In the previous blog, we have discussed Hotlink Protection in cPanel and in today’s Blog we will be discussing Leech Protection in cPanel.
Leech Protection: –
It allows you to prevent your users from giving out or publicly posting their passwords to a restricted area of your site. This tool will redirect accounts that have been compromised to a URL of your choice. You can also suspend them if you choose.
For accessing this feature :
Log into your cPanel >> Navigate to Security >> Under it you will find the Leech Protection option.
The following interface will appear when you select this option:
For enabling Leech Protection on your site, perform the following steps:
- Click on the settings and then select one of the locations in which you wish to begin the navigation
When you click “Settings” a new interface will appear as follows :
- WebRoot: It will begin navigation in the document root for the primary domain.
- Document Root for: Select the domain from the drop-down menu for which you wish to begin navigation.
- Always open this directory in the future: It will always open your selection from step 1.
- Click “Save changes”.
- Then select the folder that you wish to protect by clicking on its name or you can navigate by clicking on the icons.
6. When you select the particular folder which you wish to protect, then again a new interface will appear as follows :
Here you can see that the Leech protection is currently disabled on “the selected path”
For setting up Leech Protection perform the following steps:
- A number of logins per Username Allowed in a 2-hour period: – Here enter the maximum number of logins that you wish to allow each user within a 2 hour period.
- URL to Redirect Leech Users to – Here you are required to enter an URL for the users who exceed the maximum number of logins within 2 hour period.
- Send Email Alerts to – The system will send an email to the specified address when leech protection redirects users from the site.
- Disable Compromised Accounts:- The system will disable the passwords of users who trigger leech protection, suspending them. To reactivate their accounts, reset their passwords.
- Click “Enable”.
Disable Protection: –
For disabling the Leech Protection, perform the following steps :
- Navigate to the folder for which you wish to disable the leech Protection.
- Click “disable”.
Adding, Modifying, and Deleting users perform the following steps :
Note: If you are using a third-party software to add or remove users, you should have it use the password file: “on the specific path”
Top of Form
Bottom of Form
- Navigate to the folder for which you wish to manage the users.
- Click “Manage Users”. when you click on “Manage Users” you will be redirected to “Directory Privacy” by the system and the following interface will appear:
Set Permissions for “/<your specific path>”.
When a user attempts to access the protected directory through a browser, the site will prompt them to enter a username and password. The name that you choose for the protected directory will also display.
If you want to password protect this directory then you would require to select the checkbox for “Password protect this directory”.
Then you are prompted to enter the name for the protected directory and then save it.
Next, you are required to create a User. To enter the details of the user like -Username, Generate a strong password. Click “Save”.
In the following screen, I have shown you how to fill in the details of the user: For ex I have entered “example” as a name for the protected directory and entered “User1” as the username with a new password.
Once I “Save” these changes then the following success message will appear:
Visit – Hostripples