Add additional directories to automatic scan list

What is cPGuard Watchlist

cPGuard is a Web Security Suite, written in its core to scan website files and find the threats in them. By default, it will try to identify the website document roots configured on the server, compile a list of such directories and automatically scan for updated/uploaded files in such directories which are publically accessible. We call it a watchlist and you can find the file at /etc/cpguard/watchlist.txt .

How to add an additional directory path to the watchlist

But in certain cases, users may need to add additional directories outside of their document root ( like a directory into which files are uploaded using a web form or gallery software ). cPGuard provides an option to add additional directories to the automatic scanner watchlist using its “cpgcli” CLI tool. Please note that cPGuard scanner engine is supposed to scan only the website files…we do not recommend you to add a system directory to the automatic scanner because scanning system files and taking action on them may cause unexpected system errors.

You can add an additional directory to the watchlist using the following command.

• Directory-Path – The complete path of the directory which you wish to add/remove 

To list the additional watch list directories you have added, use the following command

To remove  a directory path from the additional watchlist, you can use the following command