CloudFlare Origin Certificate - WHM Not Loading

[XxUnkn0wnxX]

hi, i just finished installing the cloudflare origin cert for whm and cpanel services & fixing the dns so that i can access whm through my sites domain name.

now everything else seems to work and load fine but when i go to Security Center » cPHulk Brute Force Protection

it loads up like this:

i.imgur.com/hkSLOkm.jpg

and when a link is clicked it go says page not found. it removes the :2087 port number in the url.

now when i access this directly via the servers ip i have no issues with loading the page.

 

[cPanelMichael]

Hello,

It''s interesting that only one option in WHM is facing that issue. Try running the following command and then logging out and logging back in again to see if the issue persists:

mv /var/cpanel/caches/_generated_command_files{,.backup}

Thank you.

 

[XxUnkn0wnxX]

nope issue still occurs via domain url, just tested

scripts2/manage_external_auth
scripts2/config_mod_security
scripts2/show_mod_security
scripts2/manage_mod_security_vendors
scripts7/twofactorauth

also all broken i think the highly scripted urls are broken.

and i have set in cloudflare a page rule of: *example.com:2087/*

to disable all security, apps, performance & cacheing when accessing WHM. cloudflare is still proxyfying the url though not a direct passthrough as it hides the source IP address this way.

cloudflare did mention this here but i'm unsure what they mean by:

The solution is to access the cPanel server on a URL that doesn't proxy through Cloudflare. Please use cPanel's proxy subdomain URL http://cpanel.domain.com and have the DNS point directly to the cPanel server which is a default DNS setting.
Make sure this subdomain is not proxied through Cloudflare (not orange clouded).

i did cpanel.example.com as a Cname and the url would not resolve. as an A Record it resolves fine aslong it points to the IP but i cannot unproxyfy it as it will reveal my real IP address.

i think the issue is a CF proxy issue when i access it via domain url. any way i can get it to work properly without unproxyfying it?

 

[cPanelMichael]

i think the issue is a CF proxy issue when i access it via domain url. any way i can get it to work properly without unproxyfying it?

Hello,

In previous support tickets where this same question is asked, it was determined there are no workarounds other than pointing the proxy subdomain (e.g. whm, cpanel) directly to the cPanel server via an "A" record. You may want to reach out to CloudFlare's support team to see if there are any additional solutions they can offer.

Thank you.

 

[XxUnkn0wnxX]

it is pointing to the server via an A Record but its being proxyfied in the process. if i just do DNS any 1 can DDos my server and take my whole site down. WHM is installed on my main web server.

i.imgur.com/R7ge1e7.jpg

so there is no other way in getting to work via https://server.example.net:2087 without it directly going to the server IP outside cloudflare proxy? without any other issues?

if thats so any 1 would be able to do a nslookup on the subdomain and obtain my IP..

 

[cPanelMichael]

so there is no other way in getting to work via https://server.example.net:2087 without it directly going to the server IP outside cloudflare proxy? without any other issues?

Yes, that's correct. I encourage you to reach out to CloudFlare's support team to see if there are any additional workarounds or solutions they can offer.

Thank you.