Hotlink Protection
Hotlink protection is the technique used in cPanel to prevent other websites from directly linking to certain files (typically images) on your websites. You can stop copyrighted images or save bandwidth usage by hotlink your images.
Let’s explore how to enable/disable hotlink protection
- First, you need to login to cPanel. In the cPanel home page go to the security group and then select the Hotlink Protection.
- You will find a page opened and there is an option “URLs to allow access”. Now the system fetches the URLs of all the domains on your site. This includes add-on domains, subdomains, aliased domains and parked domains. You can add or remove the sites from this list to access the resources on your website.
- In the next field “Block direct access for these extensions”, you can specify the file types that you want to block. If you would like to block the pictures add .jpeg,.jpg,.bmp,.gif,.png to the extensions list. It restricts others to access those file types
- Next field is “Redirect request to this URL”. This field permits us to enter the URL that needs to redirect requests for certain elements.
- Click on submit button, a confirmation message will now appear with the sites that are allowed to link to files in your account and the file extensions that it protects.
- Hotlink protection will be enabled. The websites listed will be hot-linked to shown file types.
- If you need to disable hotlink protection, just click the disable button.
Leech protection
Leech protection is a security feature in cPanel which prevents the user from insecurely posting their password credentials. This also prevents users from logging in multiple times within a short time period. In case of such violations, you can set users to a maximum number of logins according to your preferences, while the default value is set to 2 hours. If the users exceed the login limit, you can redirect them to another URL, send an alert e-mail, or potentially suspending the user.
Steps to enable leech protection
- Login to cPanel and then scroll down to the security group and select the leech protection.
- The “Leech Protection Directory selection” window will now appear. Here you have to select the directory you want to start. Then select the web directory and click the go button.
- Now the leech protection navigation interface will appear. To navigate to the directory, click the directory icon and click the directory name to select the directory and a new interface will appear.
- At first, we will set a limit for the number of times a user can log in to the directory within a two-hour period. This limits the user based on the limit you have set.
- Then on the next box “URL to Redirect Leech Users to” enter a URL to direct users who login in more than that number of times.
- Next, we can select whether to send an alert when someone login too many times and we can enter the email address to alert. Click on the checkbox “Send Email Alert To”.
- Select the “Disable Compromised Accounts” checkbox to suspend the users who exceed the maximum number of logins within a two-hour period.
- Finally, click Enable button.
Steps to disable leech protection
- Select the leech protection from security tab of the cPanel home screen.
- Click the name of the directory that you wish to disable.
- Click Disable Button.