CPanel & email not working after changing DNS to CF

Hi all, I have a shared hosting website with Namecheap and changing my DNS with Cloudflare CF has been a great improvement so I’m very happy so far except for a couple of problems:

1.- I’ve added all the DNS records I found in my CPanel’s CP Zone Editor and after that, I can still login to my CP but there are several issues:

  • Port 2083 login doesn’t work, the login screen appears but always return a “password invalid” message (although is correct). I can still access through cpanel_mydomain_com or mydomain_com/cpanel.
  • But after logging in, CP returns to the login screen randomly every few seconds with the errors: “cookie expired” or your “IP has changed” although I always connect through a static IP (It seems CF routes my connection to CP through a Namecheap NC IP instead my own).

2.- My email has stopped working since the change of DNS to CF:

  • I had these DNS records and registered them in CF:
    • MX @ (1 to 4)_web-hosting_com (priority 10 to 40)
    • MX @ mail_mydomain_com (priority 50)
  • All are not proxied through CF and it reports they’re DNS only. Also added SRV records, DKIM, DMARC TXT records, etc and verified they work correctly with an online DMARC verification tool.
  • Only the A and CNAME records appear in CF as Proxied, all the others appear as “DNS only”.

I tried to connect with Thunderbird to both *_web-hosting_com and mail_mydomain_com servers but both return a connection rejected. In the first days after moving DNS to CF I could still check my mail through CP webmail but now it doesn’t work. It disconnects as often or more than CP with its connection problems explained above.

Do I need to write a page rule for mydomain_com:2083 or cpanel_mydomain_com to make it work? Any assistance or tutorial to know what rules to include for that page?

Thanks in advance for your attention and assistance.

Without the domain name, there’s not much help we can offer.

Port 2083 is not blocked.

With respect to #2. If you are using ssl/tls, Cloudflare has to know your certs if you have proxy on. Try setting your mail A and cname records to DNS only and see if mail starts flowing. If it does, you need to either leave as DNS only, or use Cloudflare certs on your origin servers that are issued by cloudflare. Or you can upgrade to the business plan…

Jordan

@sdayman apologies for forgetting, the domain is: findgoodhealth_org CF does not block port 2083 but at the login screen it returns a invalid password always although using a correct password, perhaps related to the IP problem described in my initial message?

@jordan.arendt thanks for the advice. I’m using a SSLforFree cert it worked again changing the mail A record to DNS only. Although it now works again in my mail client there’s a new problem:

  • When I connect through mail_mydomain_com it tries to identify with a cert from web-hosting_com instead my own domain so I have to store a permanent security exception in my mail client as Namecheap warns.
  • If I try to use server1_web-hosting_com to avoid this as namecheap recommends in its KB article the mail client connection times out. In the MX records I have instead of server1 there are a MX record for smx1. I tried both with same results.
  • Using server1 or smx1 wouldn’t expose my IP as using mail MX and I don’t understand why it doesn’t work despite having that MX record in my CPanel Zone Editor.

Thanks for the help.

I managed to almost solve the issue with namecheap support:

Regarding CPanel login they provided a custom address that allows me to login although I have to hit back in the browser after introducing my credentials and click in login button. So it is still having problems with cookies although after that I can login to CPanel and do not get logged off. The custom CPanel address changes depending on what NC server your website is hosted.

With the email happened something similar, they provided a custom server that solved the issue. Again it changes with the client.

Hope it helps if anyone is having the same issues.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.