After going into cpanel and using some of the tools (usually related to file manager), cpanel user will get blocked by CF.
What steps have you taken to resolve the issue?
I’m trying to figure out how to add a rule that will stop blocking CPANEL users from using various tools. Anytime myself or my client accesses CPANEL and tries to use various tools (i.e. file manager for one), CF will block us.
Adding IP address to IP list works fine temporarily, but it keeps pulling my IPv6 and that appears to change almost daily from my ISP.
I’d advise to remove cpanel DNS record for sub-domain access for your customers, therefrom create a Custom WAF rule to block access to any other port except 80 and 443 to protect from anyone trying to do some harm or possible abuse.
Best approach is to instruct them to remove cpanel sub-domain, block ports except 443 with Cloudflare and use your server hostname instead e.g. server1.hostingprovider.com:2083, since cPanel has got pretty good security nowadays, including WAF ModSecurity and Rate Limiting with IP block for e.g. 3 times failed authentication.
Otherwise, keep cpanel sub-domain and make sure to redirect the cpanel.customerdomain.com and customerdomain.com/cpanel with Worker so the WAF Rule can still apply and block bad requests before the redireciton happens.
You’d also encounter an possible issue with renewing the origin SSL certificate for cpanel sub-domain if it’s proxied .
If using Pro plan, you can use Bypass/Skip for some specific Managed Rule(s), if they get triggered and shown under the Security → Events.
.