Trying to enable leech protection in cPanel?
This guide will help you.
Leech Protect is a security feature offered within cPanel that allows you to detect unusual levels of activity in password-restricted directories on your website.
Leeching is when users publicly post their username and password, unauthorized visitors can use those credentials to access secure areas of your website.
Basically, Leech Protection is an easy to configure security feature by cPanel.
If we publicly post usernames and passwords to a restricted area of our site, it will lead to leaching. This will allow other visitors to use the login information and access the restricted resources.
Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform cPanel queries.
In this context, we shall look into how we can enable Leech Protection in cPanel.
cPanel provides protection against leeching by limiting the number of times a user can access a secure area of the website within a two-hour period.
For instance, we can limit users to four logins over a two-hour period.
Once it exceeds the login time, we can redirect them to another URL, send an alert e-mail or even disable the account.
1. In the security section of the cPanel home screen, click Leech Protection.
2. Select the directory to protect. We can click the folder icon next to the folder name to open the folder.
3. Then click Edit.
4. Under Set up, Leech Protection, provide the number of logins per username in a two-hour period.
5. Give a URL to redirect users to another web page when their account compromises.
6. To receive an e-mail alert when compromised, select the Send Email Alert check box and then type an e-mail address.
7. To disable accounts that are compromised, select the Disable Compromised Accounts check box.
8. Eventually, click Enable.
The Leech Protection interface allows you to detect unusual levels of activity in password-restricted directories. After you set the maximum number of logins within a two-hour period, the system redirects or suspends users who exceed it.
This is useful if, for example, someone posts a user's login credentials on a public site.
1. Navigate to a directory that we wish to protect with user-level protection.
2. Click the appropriate folder icon.
3. Select the desired folder’s name. A new interface will appear.
4. Click Manage Users to navigate to cPanel's Directory Privacy interface for that folder (cPanel >> Home >> Security >> Directory Privacy).
This can be implemented manually by simply editing the /home/USERNAME/.htpasswds/public_html/passwd file, where USERNAME represents the account name.
If in case we need to disable leech protection, follow these steps:
1. In the Security section of the cPanel home screen, click Leech Protection.
2. Click the name of the directory for which we want to disable leech protection. We can click the folder icon next to the folder name to open the folder.
3. Then click Edit.
4. Under Disable Protection, click Disable.
This article covers step by step process to configure Leech Protection in cPanel. Basically, Leech Protection is an easy to configure security feature by cPanel. Leech Protect is a security feature offered within cPanel that allows you to detect unusual levels of activity in password-restricted directories on your website.
Importance of Leech Protection in cPanel:
1. Leeching is when users publicly post their username and password, unauthorized visitors can use those credentials to access secure areas of your website.
2. With the Leech Protection feature in cPanel, you can limit the number of times a user can access a secure area of your website within a two-hour period.
3. After you set the maximum number of logins within a two-hour period, the system redirects or suspends users who exceed it.
4. This is useful, also, say someone is trying to login to restricted areas of your website by guessing combinations of usernames and passwords.
To Enable Leech Protection in cPanel:
1. Click Leech Protection under Security in cPanel.
2. Click on the name of the directory that you want to protect. You can click the folder icon next to the folder name to open the folder.
3. Under Set up Leech Protection, enter the number of logins allowed per username in a two-hour period.
4. To redirect users who exceeded the maximum number of logins within a two-hour period, enter a URL to which you wish to redirect them.
5. To receive an email alert when an account is compromised, select the Send Email Alert to option and enter the email address in the text field.
6. To disable compromised accounts, check the Disable Compromised Accounts option.
7. When ready, click Enable.