Security Blog
Posted By Gregory

Cerber Security Scanner Settings

Cerber Security Scanner is a sophisticated and powerful tool that inspects every file and folder on a website for traces of malware and backdoors, changed and new suspicious files. The scanner verifies the integrity of WordPress, plugins, and themes and prevents them from being infected with unforeseen malware. Let’s take a look at the scanner settings.

Malware Scanner Settings

Default Settings for Malware Scanner

Custom signatures

Custom signatures allows you to add your own additional scan signatures. They will be used by the scanner during the PHP code inspection for each file containing PHP code.

Unwanted file extensions

Use Unwanted file extensions field to specify a set of file extensions to look for and include files with such extensions in theĀ results of scan.

Directories to exclude

To exclude some directories from a scan, add them to the Directories to exclude text field. Use this setting with caution because the scanner will ignore all files in these directories and malware may remain undetected. Specify directories with full (absolute) paths or relative to the WordPress root directory. For instance, if you have another WordPress installation in the subfolder simply enter the subfolder name, the plugins expand the given name to the full path automatically.

If you enter a directory that doesn’t exist, the plugin removes it from the list.

Montor new files and Monitor modified files

If you enable these options, the scanner will look for new and modified files in all website folders and includes all found files in the report. To monitor file changes the scanner uses SHA-256 algorithm. It’s recommended to have both options enabled.

Scan temporary directory andĀ Scan session directory

Scan temporary directory and Scan session directory should be enabled because some malware can reside there. You should only disable scanning these folders if the scanner is unable to process them due to hosting platform limitations and restrictions.

Delete quarantined files after x days

If you delete a file on the scan results page, it is moved to a hidden quarantine folder. The plugin automatically cleans up this quarantine folder and deletes files completely after specified amount of days since the date of a scan.

Read more about the malware scanner:

How to use Cerber Security Scanner for WordPress

Automated recurring scans and email reporting for WordPress

What Cerber Security Scanner scans and detects


Last posts from WordPress security blog

I'm a team lead in Cerber Tech. I'm a software & database architect, WordPress - PHP - SQL - JavaScript developer. I started coding in 1993 on IBM System/370 (yeah, that was amazing days) and today software engineering at Cerber Tech is how I make my living. I've taught to have high standards for myself as well as using them in developing software solutions.

View Comments