Save Website Resources From Potential Misuse Of User Accounts & Unauthorized Access

Leeching occurs when a user of your website shares his login credentials either on a public website or with multiple users in his connection, as a result when multiple users start to access one account in the same timeframe it leads to excessive resource usage, bandwidth overage, security risks, and most importantly the actual risk is the potential misuse of premium memberships sold over the account. cPanel Webhosting, Webhosting Plus, VPS, and Dedicated Server users can easily resolve this issue by enabling the leech protection that helps mitigate such matters by monitoring and limiting the number of IP addresses that can simultaneously access a particular account within a specific time frame.

What Happens When The Leech Protection Is Enabled?
  1. Blocks IP Address: When leech protection is enabled, cPanel tracks the number of IP addresses accessing a specific account within a specified time window.
  2. Exceeding Limit: If the number of IP addresses accessing the account exceeds the configured limit within the designated time frame, cPanel takes action to prevent further access from additional IP addresses.
  3. Blocking Action: Depending on the leech protection settings, cPanel can block access to the account from new IP addresses or redirect them to a specified URL, such as an error page or a page explaining the leech protection policy.
  4. Customization: cPanel allows website administrators to customize the leech protection settings, including the number of allowable IP addresses, the time window for monitoring, and the action taken when the limit is exceeded.
How To Enable Leech Protection On cPanel?

Login to your Account, then visit ‘My Products’ page and open the cPanel of the account on which you want to enable the leech protection.

To enable leech protection for a directory, perform the following steps:

  1. Click Settings, and then select one option from the following:
    • Web Root (public_html or www) — Begin navigation in the document root for the account’s primary domain
    • Document Root — To select the domain that corresponds to the document root in which you wish to begin navigation
  2. Click the Save Changes button
  3. Navigate to the directory that you wish to protect and click the appropriate folder icon to navigate to a different folder
  4. Click the desired folder’s name to select it and a new interface will appear
  5. Enter the maximum number of logins that you wish to allow each user within a two-hour period or such
  6. Enter a URL to which you wish to redirect users who exceed the maximum number of logins within a two-hour period
  7. You may select the Send Email Alert To checkbox and enter the email address to get an alert when Leech Protection activates.
  8. For disabling any account that exceeds the maximum number of logins, simply select the Disable Compromised Accounts checkbox
  9. Click Enable and that’s it

For adding, editing, and deleting the users, you simply need to navigate to a directory that you wish to protect with user-level protection and then click Manage Users to navigate to cPanel’s Directory Privacy interface (cPanel -> Home -> Security -> Directory Privacy) of that folder.

You may disable the leech protection anytime by navigating to the directory where you want to disable it and then simply click the Disable button.

Leech protection helps you maintain the security and stability of your website by preventing excessive resource consumption and potential misuse of accounts. This protection is very useful for websites that are offering restricted content, paid content, membership option, or have any similar scenario where sharing the login credentials could lead to unauthorized access.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.