Overview
The Leech Protection interface allows you to detect unusual levels of activity in password-restricted directories. After you set the maximum number of logins within a two-hour period, the system redirects or suspends users who exceed it. This is useful if, for example, someone posts a user’s login credentials on a public site.
Enable leech protection
To enable leech protection for a directory, perform the following steps:
Click Settings, and then select one of the following locations in which to begin navigation:
Web Root (public_html or www) — Begin navigation in the document root for the account’s primary domain.
Document Root for — Select the domain that corresponds to the document root in which you wish to begin navigation.
To configure the interface to always open your selection from Step 1, select the Always open this directory in the future checkbox.
Click Save Changes.
Navigate to the directory that you wish to protect.
Click the appropriate folder icon () to navigate to a different folder.
Click the desired folder’s name to select it. A new interface will appear.
Enter the maximum number of logins that you wish to allow each user within a two-hour period.
To redirect users who exceed the maximum number of logins within a two-hour period, enter a URL to which you wish to redirect them.
To configure the system to send an email alert when Leech Protection activates, select the Send Email Alert To checkbox. Then, enter the email address to alert.
To disable an account that exceeds the maximum number of logins, select the Disable Compromised Accounts checkbox.
Click Enable.
Manage users
To add, edit, and delete users, perform the following steps:
Navigate to a directory that you wish to protect with user-level protection.
Click the appropriate folder icon () to navigate to a different folder.
Click the desired folder’s name to select it. A new interface will appear.
Click Manage Users to navigate to cPanel’s Directory Privacy interface for that folder (cPanel >> Home >> Security >> Directory Privacy).
/home/USERNAME/.htpasswds/public_html/passwd
file, where USERNAME
represents the account name.
Disable leech protection
To disable leech protection, perform the following steps:
Navigate to the directory for which you wish to disable leech protection.
Click the appropriate folder icon () to navigate to a different folder.
Click the desired folder’s name to select it.
Click Disable.