What is Leeching?
Leeching occurs when users publicly post their username and password to a restricted area of your site, which allows other visitors to use the login information and access the restricted resources. The restricted area of your website can be password protected directories or CMS login page etc.
What is Leech protection?
When an user is involved in leeching, then Leech Protection allows you :
1. To prevent an user from giving out or publicly posting their password to a restricted area of your site. This feature will redirect (and suspend if selected) accounts which have been compromised to a URL of your choice.
2. To prevent an user who is trying to access another’s account using the correct username but trying to login using multiple guessed passwords.
The protection is done by restricting users from logging in multiple times within a period.
In Leech protection, the default time set is 2 hours. So you can define the maximum number of login’s for a particular user in 2 hours.
How do I enable Leech protection?
1. Login to your cPanel
2. Click the name of the directory you want to leech protect.
3. Enter the maximum number of logins each user is allowed within a 2-hour period
4. Enter the "URL to Redirect Leech Users to" field to redirect users exceeding the maximum number of logins
5. If you would like to receive an email alert when leech protection is used, then check mark the option 'Send Email Alert' and enter the desired email address
6. If you wish to disable an account that exceeds the maximum number of logins in 2 hours, then check mark the option "Disable Compromised Accounts"
7. Click Enable.
The 'Manage Users' button will take you to the Password Protect Directories screen, where you can add, edit, and delete users.
You can disable Leech protection by clicking 'Disable'