Page tree
Skip to end of metadata
Go to start of metadata

For cPanel & WHM version 60

(Home >> Security >> Leech Protection)

Overview

The Leech Protection interface allows you to detect unusual levels of activity in password-restricted directories on your site. After you set the maximum number of logins within a two-hour period, the system redirects or suspends users who exceed that maximum. This is useful if, for example, someone posts a user's credentials on a public site, which allows unauthorized users to access restricted content.

Enable leech protection

To enable Leech Protection for a directory, perform the following steps:

  1. The Leech Protection window will appear. Select which of the four main directories you wish to view in the file window:

    • Home Directory (/home/user)
    • Web Root (/public_html/www)
    • Public FTP Root (/public_ftp)
    • Document Root (/public_html)
  2. Select the directory that you wish to protect.

    • Click the appropriate folder icon to navigate to a different folder.

    • Click the desired folder's name to select it.

  3. Enter the maximum number of logins that you wish to allow each user within a two-hour period.
  4. To redirect users who exceed the maximum number of logins within a two-hour period, enter a URL to which you wish to redirect them.
  5. To configure the system to send an email alert when Leech Protect activates, select the Send Email Alert To checkbox and enter the email address to alert.
  6. To disable an account that exceeds the maximum number of logins within a two-hour period, select the Disable Compromised Accounts checkbox.
  7. Click Enable.

 

Disable leech protection

To disable leech protection, perform the following steps:

  1. The Leech Protection window will appear. Select which of the four main directories you wish to view in the file window:

    • Home Directory (/home/user)
    • Web Root (/public_html/www)
    • Public FTP Root (/public_ftp)
    • Document Root (/public_html)
  2. Select the directory that you wish to protect.

    • Click the appropriate folder icon to navigate to a different folder.

    • Click the desired folder's name to select it.

  3. Click Disable.

Manage users

To add, edit, and delete users, click Manage Users to navigate to cPanel's Directory Privacy interface (Home >> Security >> Directory Privacy).

Note:

To manage the users manually, edit the /home/USERNAME/.htpasswds/public_html/passwd file, where USERNAME represents the account name.