There’s been a long-standing issue from a hosting provider’s point of where cPanel runs on abnormal ports, causing users behind firewalls to be unable to access cPanel. At first, there was cpanelproxy.net which offered (at that time) an automated script that users could install on their hosting accounts to route cPanel traffic over port 80. Around the time that cPanel 11 came out, the script no longer worked, and users behind corporate or school firewalls were out of luck.
cPanel 11 introduced its own proxy to allow users to get around firewall restrictions.
To enable this feature without inconveniencing users, check these three options in WHM > Tweak Settings:
Add proxy VirtualHost to httpd.conf to automatically redirect unconfigured cpanel, webmail, webdisk and whm subdomains to the correct port (requires mod_rewrite and mod_proxy)
Automatically create cpanel, webmail, webdisk and whm proxy subdomain DNS entries for new accounts. When this is initially enabled it will add appropriate proxy subdomain DNS entries to all existing accounts. (Use /scripts/proxydomains to reconfigure the DNS entries manually)
Allow users to create cpanel, webmail, webdisk and whm subdomains that override automatically generated proxy subdomains
*Keep in mind that if you’re establishing these settings on an existing server, it’s going to update the zones for each domain on the server and synchronize them out to the DNS cluster. This got us in trouble once, as we had a number of suspended accounts on a server that ended up having their DNS reverted back when the proxy subdomains were updated.
To enable proxydomains for the whole server:
To enable for all domains on one user’s account:
/scripts/proxydomains –user=<user> add
To enable for a single domain:
/scripts/proxydomains –domain=<domain> add
To remove proxy domains, use the same commands as above, only use “remove” instead of “add”. From here, you can access the proxy at http://cpanel.domain.com (or webmail/whm, respectively), or access cPanel normally and let it detect whether you are behind a firewall.