Trying to enable leech protection in cPanel?
This guide will help you.
Leech Protect is a security feature offered within cPanel that allows you to detect unusual levels of activity in password-restricted directories on your website.
Leeching is when users publicly post their username and password, unauthorized visitors can use those credentials to access secure areas of your website.
Basically, Leech Protection is an easy to configure security feature by cPanel.
If we publicly post usernames and passwords to a restricted area of our site, it will lead to leaching. This will allow other visitors to use the login information and access the restricted resources.
In this context, we shall look into how we can enable Leech Protection in cPanel.
cPanel provides protection against leeching by limiting the number of times a user can access a secure area of the website within a two-hour period.
For instance, we can limit users to four logins over a two-hour period.
Once it exceeds the login time, we can redirect them to another URL, send an alert e-mail or even disable the account.
1. In the security section of the cPanel home screen, click Leech Protection.
2. Select the directory to protect. We can click the folder icon next to the folder name to open the folder.
3. Then click Edit.
4. Under Set up, Leech Protection, provide the number of logins per username in a two-hour period.
5. Give a URL to redirect users to another web page when their account compromises.
6. To receive an e-mail alert when compromised, select the Send Email Alert check box and then type an e-mail address.
7. To disable accounts that are compromised, select the Disable Compromised Accounts check box.
8. Eventually, click Enable.
The Leech Protection interface allows you to detect unusual levels of activity in password-restricted directories. After you set the maximum number of logins within a two-hour period, the system redirects or suspends users who exceed it.
This is useful if, for example, someone posts a user's login credentials on a public site.
1. Navigate to a directory that we wish to protect with user-level protection.
2. Click the appropriate folder icon.
3. Select the desired folder’s name. A new interface will appear.
4. Click Manage Users to navigate to cPanel's Directory Privacy interface for that folder (cPanel >> Home >> Security >> Directory Privacy).
This can be implemented manually by simply editing the /home/USERNAME/.htpasswds/public_html/passwd file, where USERNAME represents the account name.
If in case we need to disable leech protection, follow these steps:
1. In the Security section of the cPanel home screen, click Leech Protection.
2. Click the name of the directory for which we want to disable leech protection. We can click the folder icon next to the folder name to open the folder.
3. Then click Edit.
4. Under Disable Protection, click Disable.