Directory Privacy and Leech protection in cPanel
Midhun G
January 9, 2022
Midhun G
January 9, 2022
What is Directory privacy?
This interface allows you to protect specific directories in your cPanel account. After you enable this feature for a directory, when users attempt to view that directory via a website, the system will ask them to enter the credentials.
We can also set a password for our website so every time a user tries to access our website needs to enter a password this will be really helpful for those whose website that needed to be accessed by only a certain authorized one’s.
For example, consider you have a website named example.com whose document root is public_html and we are creating a folder named sample that consists of certain pictures of cat’s that needs to access only by certain authorized persons over the internet for that.
Step1: First login in your cPanel then navigates into the directory privacy option under the files section in cPanel.
Step 2: Where you will be able to see all the directories under to file manager as shown below from here you can click on the edit button on which directory you want to set privacy protection.
For example, I am creating a sample folder under public_html and then assigning privacy protection for that click on public_html.
Step 3: After clicking public_html you will see a window as shown below which list all the folder under your document root. Here we can see the sample folder we have created under public_html which consist of images of cat’s inside it
Click on the EDIT icon shown on the right side of your folder.
Step 4: After clicking the edit icon near your folder which will show a window as shown below. After enabling the tick box click save.
Step 5: Finally, you will need to create a user and assign a password for your directory.
After completing these steps you are successfully enabled privacy protection for your folder so every time a user tries to access your folder over the internet ie /sample it will ask for a password and username you can share these credentials with anyone whom you wish.
You can also set privacy protection for your entire website if your website’s document root is public_html you can just enable privacy protection directly for this folder so every time whenever a user tries to access your website it asks for a username and password.
What is Leech protection?
Leech Protect is a security feature offered within cPanel that allows you to detect unusual levels of activity in password-restricted directories on your website. Leeching is when users publicly post their username and password, unauthorized visitors can use those credentials to access secure areas of your website.
let’s say you have a password-protected directory and you have created a user and given access to that directory what if the password is stolen by someone so you can limit the number of times a user can access a secure area of your website within a two-hour period. After you set the maximum number of logins within a two-hour period, the system redirects or suspends users who exceed it. This is useful, also, say someone is trying to login to restricted areas of your website by guessing combinations of usernames and passwords.
How to enable leech protection for your account?
Step 1: Log in to your cPanel account and select leech Protection from the security section.
Step 2: Click edit on the directory you want to enable leech protection for example we are enabling leech protection for public_html.
After clicking the directory you will be prompted to a window as shown below enter the appropriate values.
Step 3: Under Set up, Leech Protection, enter the number of logins allowed per username in a two-hour period.
Step 4: Enter a URL to which you wish to redirect users who exceeded the maximum number of logins within a two-hour period.
Step 5: To receive an email alert when an account is compromised, select the Send Email Alert option and enter the email address in the text field.
Step 6: To disable compromised accounts, check the Disable Compromised Accounts option.
When ready, click Enable.
Step 7: After enabling leech protection on your folder it will show an icon as shown in the image below.
By enabling leech protection you can track the login activities of your password-protected directories over the internet.