How to use the Leech Protection feature in cPanel?

Introduction #

Leech Protection is a useful addition to the already fantastic Directory Privacy feature, When active, it checks for suspicious activity on your password-protected directories, and if such is detected, it will suspend the person trying to log in. In this tutorial, we will go over the process of setting Leech Protection for your private directories and implement an additional security layer. Let’s begin!

Getting Started #

For a start, you need to log into your cPanel account.

Once logged, please use the search field on the top and type in “Leech Protection”.

Please click on the “Leech Protection” icon to get redirected to the respective page.

Using the Leech Protection feature #

When redirected to the “Leech Protection” interface, you will see a table section, populated with all the directories inside your home directory.

cPanel directories in Leech Protection feature

If you want to go inside the parent directories of the shown folders, please click on the folder name. To configure Leech Protection for a specific folder, please click the “Edit” button in the corresponding row.

Upon doing that, you will be presented with the following settings:

  • Number of Logins Per Username ALlowed in a 2-Hour Period – Using this text field, you can set the number of login attempts necessary until the Leech Protection suspends access. The optimal recommended value here is four as if a user has an unreliable ISP provider, they can quickly allocate an amount less than four.
  • URL to Redirect Leech Users to – Using this text field, you can set an URL where the suspended user will be redirected upon reaching the maximum allowed logins in the 2-hour window. Please select an URL outside of the protected area, or the user will receive an Internal Server Error.
  • Send Email Alert To – You can put a tick inside this checkbox and then specify an email address, which will be notified if a suspension takes place.
  • Disable Compromised Accounts – If you put a tick inside this checkbox, cPanel will disable the account of the user on top of the suspension. To gather access to the account again, you need to reset the user’s password.
  • Enable – Click this button to activate the Leech Protection feature.
  • Disable – Click this button to deactivate the Leech Protection feature.
  • Manage Users – Clicking on this button will send you inside the “Directory Privacy” settings where you can manage your “Directory Privacy” users. You can change passwords for existing users and create/delete users.
cPanel Leech Protection feature Configuration Options

That is it! The “Leech Protection” feature is pretty straightforward, and it is perfect for adding an extra layer of security for a folder you want to keep private. If you have any issues setting this up, please feel free to contact our technical support team over the ticketing system in your Client Area. They are 24/7 available and will be happy to assist you.

Powered by BetterDocs