DDoS Attack on cPanel like server (DirectAdmin)

I am under a DDoS Attack.

I am using a cPanel server like and I would to use Cloudflare to protect all my customers’ websites. However, I don’t want to require my customers to point them DNS for Cloudflare because I will need to worry about sync Cloudflare DNS.

Is there any Cloudflare solution that could help me?

Hm, may I ask how are you accessing the cPanel?
For each domain or?
How did you figured it out you are under an attack?
Where does the traffic/requests come from?

cpanel.yourdomain.com or yourdomain.com/cpanel or yourdomain.com:2083?

If you are accessing via the port, or want to make sure noone is, there is a way to create a Firewall rule which could allow only specific ports for proxied :orange: hostnames, if you are for example accessing via 2083 to cpanel and 2096 to e-mail.

You can restrict requests for :orange: hostnames only to port 80 433.

If you need to block requests and traffic to proxied DNS records (:orange:) to all compatible and supported Cloudflare port’s except port 80 and 443, use the below Firewall Rule:

If using cPanel or some other, which is working over 2083, etc, the above one is good, while also the other could be combined as well (you could whitelist and allow only your IP if you need to access cPanel interface):

  • (http.request.uri.path contains "cpanel") or (http.request.uri.path contains "plesk") or (http.request.uri.path contains "whm")

Furthermore, may I suggest you reading articles from the below:

Depending on the needs, but I think you cannot just restrict your origin host / server to be like “web server” to specific ports - if customers are using e-mail (via cPanel) from the same server, but …

There could be a way of using some DDoS for your origin host / server, if so?

Kindly and patiently wait for some more replies on this topic which could provide more useful and helpful information, or even which Cloudflare product/service would be the best suitable to your case.


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.