What is Leech Protection?

Leech Protection watches for logins to protected areas of your site from different IP addresses. After the number of logins (in a 2 hour period) exceeds the maximum number specified, it can alert you by email, redirect users attempting to login, and / or disable the compromised login.

Why should I use Leech Protection?

This protection is valuable for protected directories on your site because it will prevent unauthorized usage in large quantities. For example: If you gave out the login information for a directory in your site where someone could download important information, and the password was leaked, hundreds of users could have access to that information. With Leech Protection, you can set a limit to the amount of logins to that protected directory, in order to prevent unauthorized logins.

Be Careful when setting the limit! Setting it too low may prevent authorized users from connecting and setting it too high may provide no adequate protection.

Configuration

Setting the Number of Logins.... is very important. Make sure to set this to a number that accounts for dropped internet connections but keep it low enough to prevent unauthorized usage. Get feedback and test.

You can redirect everyone who connects after the limit has been reached. This feature can be used to send them to a page with a warning about abuse, a simple error page, or other location.

It is advisable to disable accounts that have been determined compromised so that you eliminate people from being redirected. It can put a burden on your account if lots of viewers are being redirected to your error or other page after leech protection has gone into effect.