cPanel Explained - Protections

Protection Options

You have your website online, it's getting visitors and everything is going fine, so why you need protection? Well, do you know that visitors can display pictures found on your website on their websites or forum profiles using your bandwidth? Or maybe you want to restrict access to some files or directories to only a few users. So, there are some situations when you will want to restrict or prevent users from accessing files or directories within your website. We have already discussed a way of protecting files and directories from being indexed by the search engines, when we talked about the robots.txt file. For visitors however, there are other protections that you can set, modify and remove using cPanel.

Password Protected Directories.
Let's say that in the /documents folder on your website you want to put files available only to a restricted number of visitors. To do that, you will use the Password Protect Directories feature and create user accounts (username + password) for that directory. Each time a visitor tries to access a file from mydomain.com/documents/ he will be asked to enter a username and a password.

To remove access, delete in the Folder Settings the user accounts that are no longer permitted to access the folder. To make the folder public again, uncheck the password checkbox.

Hotlink Protection.
If someone likes a picture from your website and wants to display it on his website or blog, he can do that by linking to the URL of the picture from your website (e.g. mydomain.com/images/picture.gif). Although this is flattering, you must keep an eye on the number and the traffic generated by these types of links, because each time the picture is displayed on his website, your web host will have to "serve" the picture to his visitors and that means you will incur traffic. However, you can prevent this linking from happening by activating Hotlink Protection. Upon activation you get to choose the type of pictures (e.g. .jpg, .gif, .png, etc.) that you want to protect and the sites that are allowed to link to/display the pictures (you don't want to prevent your own site from showing up your own pictures, right?).

There is an option [Allow direct requests] that allows people entering the URL to an image in their browser to see the image although the hotlink protection is on.

Index Manager.
When you write in your browser the name of the website (e.g. mydomain.com) the web server looks in the root directory (which is /public_html) for the following two files: index.htm or index.php. When one of them is found, it is displayed and you see the "homepage" webpage. Let's say you have a /images folder where you store the website's images. If someone will type in his browser mydomain.com/images/ because there is no index.htm or index.php file, the browser will display a list of all the files in the directory. If you don't want this to happen, use Index Manager and set the index system for that folder to: No Indexes.

IP Deny Manager.
The IP Deny Manager allows you to prevent an IP address or range of IP addresses or a domain name from accessing your web site. If you need to block someone that is let's say, posting malicious content or if you need to block whole countries you can use the IP Deny Manager to block one or a whole range of IP addresses.