Protection Against Account Sharing and Data Theft

The Leech Protection feature protects your password-protected directories from unauthorized sharing of login credentials. If a user account records an unusually high number of logins from different locations within a short period (2 hours), the system identifies this as "leeching" and takes protective action.

The Principle: You determine how many logins per user are allowed within a two-hour window. If this limit is exceeded, you can automatically redirect the user or suspend the account entirely.

Setting Up Leech Protection

  1. Navigate to Security » Leech Protection in cPanel.
  2. Select the directory you wish to protect (use the folder icon to navigate into subfolders if necessary).
  3. Click on the name of the folder.

Configuration Settings

Once you have selected a folder, you can define the following security rules:

➤ Login Limit
Enter the maximum number of allowed logins per 2 hours (a standard value of 4 is usually recommended).
➤ Redirect URL
Where should the user be sent when the limit is reached? (e.g., a page explaining the terms of use).
➤ Disable Account
Enable this field to automatically and immediately suspend compromised accounts.
➤ Email Alert
Receive a notification as soon as the system intervenes to stay informed about potential attacks.

Disabling and Management

To remove the protection, select the directory again and click the Disable button.

Important: Leech Protection only works for directories that are already password-protected. If you haven't created any users yet, you can do so via the Directory Privacy function in cPanel.

Tip: Use this tool especially for VIP areas or paid download content
to maintain the exclusivity of your offers.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

API Tokens: Secure remote access and automation

Secure Interfaces for Your Applications With API Tokens, you can allow external programs or...
Hotlink Protection: Preventing bandwidth theft and image scraping

Protect Your Images and Your Bandwidth Hotlinking occurs when other website owners embed...
Imunify360 & ImunifyAV: Maximum protection against malware and hackers

High-End Security for Your Web Projects Security is no accident. To protect your website from...
IP Blocker: Blocking unwanted visitors and hosts

Targeted Access Control for Your Hosting With the IP Blocker, you can prevent specific IP...
ModSecurity: The Web Application Firewall (WAF) for your website

Real-Time Protection Against Targeted Web Attacks ModSecurity is a powerful Web Application...