This applies only to customers who have changed their nameservers to use CloudFlare. Clients who use our nameservers, or use the ‘CloudFlare’ icon in cPanel to manage their CloudFlare preferences are not affected by this.

If you use CloudFlare to accelerate and protect the domain that you and your customers use to access your server for WHM, cPanel and webmail, then you may experience an issue whereby you are asked to log in repeatedly, even when the correct username and password has been supplied. This is due to an interaction between CloudFlare’s distributed way of connecting to shared hosting servers, and WHM’s security mechanisms.

Fortunately, it’s very easy to avoid! By default, CloudFlare enables a subdomain for direct access to the shared hosting server – if your domain is, then the direct access subdomain will be So, for example, webmail will be accessible at Alternatively, if you wish to use SSL to connect to services (recommended), you can use the primary hostname for your server, which can be found in Backstage (and was what you specified when you signed up) – as the primary hostname will be on a different domain, it won’t be affected by CloudFlare.