or custom server configurations. No action required from your side.

New Features

🆕 Introducing Hermes Agent Hosting on xCloud

Deploy your own self-improving AI agent with persistent memory, auto-built skills, and multi-platform messaging — fully managed on xCloud. No terminal or DevOps experience needed.

Hermes Agent remembers you across sessions, builds new skills as it works, and runs 24/7 on autopilot. You sign up, we deploy, you start chatting.

• Persistent memory – remembers everything across sessions, no re-explaining needed.
• Self-building skills – gets smarter the longer it runs by learning from every task.
• Multi-platform messaging – manage from Telegram, Discord, Slack, WhatsApp & more.
• Built-in scheduling for reports, monitoring, and automations.
• 40+ tools out of the box – web search, browser automation, code execution, vision, and more.

🌟 With xCloud, you get one-click deployment, built-in Telegram support, auto SSL, daily backups, managed updates, and security – all in one place.

👉 Visit the page for more details.

🐛 Improvements

📌 Added a combined stack called Agentic for OpenClaw, Paperclip, and Hermes Agent for xCloud Managed Servers.

📌 Added Cloudflare Security Settings support for OpenLiteSpeed sites

🐛 Bug Fixes

📌 Fixed an issue related to Nginx regeneration

📌 Fixed incorrect commit details showing in GIT deployment history

📌 Fixed deployment issues for GitHub auto-deploys

📌 Fixed SSL retry options for failed certificates

📌 Fixed silent failures with Disable Nginx Regeneration across multiple site actions

📌 Fixed SSL-related issues affecting failed certificates, multisite subdomains, and staging/live sites

🔥 New Features

🆕 Introducing Paperclip Hosting on xCloud

Deploy and run an autonomous company powered entirely by AI agents — fully managed on xCloud. No coding or server skills needed.

Paperclip lets you hire AI employees, set goals and budgets, and let your agents run 24/7. You stay in control. They handle the work.

✅ Full org chart setup – hire AI employees for any role 

✅ Set goals and budgets, agents work toward them automatically 

✅ Per-agent budgets to prevent runaway API costs 

✅ Audit log of every decision and tool call

🌟With xCloud, you get a fully managed server with automatic updates, security, logs, SSH, and more – all in one place.

📑 Requirements:

• xCloud Managed Server with at least 4GB RAM
• Dedicated server (no other apps run alongside Paperclip)

🆕 Gemma 4 Variants Support for Ollama

Gemma 4 is Google’s lightweight open model family – and it’s now supported in Ollama on xCloud. You can pull Gemma 4 variants directly from your Ollama dashboard and connect them to OpenClaw or other agent workflows for fully self-hosted, private, API-cost-free AI.🔥

Great for teams that want to experiment with local models alongside options like DeepSeek R1, or run sensitive workloads entirely on their own infrastructure.

🆕 Cloudflare Under Attack Mode Toggle

Cloudflare’s Under Attack mode performs additional security checks to help mitigate layer 7 DDoS attacks. Validated users access your website and suspicious traffic is blocked. It is designed to be used as one of the last resorts when a zone is under attack (and will temporarily pause access to your site and impact your site analytics).

You can now enable or disable Cloudflare’s “Under Attack Mode” directly from the Site security settings page of xCloud dashboard. 

🆕 Git Integration for Docker Compose Sites

You can now deploy custom Docker Compose projects directly from a Git repository on xCloud. Connect your public, private, or linked Git provider, auto-detect ports from your docker-compose.yml, map services to domains, and go live – all from the xCloud dashboard.

🐛 Improvements & Bug Fixes

📌Fixed Codex authentication flow issue

📌Fixed UI related issues across multiple pages

📌Fixed an issue related to the blank server monitoring page

📌Fixed MySQL installation version issue on Ubuntu 24.04

📌Fixed Docker site deletion getting stuck when a Redis file is missing

📌Fixed package upgrades showing as failed after a reboot

📌Fixed Fail2Ban timeout issue

📌Fixed staging option showing for unsupported WordPress multisite

📌Fixed empty site title issue in Bulk Nginx Customization

🚀 Introducing the xCloud Infrastructure Upgrade: A Faster and More Secure Dashboard

The xCloud infrastructure upgrade brings major improvements to the performance, security, and long-term stability of your dashboard. This release focuses on faster operations, near-instant navigation, and a modern foundation that keeps xCloud reliable as it continues to grow.

✨ What this upgrade brings for you

• No more waiting on slow operations – provisioning servers, managing DNS, billing, API calls – all ~40% faster on average
• Pages load before you expect them to – xCloud now prefetches the next page before you click, so navigation feels instant
• Dashboards show content first – no more staring at a loading screen while everything catches up. Your content appears immediately; heavy data loads behind the scenes
• Better security – every package is patched and up to date, with fewer dependencies, meaning fewer things that can go wrong

🔥 New Features

WordPress

🌟Site Rules – Manage HTTP Headers & Redirects for WordPress Sites 

Create and manage HTTP header and redirect rules for WordPress sites running NGINX directly from the xCloud UI – no manual nginx config editing required.

Add Custom Headers 

Define custom HTTP response headers (security headers, caching headers, CORS, etc.) for your WordPress site directly from the dashboard. Strengthen site security, control browser caching, and manage cross-origin policies without manually editing nginx configuration files.

Redirects

Set up 301/302 redirects for URLs, paths, or patterns from a clean, intuitive interface. Manage post-migration URL changes, enforce trailing slashes, or route legacy paths to new destinations — all without writing a single rewrite rule by hand.

🌟 Bulk NGINX Customization

Apply NGINX Configs Across Multiple Sites at Once on xCloud. You can now push custom NGINX configurations to multiple sites on a server in a single operation directly from the dashboard without editing each site individually. 🚀

🌟 Restore Backup To Any Site On Any Server

Seamless Cross-Site Backup Restoration Is Now Available on xCloud. You can now restore a WordPress backup directly to another existing site without rebuilding anything from scratch. This feature helps you clone live sites to staging, recover broken environments instantly, or reuse recent backups across projects. It simplifies migration workflows, reduces downtime, and gives you full control.

🌟 Sidebar Menu Search Is Now Available Again

Search improves navigation speed across the xCloud dashboard with sidebar menu search. Now users can instantly find exact page locations more easily.

🌟Site-Level Cron Job Management

Added comprehensive Cron Job Management directly in the xCloud dashboard at the site level. Users can now create, edit, and delete cron jobs without SSH access, with support for custom schedules, command validation, and execution logs.

🌟 Staging Hook Scripts — Post-Pull & Post-Push Automation

Add your own Post-Pull and Post-Push scripts from the Staging Management page. These scripts run automatically after each pull or push, so you can execute custom bash commands without manual work.

Use them to deactivate sync plugins, clear caches, or apply environment-specific settings instantly.

✨ Improvements 

• Easy Upgrade From Free To PRO – A new global upgrade modal accessible from anywhere in the app, allowing free plan users to upgrade to the Starter plan without leaving their current page.
• Fatal Error Banners & Notifications – When a fatal PHP error occurs on a site, xCloud now shows a banner on the site dashboard. It also includes a direct link to the error logs for faster debugging. Also, users will get real-time integrated notifications channels and a dashboard.
• Improved warning banner system consistency across dashboard
• Added searchable sidebar navigation
• Improved search component flexibility
• Improved safety during site and server deletion
• Improved cross-server navigation state handling
• Improved gateway health check handling
• Improved backup deletion handling across storage types

✨ Bug Fixes

• Fixed checkout security issues related to duplicate accounts and charges
• Fixed whitelabel server creation failures
• Fixed session handling on password change
• Fixed issues with salt handling during production push
• Fixed staging visibility indexing after database pull
• Fixed SSL-related deletion crashes
• Fixed cache helper CPU loop issue.
• Fixed MySQL install hang in non-interactive environments.
• Fixed PM2 startup issues on reboot for Node.js Git sites.
• Fixed mailbox banner-related issue.