This is an old revision of the document!
Anti-DDOS Blocking CloudFlare IP/Subnet Connections
If you have CloudFlare enabled and are receiving 522 connection errors, than it is possible that LiteSpeed Web Server's (LSWS) anti-ddos settings are causing these connections to be blocked.
To get around this you can whitelist these IPs/subnets by adding them to LSWS's “Allowed List”.
Adding IPs/Subnets To LSWS's "Allowed List"
From the WebAdmin Console, navigate to Configuration > Server and click on the “Security” tab.
Scroll to the bottom of the page. You will see the “Access Control” section which contains the “Allowed List” and “Denied list. Click “Edit” at the top right of this section.
By default, the “Allowed List” will contain “ALL”. This allows all IPs/subnets to connect to the server for most cases. Since the CloudFlare enabled IPs/subnets are being blocked by LSWS's anti-ddos settings, adding them to this (comma separated) list as a trusted IP/subnet will bypass this blocking.
To do this, simply append a trailing “T” to the IP, subnet, or subnet/netmask and click “Save” at the top right of the “Access Control” section. For example:
Lastly, you must now perform a graceful restart to update your server. Do this by clicking “Graceful Restart” under the “Actions” menu at the top.
