Add additional directories to automatic scan list
What is cPGuard Watchlist
cPGuard is a Web Security Suite, written in its core to scan website files and find the threats in them. By default, it will try to identify the website document roots configured on the server, compile a list of such directories and automatically scan for updated/uploaded files in such directories which are publically accessible. We call it a watchlist and you can find the file at /etc/cpguard/watchlist.txt .
How to add an additional directory path to the watchlist
But in certain cases, users may need to add additional directories outside of their document root ( like a directory into which files are uploaded using a web form or gallery software ). cPGuard provides an option to add additional directories to the automatic scanner watchlist using its “cpgcli” CLI tool. Please note that cPGuard scanner engine is supposed to scan only the website files…we do not recommend you to add a system directory to the automatic scanner because scanning system files and taking action on them may cause unexpected system errors.
You can add an additional directory to the watchlist using the following command.
- Directory-Path – The complete path of the directory which you wish to add/remove
cpgcli watch --add Directory-Path
To list the additional watch list directories you have added, use the following command
cpgcli watch --list
To remove a directory path from the additional watchlist, you can use the following command
cpgcli watch --remove Directory-Path