Leech Protection  Print this Article

Overview:

The Leech Protection interface allows you to detect unusual levels of activity in password-restricted directories. After you set the maximum number of logins within a two-hour period, the system redirects or suspends users who exceed it. This is useful if, for example, someone posts a user’s login credentials on a public site.

Enable leech protection

To enable leech protection for a directory, perform the following steps:

  1. Click Settings, and then select one of the following locations in which to begin navigation:

    • Web Root (public_html or www) — Begin navigation in the document root for the account’s primary domain.

    • Document Root for — Select the domain that corresponds to the document root in which you wish to begin navigation.

    • To configure the interface to always open your selection from Step 1, select the Always open this directory in the future checkbox.

  2. Click Save Changes.

  3. Navigate to the directory that you wish to protect.

    • Click the appropriate folder icon () to navigate to a different folder.

    • Click the desired folder’s name to select it. A new interface will appear.

  4. Enter the maximum number of logins that you wish to allow each user within a two-hour period.

  5. To redirect users who exceed the maximum number of logins within a two-hour period, enter a URL to which you wish to redirect them.

  6. To configure the system to send an email alert when Leech Protection activates, select the Send Email Alert To checkbox. Then, enter the email address to alert.

  7. To disable an account that exceeds the maximum number of logins, select the Disable Compromised Accounts checkbox.

  8. Click Enable.

Manage users

To add, edit, and delete users, perform the following steps:

  1. Navigate to a directory that you wish to protect with user-level protection.

    • Click the appropriate folder icon () to navigate to a different folder.

    • Click the desired folder’s name to select it. A new interface will appear.

  2. Click Manage Users to navigate to cPanel’s Directory Privacy interface for that folder (cPanel >> Home >> Security >> Directory Privacy).

Note:
To manage users manually, edit the /home/USERNAME/.htpasswds/public_html/passwd file, where USERNAME represents the account name.

Disable leech protection

To disable leech protection, perform the following steps:

  1. Navigate to the directory for which you wish to disable leech protection.

    • Click the appropriate folder icon () to navigate to a different folder.

    • Click the desired folder’s name to select it.

  2. Click Disable.

Was this answer helpful?

Related Articles

Hotlink Protection
Overview: A hotlink occurs when someone embeds content from your site in another site and uses...
IP Blocker
Overview: The IP Blocker interface allows you to block access to your site for one or more IP...
Manage API Tokens in cPanel
Overview: Important: This functionality is experimental. It may change in future...
ModSecurity
Overview: Warning: We strongly recommend that you enable ModSecurity™ for all of your...
Security Policy
Overview: This interface allows you to update and manage your cPanel account’s security...