Table of Contents

Set Up: Leech Protection in cPanel

Leech Protect is a security feature offered within cPanel that allows you to detect unusual levels of activity in password-restricted directories on your website.

cPanel Leech protection

Leeching is when users publicly post their username and password, unauthorized visitors can use those credentials to access secure areas of your website.

With the Leech Protection feature in cPanel, you can limit the number of times a user can access a secure area of your website within a two-hour period. After you set the maximum number of logins within a two-hour period, the system redirects or suspends users who exceed it. This is useful, also, say someone is trying to login to restricted areas of your website by guessing combinations of usernames and passwords.

Enable Leech Protection

  1. Click Leech Protection under Security in cPanel.
  2. Click on the name of the directory that you want to protect. You can click the folder icon next to the folder name to open the folder.
  3. Under Set up Leech Protection, enter the number of logins allowed per username in a two-hour period.

    cPanel set up Leech protection

  4. To redirect users who exceeded the maximum number of logins within a two-hour period, enter a URL to which you wish to redirect them.

    cPanel redirect Leech users

  5. To receive an email alert when an account is compromised, select the Send Email Alert to option and enter the email address in the text field.

    cPanel Leech send email alert

  6. To disable compromised accounts, check the Disable Compromised Accounts option.

    cPanel Leech protection disable compromised accounts

  7. When ready, click Enable.