Why We Don’t Use Standard cPanel Servers
When it comes to server management platforms, cPanel is far and away the most popular system used by web hosting providers. It’s pretty much considered to be the industry standard when it comes to shared hosting services.
However, when you want to put a web site behind a Content Delivery Network, there are a number of cPanel’s built in features that will leak the IP or hostname of the underlying server, which is exactly what you’re trying to avoid.
Three of the common ways that you can uncover a cPanel site that is hidden behind a CDN:
- Adding the common cPanel ports including :2083 or :2087 to the end of the domain name – ie https://www.example.com:2083. For sites using Cloudflare, they have these ports open and with the SSL ports, you’ll get redirected to the real hostname of the server.
- Adding /cpanel or /whm to the end of the domain name – ie http://www.example.com/cpanel – this works through all CDNs, and is based on built in redirect URLs to make it easy to access the cPanel or WHM features on that server. Picking the SSL option on that page should direct you to the server behind the CDN.
- Check the MX records and other DNS records for the domain – if the site is using Cloudflare, then the MX records will often still point to the underlying server – and if there’s no MX records on the domain which is how one of our competitors configures the DNS for domains on their service, then that’s a pretty strange and unusual footprint.
For these reasons, we’ve decided to deploy a customised server configuration for the LaunchCDN service in order to deliver the most secure and footprint free hosting service possible.
At the moment, we only support WordPress sites on our hosting platform, which powers over 30% of the Top Million sites on the web, according to BuiltWith.