Skip to main content

Cloudflare

milo695
Any step-by-step guide on how to put dedicated web server running WHM/cPanel behind Cloudflare and configure SSL and everything else that needs to be configured?

Comments

6 comments

Date Votes
  • rbairwell

    This isn't really possible: Cloudflare works on a "site basis" and does not have the "concept" of a "server with multiple sites/hostnames" (they did used to have a WHM/cPanel plugin, but they discontinued that in 2022).

    There is a guide to use mod_remoteip (which replaces the old mod_cloudflare EasyApache4 module) at https://support.cpanel.net/hc/en-us/articles/360051107513-How-to-restore-visitors-IP-with-mod-remoteip which might help.

    0
  • William Del Piero cPanel Staff

    Hi,

     

    As rbairwell mentioned, you would likely need to configure each site to use Cloudflare individually. In most cases, AutoSSL can still function with domains that are proxied behind Cloudflare. However, it will likely take some custom configuration to get the cPanel services working behind Cloudflare. Other customers have mentioned setting up a Cloudflare tunnel for cPanel/WHM to proxy those services. Although that type of setup would be possible, it's not something that we support.

    0
  • milo695

    So, you guys are saying that I shouldn't put the server itself (whm/cpanel server domain's dns) behind cloudflare, but only user domains, correct?

    0
  • William Del Piero cPanel Staff
    • Edited

    Hi,

     

    Yes that's correct, I would only suggest putting the websites behind Cloudflare. You can still use Cloudflare as the DNS provider for your domains, but you would need to manually create the DNS records for your domain such as the DKIM and SPF within Cloudflare since the DNS records in the cPanel zone would be ignored when Cloudflare is the DNS provider. It is also recommended to disable the Cloudflare proxy for any service subdomains that are not related to web traffic. We have more information on this topic below:

     

    What domains are appropriate to proxy to Cloudflare?

    0
  • milo695

    I see, not bad, I can handle that. 
    Do you have any suggestions regarding AutoSSL in this case, do I create SSL cert. at Cloudflare (Full/strict) for every domain and import them to cPanel accounts as I will be proxying traffic for ports 80/443, but I will also need Lets Encrypt SSL for MX and A records for mail domains: mail.domain.com which will not be proxied, how is that done?

    Thanks for this William

    0
  • cPRex Jurassic Moderator

    Most people find they have to disable Cloudflare in order to get the AutoSSL system to work properly, such as outlined here:

    https://community.cloudflare.com/t/cloudflare-and-cpanel-ssl-certificates/713353/2

     

    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post