How to use the ‘Leech Protection’ Interface in cPanel
Posted by Allura on 09 08 2019.
In directories protected by password, the Leech protection interface lets you spot activity that is not usual. A limit for the maximum number of logins in a specific period of time can be set. If the user exceeds the maximum number of times he/she can log in within two hours, it redirects him/her to a prompt and suspends them from accessing the webpage. This set up comes to optimum use in a lot of cases, a good example being when a person puts up a user’s login information on an open-ended public website.
How to enable leech protection?
In order to enable leech protection for a given directory, the followings steps can be taken.
- Click on the ‘Settings’ option. One of the mentioned locations needs to be selected for navigation to begin.
- Web Root (public_html or www) – For the key domain of the account, navigation needs to be started in the document root.
- Document Root for – The domain which tallies with the document root needs to be selected. The navigation to be performed need to be started here.
- To make sure that you can open your selection from Step 1, the interface needs to have all the necessary configurations. For this, you need to select the ‘Always open this directory in the future’ checkbox.
- Select ‘Save changes’ and click on it.
- Look for the directory that you want to shield from leeching.
- Look for the correct folder icon that will lead to a different folder and click on it. This should navigate you to a separate folder.
- Look for the desired folder you want to protect.
- Put in the most number of logins that you choose to allow every user within a period of two hours.
- Since users need to be redirected to a website in case they attempt logins over the stipulated limit within a two-hour period, the desired URL needs to be entered. This URL will direct the user to it.
- On activation of Leech Protection, a confirmation e-mail alert should be sent. For this, the system needs to be configured. Opt for ‘Send E-mail Alert To’ checkbox. Input the e-mail address to send alerts to.
- For the disabling an account that surpasses the limit for maximum logins in a two-hour period, click on ‘Disable Compromised Accounts’ checkbox.
- Click on ‘Enable.’
Management of Users
In order to make additions, edits, or deletions of users, the following steps should be followed:
- Go to a directory that you want to protect with user-level of protection.
- Click on the correct folder icon to make way to a different folder.
- Click on the folder’s name that needs protection, thereby selecting it. A new interface will pop on the screen.
- Select ‘Manage Users’ to look for the folder in cPanel’s ‘Directory Privacy’ interface. Follow cPanel >> Home >> Security >>Directory Privacy.
For manual methods of management of users, make edits to /home/USERNAME/.htpasswds/public_html/passwd file where USERNAME stands for the account name.
Disabling Leech Protection
If you want to disable leech protection at any point, follow the given instructions:
- The directory for which you want to stop leech protection should be navigated to.
- Select the desired folder name and click on it.
- Click on ‘Disable.’
All the necessary information to enable Leech Protection on a given directory has been mentioned in this document. For cPanel and WHM version 68, find the folder for Leech Protection under the given path cPanel >> Home >> Security >> Leech Protection).