RdpGuard Command Line Interface. Flexible brute-force protection for your Windows Server.
RdpGuard
Intrusion prevention system for your Windows Server
 
Follow:
Share:

RdpGuard Command Line Interface

Starting from version 9.7.1, RdpGuard has a command line interface (CLI) that allows you to manage all RdpGuard settings from the command line.

To start the CLI, open a command prompt and run the following command:

cd %programfiles(x86)%\RdpGuard

rdpguard-cli

The following output will be displayed:

Usage:

  rdpguard-cli /<object> <command> [parameters]

Available objects:

  options
  blocking
  ipcloud
  geoip
  ui
  proxy
  log
  whitelist
  blacklist
  ip
  diagnostics
  license
  smtp-servers
  custom-actions
  pcap
  rdp
  ftp
  http
  imap
  pop3
  smtp
  mysql
  mssql
  sip
  webforms
  rdweb
  msvpn

To get detailed help for an each object please use:

  rdpguard-cli /<object>

Options Object

The options object allows you to manage RdpGuard settings.

To get detailed help for the options object, run the following command:

rdpguard-cli /options

The following output will be displayed:

Available commands:

  new-version-check

To get detailed help for an each command please use:

  rdpguard-cli /options <command>

new-version-check

The new-version-check command allows you to enable or disable automatic new version check.

To get detailed help for the new-version-check command, run the following command:

rdpguard-cli /options new-version-check

The following output will be displayed:

To set the new version check, please use the following syntax:

  rdpguard-cli /options new-version-check set on|off

  on|off - on to enable new version check and off otherwise

To get the new version check, please use the following syntax:

  rdpguard-cli /options new-version-check get

For example, to enable new version check, run the following command:

rdpguard-cli /options new-version-check set on

Blocking Object

The blocking object allows you to manage IP blocking settings.

To get detailed help for the blocking object, run the following command:

rdpguard-cli /blocking

The following output will be displayed:

Available commands:

  max-failed-logins
  failed-logins-ttl
  duration
  ports
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /blocking <command>

max-failed-logins

The max-failed-logins command allows you to set the maximum number of failed login attempts per IP address.

To get detailed help for the max-failed-logins command, run the following command:

rdpguard-cli /blocking max-failed-logins

The following output will be displayed:

To set the max failed login attempts, please use the following syntax:

  rdpguard-cli /blocking max-failed-logins set n

  n - the number of failed login attempts per single IP address allowed

To get the max failed login attempts, please use the following syntax:

  rdpguard-cli /blocking max-failed-logins get

For example, to set the maximum number of failed login attempts per IP address to 5, run the following command:

rdpguard-cli /blocking max-failed-logins set 5

failed-logins-ttl

The failed-logins-ttl command allows you to set the time period during which failed login attempts information is stored.

To get detailed help for the failed-logins-ttl command, run the following command:

rdpguard-cli /blocking failed-logins-ttl

The following output will be displayed:

To set the failed login attempts TTL, please use the following syntax:

  rdpguard-cli /blocking failed-logins-ttl set n

  n - the number of hours the failed login attempts information stored

To get the failed login attempts TTL, please use the following syntax:

  rdpguard-cli /blocking failed-logins-ttl get

For example, to set the time period during which failed login attempts information is stored to 24 hours, run the following command:

rdpguard-cli /blocking failed-logins-ttl set 24

duration

The duration command allows you to set the time period during which an IP address remains blocked.

To get detailed help for the duration command, run the following command:

rdpguard-cli /blocking duration

The following output will be displayed:

To set the blocking duration, please use the following syntax:

  rdpguard-cli /blocking duration set n

  n - the number of hours the IP address remains blocked

To get the blocking duration, please use the following syntax:

  rdpguard-cli /blocking duration get

For example, to set the time period during which an IP address remains blocked to 24 hours, run the following command:

rdpguard-cli /blocking duration set 24

ports

The ports command allows you to set the ports that are denied for blocked IP addresses.

To get detailed help for the ports command, run the following command:

rdpguard-cli /blocking ports

The following output will be displayed:

To set which ports are denied for blocked IP, please use the following syntax:

  rdpguard-cli /blocking ports set p

  p - comma separated list of ports, * mean all ports (recommended)

To get which ports are denied for blocked IP, please use the following syntax:

  rdpguard-cli /blocking ports get

All IP addresses are unblocked if you change this option

For example, to set all ports as denied for blocked IP addresses, run the following command:

rdpguard-cli /blocking ports set *

Please note that all IP addresses are unblocked if you change this option.

get

The get command allows you to get the current blocking settings.

To get all blocking settings, run the following command:

rdpguard-cli /blocking get

The following output will be displayed:

max-failed-logins: 3
failed-logins-ttl: 24
duration         : 24
ports            : *

set

The set command allows you to set multiple blocking settings at once.

To set multiple blocking settings at once, run the following command:

rdpguard-cli /blocking set <setting=value>,<setting=value>,...

For example, to set the maximum number of failed login attempts per IP address to 5 and the ports that are denied for blocked IP addresses to all ports, run the following command:

rdpguard-cli /blocking set max-failed-logins=5,ports=*

Please note that setting=value pairs are separated by comma and there are no spaces between them.

IP Cloud Object

The ipcloud object allows you to manage IP Cloud settings.

To get detailed help for the ipcloud object, run the following command:

rdpguard-cli /ipcloud

The following output will be displayed:

Available commands:

  enabled

To get detailed help for an each command please use:

  rdpguard-cli /ipcloud <command>

enabled

The enabled command allows you to enable or disable IP Cloud.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /ipcloud enabled

The following output will be displayed:

To set the IP Cloud enabled status, please use the following syntax:

  rdpguard-cli /ipcloud enabled set on|off

  on|off - on to enable IP Cloud and off otherwise

To get the IP Cloud enabled status, please use the following syntax:

  rdpguard-cli /ipcloud enabled get

For example, to enable IP Cloud, run the following command:

rdpguard-cli /ipcloud enabled set on

GeoIP Object

The geoip object allows you to manage Geo-IP settings.

To get detailed help for the geoip object, run the following command:

rdpguard-cli /geoip

The following output will be displayed:

Available commands:

  enabled
  mode
  db-version
  countries
  dry-run
  allow-loopback
  allow-local
  allow-whitelisted
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /geoip <command>

enabled

The enabled command allows you to enable or disable Geo-IP.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /geoip enabled

The following output will be displayed:

To set the Geo-IP enabled status, please use the following syntax:

  rdpguard-cli /geoip enabled set on|off

  on|off - on to enable Geo-IP and off otherwise

To get the Geo-IP enabled status, please use the following syntax:

  rdpguard-cli /geoip enabled get

For example, to enable Geo-IP, run the following command:

rdpguard-cli /geoip enabled set on

mode

The mode command allows you to set the Geo-IP mode.

To get detailed help for the mode command, run the following command:

rdpguard-cli /geoip mode

The following output will be displayed:

To set the Geo-IP mode, please use the following syntax:

  rdpguard-cli /geoip mode set block|allow

  block - block specific countries (all others are allowed)
  allow - allow specific countries (all others are denied)

To get the Geo-IP mode, please use the following syntax:

  rdpguard-cli /geoip mode get

For example, to set the Geo-IP mode to block, run the following command:

rdpguard-cli /geoip mode set block

db-version

The db-version command allows you to set the Geo-IP database version.

To get detailed help for the db-version command, run the following command:

rdpguard-cli /geoip db-version

The following output will be displayed:

To set the Geo-IP database version, please use the following syntax:

  rdpguard-cli /geoip db-version set lite|max

  lite - fewer entries, lower impact on OS performance, less accurate
  max  - more entries, higher impact on OS performance, more accurate

To get the Geo-IP database version, please use the following syntax:

  rdpguard-cli /geoip db-version get

For example, to set the Geo-IP database version to max, run the following command:

rdpguard-cli /geoip db-version set max

countries

The countries command allows you to set the Geo-IP countries.

To get detailed help for the countries command, run the following command:

rdpguard-cli /geoip countries

The following output will be displayed:

To set the Geo-IP countries, please use the following syntax:

  rdpguard-cli /geoip countries set list

  list  - comma-separated list of country codes

To get the Geo-IP countries, please use the following syntax:

  rdpguard-cli /geoip countries get

For example, to set the Geo-IP countries to US, run the following command:

rdpguard-cli /geoip countries set us

dry-run

The dry-run command allows you to enable or disable Geo-IP Dry Run mode.

To get detailed help for the dry-run command, run the following command:

rdpguard-cli /geoip dry-run

The following output will be displayed:

To set the Geo-IP Dry Run flag, please use the following syntax:

  rdpguard-cli /geoip dry-run set on|off

  on|off - on to enable Dry Run mode and off otherwise

To get the Geo-IP Dry Run flag, please use the following syntax:

  rdpguard-cli /geoip dry-run get

For example, to enable Geo-IP Dry Run mode, run the following command:

rdpguard-cli /geoip dry-run set on

allow-loopback

The allow-loopback command allows you to enable or disable Geo-IP Allow Loopback flag.

To get detailed help for the allow-loopback command, run the following command:

rdpguard-cli /geoip allow-loopback

The following output will be displayed:

To set the Geo-IP Allow Loopback flag, please use the following syntax:

  rdpguard-cli /geoip allow-loopback set on|off

  on|off - on to allow loopback connections and off otherwise

To get the Geo-IP Allow Loopback flag, please use the following syntax:

  rdpguard-cli /geoip allow-loopback get

For example, to enable Geo-IP Allow Loopback flag, run the following command:

rdpguard-cli /geoip allow-loopback set on

allow-local

The allow-local command allows you to enable or disable Geo-IP Allow Local flag.

To get detailed help for the allow-local command, run the following command:

rdpguard-cli /geoip allow-local

The following output will be displayed:


To set the Geo-IP Allow Local flag, please use the following syntax:

  rdpguard-cli /geoip allow-local set on|off

  on|off - on to allow local connections and off otherwise

To get the Geo-IP Allow Local flag, please use the following syntax:

  rdpguard-cli /geoip allow-local get

For example, to enable Geo-IP Allow Local flag, run the following command:

rdpguard-cli /geoip allow-local set on

allow-whitelisted

The allow-whitelisted command allows you to enable or disable Geo-IP Allow Whitelisted flag.

To get detailed help for the allow-whitelisted command, run the following command:

rdpguard-cli /geoip allow-whitelisted

The following output will be displayed:

To set the Geo-IP Allow Whitelisted flag, please use the following syntax:

  rdpguard-cli /geoip allow-whitelisted set on|off

  on|off - on to allow whitelisted connections and off otherwise

To get the Geo-IP Allow Whitelisted flag, please use the following syntax:

  rdpguard-cli /geoip allow-whitelisted get

For example, to enable Geo-IP Allow Whitelisted flag, run the following command:

rdpguard-cli /geoip allow-whitelisted set on

get

The get command allows you to get the current Geo-IP settings.

To get all Geo-IP settings, run the following command:

rdpguard-cli /geoip get

The following output will be displayed:

enabled          : on
mode             : block
db-version       : max
countries        : us
dry-run          : off
allow-loopback   : on
allow-local      : on
allow-whitelisted: on

set

The set command allows you to set multiple Geo-IP settings at once.

To set multiple Geo-IP settings at once, run the following command:

rdpguard-cli /geoip set <setting=value>,<setting=value>,...

For example, to set the Geo-IP mode to block and the Geo-IP countries to XX, run the following command:

rdpguard-cli /geoip set mode=block,countries=xx

Please note that setting=value pairs are separated by comma and there are no spaces between them.

UI Object

The ui object allows you to manage RdpGuard UI settings.

To get detailed help for the ui object, run the following command:

rdpguard-cli /ui

The following output will be displayed:

Available commands:

  icon-in-tray
  minimize-to-tray
  close-to-tray
  status-bar
  event-log
  entries-per-page
  color-theme
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /ui <command>

icon-in-tray

The icon-in-tray command allows you to set the icon in system tray status.

To get detailed help for the icon-in-tray command, run the following command:

rdpguard-cli /ui icon-in-tray

The following output will be displayed:

To set the icon in system tray status, please use the following syntax:

  rdpguard-cli /ui icon-in-tray set on|off

  on|off - on to show icon in system tray and off otherwise

To get the icon in system tray status, please use the following syntax:

  rdpguard-cli /ui icon-in-tray get

For example, to set the icon in system tray status to on, run the following command:

rdpguard-cli /ui icon-in-tray set on

minimize-to-tray

The minimize-to-tray command allows you to set the minimize to system tray status.

To get detailed help for the minimize-to-tray command, run the following command:

rdpguard-cli /ui minimize-to-tray

The following output will be displayed:

To set the minimize to system tray status, please use the following syntax:

  rdpguard-cli /ui minimize-to-tray set on|off

  on|off - on to minimize to system tray and off otherwise

To get the minimize to system tray status, please use the following syntax:

  rdpguard-cli /ui minimize-to-tray get

For example, to set the minimize to system tray status to on, run the following command:

rdpguard-cli /ui minimize-to-tray set on

close-to-tray

The close-to-tray command allows you to set the close to system tray status.

To get detailed help for the close-to-tray command, run the following command:

rdpguard-cli /ui close-to-tray

The following output will be displayed:

To set the close to system tray status, please use the following syntax:

  rdpguard-cli /ui close-to-tray set on|off

  on|off - on to close to system tray and off otherwise

To get the close to system tray status, please use the following syntax:

  rdpguard-cli /ui close-to-tray get

For example, to set the close to system tray status to on, run the following command:

rdpguard-cli /ui close-to-tray set on

status-bar

The status-bar command allows you to set the show status bar status.

To get detailed help for the status-bar command, run the following command:

rdpguard-cli /ui status-bar

The following output will be displayed:

To set the show status bar status, please use the following syntax:

  rdpguard-cli /ui status-bar set on|off

  on|off - on to show status bar and off otherwise

To get the show status bar status, please use the following syntax:

  rdpguard-cli /ui status-bar get

For example, to set the show status bar status to on, run the following command:

rdpguard-cli /ui status-bar set on

event-log

The event-log command allows you to set the show event log status.

To get detailed help for the event-log command, run the following command:

rdpguard-cli /ui event-log

The following output will be displayed:

To set the show event log status, please use the following syntax:

  rdpguard-cli /ui event-log set on|off

  on|off - on to show event log and off otherwise

To get the show event log status, please use the following syntax:

  rdpguard-cli /ui event-log get

For example, to set the show event log status to on, run the following command:

rdpguard-cli /ui event-log set on

entries-per-page

The entries-per-page command allows you to set the IP addresses per page.

To get detailed help for the entries-per-page command, run the following command:

rdpguard-cli /ui entries-per-page

The following output will be displayed:

To set the IP addresses per page, please use the following syntax:

  rdpguard-cli /ui entries-per-page set n

  n - number of IP addresses per page

To get the IP addresses per page, please use the following syntax:

  rdpguard-cli /ui entries-per-page get

For example, to set the IP addresses per page to 100, run the following command:

rdpguard-cli /ui entries-per-page set 100

color-theme

The color-theme command allows you to set the color theme.

To get detailed help for the color-theme command, run the following command:

rdpguard-cli /ui color-theme

The following output will be displayed:

To set color theme, please use the following syntax:

  rdpguard-cli /ui color-theme set light|dark|system

  light  - light color theme
  dark   - dark color theme
  system - system color theme

To get color theme, please use the following syntax:

  rdpguard-cli /ui color-theme get

For example, to set the color theme to dark, run the following command:

rdpguard-cli /ui color-theme set dark

get

The get command allows you to get the current UI settings.

To get all UI settings, run the following command:

rdpguard-cli /ui get

The following output will be displayed:

icon-in-tray      : on
minimize-to-tray  : off
close-to-tray     : off
status-bar        : on
event-log         : on
entries-per-page  : 100
color-theme       : System

set

The set command allows you to set multiple UI settings at once.

To set multiple UI settings at once, run the following command:

rdpguard-cli /ui set <setting=value>,<setting=value>,...

For example, to set the icon in system tray status to on and the show status bar status to off, run the following command:

rdpguard-cli /ui set icon-in-tray=on,status-bar=off

Please note that setting=value pairs are separated by comma and there are no spaces between them.

Proxy Object

The proxy object allows you to manage Proxy settings.

To get detailed help for the proxy object, run the following command:

rdpguard-cli /proxy

The following output will be displayed:

Available commands:

  mode
  address
  port
  authentication
  username
  password
  domain
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /proxy <command>

mode

The mode command allows you to set the proxy mode.

To get detailed help for the mode command, run the following command:

rdpguard-cli /proxy mode

The following output will be displayed:

To set the proxy mode, please use the following syntax:

  rdpguard-cli /proxy mode set disabled|auto|manual

  disabled - disable proxy
  auto     - use system proxy settings
  manual   - use manual proxy settings

To get the proxy mode, please use the following syntax:

  rdpguard-cli /proxy mode get

For example, to set the proxy mode to manual, run the following command:

rdpguard-cli /proxy mode set manual

address

The address command allows you to set the proxy address.

To get detailed help for the address command, run the following command:

rdpguard-cli /proxy address

The following output will be displayed:

To set the proxy address, please use the following syntax:

  rdpguard-cli /proxy address set <address>

  <address> - the proxy address

To get the proxy address, please use the following syntax:

  rdpguard-cli /proxy address get

For example, to set the proxy address to 192.168.2.200, run the following command:

rdpguard-cli /proxy address set 192.168.2.200

port

The port command allows you to set the proxy port.

To get detailed help for the port command, run the following command:

	
rdpguard-cli /proxy port

The following output will be displayed:

To set the proxy port, please use the following syntax:

  rdpguard-cli /proxy port set <port>

  <port> - the proxy port

To get the proxy port, please use the following syntax:

  rdpguard-cli /proxy port get

For example, to set the proxy port to 8080, run the following command:

rdpguard-cli /proxy port set 8080

authentication

The authentication command allows you to set the proxy authentication.

To get detailed help for the authentication command, run the following command:

rdpguard-cli /proxy authentication

The following output will be displayed:

To set the proxy authentication, please use the following syntax:

  rdpguard-cli /proxy authentication set on|off

  on|off - on to enable proxy authentication and off otherwise

To get the proxy authentication, please use the following syntax:

  rdpguard-cli /proxy authentication get

For example, to enable proxy authentication, run the following command:

rdpguard-cli /proxy authentication set on

username

The username command allows you to set the proxy username.

To get detailed help for the username command, run the following command:

rdpguard-cli /proxy username

The following output will be displayed:

To set the proxy username, please use the following syntax:

  rdpguard-cli /proxy username set <username>

  <username> - the proxy username

To get the proxy username, please use the following syntax:

  rdpguard-cli /proxy username get

For example, to set the proxy username to user1, run the following command:

rdpguard-cli /proxy username set user1

password

The password command allows you to set the proxy password.

To get detailed help for the password command, run the following command:

rdpguard-cli /proxy password

The following output will be displayed:

To set the proxy password, please use the following syntax:

  rdpguard-cli /proxy password set <password>

  <password> - the proxy password

To get the proxy password, please use the following syntax:

  rdpguard-cli /proxy password get

For example, to set the proxy password to uK&8pNUKK%QW$ih!f94n, run the following command:

rdpguard-cli /proxy password set "uK&8pNUKK%QW$ih!f94n"

Please note that the password should be enclosed in double quotes as it may contain special characters.

domain

The domain command allows you to set the proxy domain.

To get detailed help for the domain command, run the following command:

rdpguard-cli /proxy domain

The following output will be displayed:

To set the proxy domain, please use the following syntax:

  rdpguard-cli /proxy domain set <domain>

  <domain> - the proxy domain

To get the proxy domain, please use the following syntax:

  rdpguard-cli /proxy domain get

For example, to set the proxy domain to domain1, run the following command:

rdpguard-cli /proxy domain set domain1

get

The get command allows you to get the current Proxy settings.

To get all Proxy settings, run the following command:

rdpguard-cli /proxy get

The following output will be displayed:

mode          : disabled
address       : 192.168.2.200
port          : 8080
authentication: on
username      : user1
password      : uK&8pNUKK%QW$ih!f94n
domain        : 

set

The set command allows you to set multiple Proxy settings at once.

To set multiple Proxy settings at once, run the following command:

rdpguard-cli /proxy set <setting=value>,<setting=value>,...

For example, to set the proxy mode to manual and the proxy address to 192.168.3.100 run the following command:

rdpguard-cli /proxy set mode=manual,address=192.168.3.100

Please note that setting=value pairs are separated by comma and there are no spaces between them.

Log Object

The log object allows you to manage RdpGuard log settings.

To get detailed help for the log object, run the following command:

rdpguard-cli /log

The following output will be displayed:

Available commands:

  verbosity
  save-to-file
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /log <command>

verbosity

The verbosity command allows you to set the log verbosity level.

To get detailed help for the verbosity command, run the following command:

rdpguard-cli /log verbosity

The following output will be displayed:

To set the log verbosity level, please use the following syntax:

  rdpguard-cli /log verbosity set <verbosity>

  <verbosity> - log verbosity level - verbose, brief, warningsanderrors

To get the log verbosity level, please use the following syntax:

  rdpguard-cli /log verbosity get

For example, to set the log verbosity level to brief, run the following command:

rdpguard-cli /log verbosity set brief

save-to-file

The save-to-file command allows you to set the save log to file flag.

To get detailed help for the save-to-file command, run the following command:

rdpguard-cli /log save-to-file

The following output will be displayed:

To set the save log to file flag, please use the following syntax:

  rdpguard-cli /log save-to-file set on|off

  on|off - on to save log to file and off otherwise

To get the save log to file flag, please use the following syntax:

  rdpguard-cli /log save-to-file get

For example, to enable save log to file flag, run the following command:

rdpguard-cli /log save-to-file set on

get

The get command allows you to get the current log settings.

To get all log settings, run the following command:

rdpguard-cli /log get

The following output will be displayed:

verbosity    : brief
save-to-file : on

set

The set command allows you to set multiple log settings at once.

To set multiple log settings at once, run the following command:

rdpguard-cli /log set <setting=value>,<setting=value>,...

For example, to set the log verbosity level to verbose and the save log to file flag to off, run the following command:

rdpguard-cli /log set verbosity=verbose,save-to-file=off

Please note that setting=value pairs are separated by comma and there are no spaces between them.

Whitelist Object

The whitelist object allows you to manage RdpGuard Whitelist.

To get detailed help for the whitelist object, run the following command:

rdpguard-cli /whitelist

The following output will be displayed:

Available commands:

  show
  add
  delete
  import
  export

To get detailed help for an each command please use:

  rdpguard-cli /whitelist <command>

show

The show command allows you to show the Whitelist entries.

To get the Whitelist entries, run the following command:

rdpguard-cli /whitelist show

For example, the following output will be displayed:

IP                        Comment
192.168.0.0-192.168.0.255 local subnet

add

The add command allows you to add new Whitelist entries.

To get detailed help for the add command, run the following command:

rdpguard-cli /whitelist add

The following output will be displayed:

To add new entries, please use the following syntax:

  rdpguard-cli /whitelist add <entries> [comment]

  <entries> - IP address, range, or CIDR. Use comma to add multiple entries.
  [comment] - an optional commen regarding the entry.

For example, to add the 192.168.0.0/24 subnet to the Whitelist with the comment "local subnet", run the following command:

rdpguard-cli /whitelist add 192.168.0.0/24 "local subnet"

delete

The delete command allows you to delete Whitelist entries.

To get detailed help for the delete command, run the following command:

rdpguard-cli /whitelist delete

The following output will be displayed:

To delete entries, please use the following syntax:

  rdpguard-cli /whitelist delete <entries>

  <entries> - IP address, range, or CIDR. Use comma to delete multiple entries.

For example, to delete the 1.2.3.4 IP address from the Whitelist, run the following command:

rdpguard-cli /whitelist delete 1.2.3.4

import

The import command allows you to import Whitelist entries.

To get detailed help for the import command, run the following command:

rdpguard-cli /whitelist import

The following output will be displayed:

To import entries, please use the following syntax:

  rdpguard-cli /whitelist import <format> <file>

  <format> - the format to import the entries from: json, xml, csv.
  <file> - the file to import the entries from.

Please note that the existing entries will be replaced with the imported entries..

For example, to import the Whitelist entries from the whitelist.json file, run the following command:

rdpguard-cli /whitelist import json whitelist.json

export

The export command allows you to export Whitelist entries.

To get detailed help for the export command, run the following command:

rdpguard-cli /whitelist export

The following output will be displayed:

To export entries, please use the following syntax:

  rdpguard-cli /whitelist export <format> <file>

  <format> - the format to export the entries to: json, xml, csv.
  <file> - the file to export the entries to.

For example, to export the Whitelist entries to the whitelist.json file, run the following command:

rdpguard-cli /whitelist export json whitelist.json

Blacklist Object

The blacklist object allows you to manage RdpGuard Blacklist.

To get detailed help for the blacklist object, run the following command:

rdpguard-cli /blacklist

The following output will be displayed:

Available commands:

  show
  add
  delete
  import
  export

To get detailed help for an each command please use:

  rdpguard-cli /blacklist <command>

show

The show command allows you to show the Blacklist entries.

To get the Blacklist entries, run the following command:

rdpguard-cli /blacklist show

For example, the following output will be displayed:

IP                Comment
1.2.3.0-1.2.3.255 test subnet

add

The add command allows you to add new Blacklist entries.

To get detailed help for the add command, run the following command:

rdpguard-cli /blacklist add

The following output will be displayed:

To add new entries, please use the following syntax:

  rdpguard-cli /blacklist add <entries> [comment]

  <entries> - IP address, range, or CIDR. Use comma to add multiple entries.
  [comment] - an optional commen regarding the entry.

For example, to add the 1.2.3.0/24 subnet to the Blacklist with the comment "test subnet", run the following command:

rdpguard-cli /blacklist add 1.2.3.0/24 "test subnet"

delete

The delete command allows you to delete Blacklist entries.

To get detailed help for the delete command, run the following command:

rdpguard-cli /blacklist delete

The following output will be displayed:

To delete entries, please use the following syntax:

  rdpguard-cli /blacklist delete <entries>

  <entries> - IP address, range, or CIDR. Use comma to delete multiple entries.

For example, to delete the 1.2.3.4 IP address from the Blacklist, run the following command:

rdpguard-cli /blacklist delete 1.2.3.4

import

The import command allows you to import Blacklist entries.

To get detailed help for the import command, run the following command:

rdpguard-cli /blacklist import

The following output will be displayed:

To import entries, please use the following syntax:

  rdpguard-cli /blacklist import <format> <file>

  <format> - the format to import the entries from: json, xml, csv.
  <file> - the file to import the entries from.

For example, to import the Blacklist entries from the blacklist.json file, run the following command:

rdpguard-cli /blacklist import json blacklist.json

export

The export command allows you to export Blacklist entries.

To get detailed help for the export command, run the following command:

rdpguard-cli /blacklist export

The following output will be displayed:

To export entries, please use the following syntax:

  rdpguard-cli /blacklist export <format> <file>

  <format> - the format to export the entries to: json, xml, csv.
  <file> - the file to export the entries to.

For example, to export the Blacklist entries to the blacklist.json file, run the following command:

rdpguard-cli /blacklist export json blacklist.json

IP Object

The ip object allows you to manage blocked IP addresses.

To get detailed help for the ip object, run the following command:

rdpguard-cli /ip

The following output will be displayed:

Available commands:

  show
  report
  block
  unblock
  export

To get detailed help for an each command please use:

  rdpguard-cli /ip <command>

show

The show command shows the blocked IP addresses.

To get the blocked IP addresses, run the following command:

rdpguard-cli /ip show

For example, the following output will be displayed:

2 blocked IP addresses found

[Address]    [Block Date]           [Unblock Date]         [Protocol]    [User]
1.2.3.4      6/5/2024 4:33:06 PM    6/6/2024 4:33:06 PM    Test          [Unknown]
5.6.7.8      6/5/2024 4:22:18 PM    6/6/2024 4:22:18 PM    Test          [Unknown]

report

The report command allows you to report one or more IP addresses.

To get detailed help for the report command, run the following command:

rdpguard-cli /ip report

The following output will be displayed:

To report an IP address, please use the following syntax:

  rdpguard-cli /ip report <ip> <protocol> [user]

  <ip> - IP address to report (comma separated addresses allowed)
  <protocol> - protocol
  [user] - optional user name

For example, to report the 10.11.12.13 IP address with the RDP protocol and the user name "testuser", run the following command:

rdpguard-cli /ip report 10.11.12.13 RDP testuser

block

The block command allows you to block one or more IP addresses.

To get detailed help for the block command, run the following command:

rdpguard-cli /ip block

The following output will be displayed:

To block an IP address, please use the following syntax:

  rdpguard-cli /ip block <ip> <protocol> [user]

  <ip> - IP address to block (comma separated addresses allowed)
  <protocol> - protocol
  [user] - optional user name

For example, to block the 10.10.10.10 IP address with the RDP protocol and the user name "testuser", run the following command:

rdpguard-cli /ip block 10.10.10.10 RDP testuser

unblock

The unblock command allows you to unblock one or more IP addresses.

To get detailed help for the unblock command, run the following command:

rdpguard-cli /ip unblock

The following output will be displayed:

To unblock an IP address, please use the following syntax:

  rdpguard-cli /ip unblock <ip>

  <ip> - IP address to unblock (comma separated addresses allowed),
         use * to unblock all IP addresses

For example, to unblock the 10.10.10.10 IP address, run the following command:

rdpguard-cli /ip unblock 10.10.10.10

export

The export command allows you to export blocked IP addresses.

To get detailed help for the export command, run the following command:

rdpguard-cli /ip export

The following output will be displayed:

To export entries, please use the following syntax:

  rdpguard-cli /ip export <format> <file>

  <format> - the format to export the entries to: json, xml, csv.
  <file> - the file to export the entries to.

For example, to export the blocked IP addresses to the blocked_ips.json file, run the following command:

rdpguard-cli /ip export json blocked_ips.json

Diagnostics Object

The diagnostics object allows you to get diagnostic information and send it to the RdpGuard support team.

To get detailed help for the diagnostics object, run the following command:

rdpguard-cli /diagnostics

The following output will be displayed:

Available commands:

  get
  send
  version

To get detailed help for an each command please use:

  rdpguard-cli /diagnostics <command>

get

The get command allows you to get diagnostic information.

To get diagnostic information, run the following command:

rdpguard-cli /diagnostics get

For example, the following output will be displayed:

System Information:
  OS: Microsoft Windows 10 Pro (6.2.9200,,x64)
  Framework Version: 4.0.30319.42000

Process Information:
  BasePriority: 8
  HasExited: False
  Handle: 1036
  HandleCount: 593
  Id: 20456
  MachineName: .
  MainWindowHandle: 0
  MainModule: rdpguard-svc.exe (9.6.8)

  <skipped..>

send

The send command allows you to send diagnostic information to the RdpGuard support team.

To get detailed help for the send command, run the following command:

rdpguard-cli /diagnostics send

The following output will be displayed:

To send diagnostic report, please use the following syntax:

  rdpguard-cli /diagnostics send <name> <email> <comment>

  <name>    - your name
  <email>   - your email address
  <comment> - your comment

version

The version command allows you to get the RdpGuard version.

To get the RdpGuard version, run the following command:

rdpguard-cli /diagnostics version

For example, the following output will be displayed:

9.6.8

License Object

The license object allows you to manage RdpGuard license.

To get detailed help for the license object, run the following command:

rdpguard-cli /license

The following output will be displayed:

Available commands:

  show
  activate
  deactivate
  hwid
  id
  maintenance

To get detailed help for an each command please use:

  rdgpguard-cli /license <command>

show

The show command allows you to show the license information.

To get the license information, run the following command:

rdpguard-cli /license show

For example, the following output will be displayed:

Registered version
Maintenance: 35 days remain

activate

The activate command allows you to activate your license key.

To get detailed help for the activate command, run the following command:

rdpguard-cli /license activate

The following output will be displayed:

To activate your license key, please use the following syntax:

  rdgpguard-cli /license activate <license>

  <license> - your license key (activation key)

For example, to activate your license key AAAA-BBBB-CCCC-DDDD-EEEE, run the following command:

rdpguard-cli /license activate AAAA-BBBB-CCCC-DDDD-EEEE

deactivate

The deactivate command allows you to deactivate your license key.

To get detailed help for the deactivate command, run the following command:

rdpguard-cli /license deactivate

The following output will be displayed:

Please wait, connecting activation server..
Your license has been successfully deactivated.

hwid

The hwid command allows you to get the hardware ID.

To get the hardware ID, run the following command:

rdpguard-cli /license hwid

For example, the following output will be displayed:

7c46f5ab67c86a44bf028aa31d608d66

id

The id command allows you to get the license ID.

To get the license ID, run the following command:

rdpguard-cli /license id

For example, the following output will be displayed:

45d077a221dcfcae9df52941d92c7048

maintenance

The maintenance command allows you to get the maintenance days.

To get the maintenance days, run the following command:

rdpguard-cli /license maintenance

For example, the following output will be displayed:

35

SMTP Servers Object

The smtp-servers object allows you to manage SMTP servers.

Smtp servers are used to send email notifications in Custom Actions

To get detailed help for the smtp-servers object, run the following command:

rdpguard-cli /smtp-servers

The following output will be displayed:

Available commands:

  show
  add
  edit
  delete
  import
  export

To get detailed help for an each command please use:

  rdpguard-cli /smtp-servers <command>

show

The show command allows you to show the SMTP servers.

To get detailed help for the show command, run the following command:

rdpguard-cli /smtp-servers show

The following output will be displayed:

To show smtp servers, please use the following syntax:

  rdpguard-cli /smtp-servers show <id>

  <id> - smtp server id (* to show all)

For example, to show all SMTP servers, run the following command:

rdpguard-cli /smtp-servers show *

The following output will be displayed:

ID:       374598b8
Host:     localhost
Port:     25
TLS:      off
Username: test
Password: test

ID:       4cec9b6f
Host:     email-smtp.us-east-1.amazonaws.com
Port:     587
TLS:      on
Username: AKIAIOSFODNN7EXAMPLE
Password: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

add

The add command allows you to add a new SMTP server.

To get detailed help for the add command, run the following command:

rdpguard-cli /smtp-servers add

The following output will be displayed:

To add a new SMTP server, please use the following syntax:

  rdgpguard-cli /smtp-servers add <host> <port> <tls> <username> <password>

  <host>     - SMTP server host
  <port>     - SMTP server port
  <tls>      - TLS enabled (on/off)
  <username> - SMTP server username
  <password> - SMTP server password

For example, to add the localhost SMTP server with the port 25, the TLS disabled, the username "test", and the password "test", run the following command:

rdpguard-cli /smtp-servers add localhost 25 off test test

edit

The edit command allows you to edit an existing SMTP server.

To get detailed help for the edit command, run the following command:

rdpguard-cli /smtp-servers edit

The following output will be displayed:

To edit an existing SMTP server, please use the following syntax:

  rdpguard-cli /smtp-servers edit <id> <property>=<value>,<property>=<value>..

  <id>       - SMTP server id
  <property> - SMTP server property to edit (host, port, tls, username, password)

For example, to edit the localhost SMTP server with the id 374598b8 and change the port to 2525, run the following command:

rdpguard-cli /smtp-servers edit 374598b8 port=2525

delete

The delete command allows you to delete an existing SMTP server.

To get detailed help for the delete command, run the following command:

rdpguard-cli /smtp-servers delete

The following output will be displayed:

To delete an existing SMTP server, please use the following syntax:

  rdpguard-cli /smtp-servers delete <id>

  <id> - SMTP server id (* to delete all servers)

For example, to delete the localhost SMTP server with the id 374598b8, run the following command:

rdpguard-cli /smtp-servers delete 374598b8

import

The import command allows you to import SMTP servers.

To get detailed help for the import command, run the following command:

rdpguard-cli /smtp-servers import

The following output will be displayed:

To import entries, please use the following syntax:

  rdpguard-cli /smtp-servers import <format> <file>

  <format> - the format to import the entries from: json, xml, csv.
  <file> - the file to import the entries from.

Please note that the existing entries will be replaced with the imported entries.

For example, to import the SMTP servers from the smtp_servers.json file, run the following command:

rdpguard-cli /smtp-servers import json smtp_servers.json

export

The export command allows you to export SMTP servers.

To get detailed help for the export command, run the following command:

rdpguard-cli /smtp-servers export

The following output will be displayed:

To export entries, please use the following syntax:

  rdpguard-cli /smtp-servers export <format> <file>

  <format> - the format to export the entries to: json, xml, csv.
  <file> - the file to export the entries to.

For example, to export the SMTP servers to the smtp_servers.json file, run the following command:

rdpguard-cli /smtp-servers export json smtp_servers.json

Custom Actions Object

The custom-actions object allows you to manage Custom Actions.

Custom actions are used to perform specific tasks when certain events occur in RdpGuard.

To get detailed help for the custom-actions object, run the following command:

rdpguard-cli /custom-actions

The following output will be displayed:

Available commands:

  show
  add
  edit
  delete
  import
  export

To get detailed help for an each command please use:

  rdpguard-cli /custom-actions <command>

show

The show command shows the custom actions.

To get detailed help for the show command, run the following command:

rdpguard-cli /custom-actions show

The following output will be displayed:

To show custom actions, please use the following syntax:

  rdpguard-cli /custom-actions show <id>

  <id> - custom action id (* to show all)

For example, to show all custom actions, run the following command:

rdpguard-cli /custom-actions show *

The following output will be displayed:

ID: e40bcdba
Enabled: True
Event:
  Type: IPBlocked
  Settings:
Task:
  Type: SendMailTask
  ServerId: 4cec9b6f
  From: noreply@mydomain.com
  To: example@mydomain.com
  Subject: RdpGuard blocked %IP%
  Body: IP: %IP%
User: %USER%
Block Date: %BLOCK_DATE%
Unblock Date: %UNBLOCK_DATE%
Protocol: %PROTOCOL%
Host: %HOSTNAME%
Total IP addresses currently blocked: %TOTAL_IP_BLOCKED%

ID: 83fb8dad
Enabled: False
Event:
  Type: NewVersionAvailable
  Settings:
Task:
  Type: HttpPostTask
  Endpoint: https://mydomain.com/rdpguard-notifications-endpoint.aspx
  BasicAuth: False
  Username:
  Password:
  Body: {
  "NewVersionAvailable": {
	"Version": "%NEW_VERSION_NUMBER%",
	"Link": "%NEW_VERSION_LINK%",
	"Host": "%HOSTNAME%"
  }
}

add

The add command allows you to add a new custom action.

To get detailed help for the add command, run the following command:

rdpguard-cli /custom-actions add

The following output will be displayed:

To add a new custom action, please use the following syntax:

  rdpguard-cli /custom-actions add <event> <task> <details>

  <event>   - IPBlocked, IPUnblocked, UserLoggedIn, NewVersionAvailable,
              MaintenanceIsAboutToExpire, MaintenanceExpired

  <task>    - SendMailTask, HttpPostTask, ProgramExecuteTask, 
              AbuseIPDBReportTask, SendTelegramTask

  <details> - task-specific details as comma-separated key=value pairs:

  Common properties for all tasks - enabled, event, task

  SendMailTask - server-id, from, to, subject, body

  HttpPostTask - endpoint, basic-auth, username, password, body

  ProgramExecuteTask - path, args

  AbuseIPDBReportTask - api-key

  SendTelegramTask - bot-token, chat-id, message

For example, to add a new custom action that sends an email notification when an IP address is blocked, run the following command:

rdpguard-cli /custom-actions add IPBlocked SendMailTask "server-id=4cec9b6f,from=test@domain.com,to=me@domain.com,subject=%IP% Blocked,body=IP: %IP%\r\nUser: %USER%"

Please note that details must be enclosed in double quotes if they contain spaces.

edit

The edit command allows you to edit an existing custom action.

To get detailed help for the edit command, run the following command:

rdpguard-cli /custom-actions edit

The following output will be displayed:

To edit an existing custom action, please use the following syntax:

  rdpguard-cli /custom-actions edit <id> <details>

  <id>      - custom action id
  <details> - task-specific details as comma-separated key=value pairs:

  Common properties for all tasks - enabled, event, task

  SendMailTask - server-id, from, to, subject, body

  HttpPostTask - endpoint, basic-auth, username, password, body

  ProgramExecuteTask - path, args

  AbuseIPDBReportTask - api-key

  SendTelegramTask - bot-token, chat-id, message

For example, to edit the custom action with the id e40bcdba and change the email subject, run the following command:

rdpguard-cli /custom-actions edit e40bcdba subject="RdpGuard blocked %IP% on %HOSTNAME%"

delete

The delete command allows you to delete an existing custom action.

To get detailed help for the delete command, run the following command:

rdpguard-cli /custom-actions delete

The following output will be displayed:

To delete an existing custom action, please use the following syntax:

  rdpguard-cli /custom-actions delete <id>

  <id> - custom action id (* to delete all actions)

For example, to delete the custom action with the id e40bcdba, run the following command:

rdpguard-cli /custom-actions delete e40bcdba

import

The import command allows you to import custom actions.

To get detailed help for the import command, run the following command:

rdpguard-cli /custom-actions import

The following output will be displayed:

To import entries, please use the following syntax:

  rdpguard-cli /custom-actions import <format> <file>

  <format> - the format to import the entries from: json, xml.
  <file> - the file to import the entries from.

Please note that the existing entries will be replaced with the imported entries.

For example, to import the custom actions from the custom_actions.json file, run the following command:

rdpguard-cli /custom-actions import json custom_actions.json

export

The export command allows you to export custom actions.

To get detailed help for the export command, run the following command:

rdpguard-cli /custom-actions export

The following output will be displayed:

To export entries, please use the following syntax:

  rdpguard-cli /custom-actions export <format> <file>

  <format> - the format to export the entries to: json, xml.
  <file> - the file to export the entries to.

For example, to export the custom actions to the custom_actions.json file, run the following command:

rdpguard-cli /custom-actions export json custom_actions.json

Pcap Object

The pcap object allows you to manage network adapters for packet capturing.

To get detailed help for the pcap object, run the following command:

rdpguard-cli /pcap

The following output will be displayed:

Available commands:

  status
  adapters
  adapters-all

To get detailed help for an each command please use:

  rdpguard-cli /pcap <command>

status

The status command allows you to get the pcap status.

To get the pcap status, run the following command:

rdpguard-cli /pcap status

For example, the following output will be displayed:

installed

adapters

The adapters command allows you to get the pcap network adapters.

The command returns the network adapters that are most likely to be used for packet capturing, i.e. the adapters that are not loopback and are up, running, and connected.

To get the pcap network adapters, run the following command:

rdpguard-cli /pcap adapters

For example, the following output will be displayed:

Id: rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
Name: Network adapter 'OpenVPN Data Channel Offload' on local host
Attributes: up, running, connected

Id: rpcap://\Device\NPF_{fb296561-b160-4977-9520-50122bb8cfa3}
Name: Network adapter 'Realtek PCIe GBE Family Controller' on local host
Attributes: up, running, connected

Id: rpcap://\Device\NPF_{a3c5d9fa-16a7-4f9e-a95f-a27b84e2931f}
Name: Network adapter 'sing-tun Tunnel' on local host
Attributes: up, running, connected

adapters-all

The adapters-all command allows you to get all pcap network adapters.

To get all pcap network adapters, run the following command:

rdpguard-cli /pcap adapters-all

For example, the following output will be displayed:

Id: rpcap://\Device\NPF_{a00eb421-ed32-4791-b3ca-ffba833127d8}
Name: Network adapter 'WAN Miniport (Network Monitor)' on local host
Attributes: up, running, connected

Id: rpcap://\Device\NPF_{cb4e717d-d8a1-4392-bd7d-007e7ce5cd2b}
Name: Network adapter 'WAN Miniport (IPv6)' on local host
Attributes: up, running, connected

Id: rpcap://\Device\NPF_{cb55bd7f-ca82-4e82-b9cf-8cb7cb1db0a9}
Name: Network adapter 'WAN Miniport (IP)' on local host
Attributes: up, running, connected

Id: rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
Name: Network adapter 'OpenVPN Data Channel Offload' on local host
Attributes: up, running, connected

Id: rpcap://\Device\NPF_{f5b8a8af-4770-4d45-991c-1802d0431c1b}
Name: Network adapter 'VirtualBox Host-Only Ethernet Adapter' on local host
Attributes: up, running, connected

Id: rpcap://\Device\NPF_{fb296561-b160-4977-9520-50122bb8cfa3}
Name: Network adapter 'Realtek PCIe GBE Family Controller' on local host
Attributes: up, running, connected

Id: rpcap://\Device\NPF_{a3c5d9fa-16a7-4f9e-a95f-a27b84e2931f}
Name: Network adapter 'sing-tun Tunnel' on local host
Attributes: up, running, connected

Id: rpcap://\Device\NPF_Loopback
Name: Network adapter 'Adapter for loopback traffic capture' on local host
Attributes: loopback, up, running, connected, disconnected, not applicable

Id: rpcap://\Device\NPF_{f591d1c3-893d-4d83-8c7c-e7ad2adde977}
Name: Network adapter 'TAP-Windows Adapter V9' on local host
Attributes: up, running, disconnected

Rdp Object

The rdp object allows you to manage RDP protection settings.

To get detailed help for the rdp object, run the following command:

rdpguard-cli /rdp

The following output will be displayed:

Available commands:

  enabled
  traffic-monitoring
  traffic-monitoring-method
  raw-sockets-addresses
  pcap-adapter
  ports
  exclusions
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /rdp <command>

enabled

The enabled command allows you to enable or disable the RDP protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /rdp enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /rdp enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /rdp enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the RDP protection engine, run the following command:

rdpguard-cli /rdp enabled set on

traffic-monitoring

The traffic-monitoring command allows you to enable or disable RDP traffic monitoring.

To get detailed help for the traffic-monitoring command, run the following command:

rdpguard-cli /rdp traffic-monitoring

The following output will be displayed:

To set the engine traffic monitoring, please use the following syntax:

  rdpguard-cli /rdp traffic-monitoring set <on|off>

  <on|off> - on to enable traffic monitoring and off otherwise

RDP TRAFFIC MONITORING IS USUALLY NOT NEEDED ON WINDOWS SERVER 2012 AND HIGHER

To get the engine traffic monitoring, please use the following syntax:

  rdpguard-cli /rdp traffic-monitoring get

RdpGuard Service restart is required for these changes to take effect

For example, to enable RDP traffic monitoring, run the following command:

rdpguard-cli /rdp traffic-monitoring set on

traffic-monitoring-method

The traffic-monitoring-method command allows you to set the RDP traffic monitoring method.

To get detailed help for the traffic-monitoring-method command, run the following command:

rdpguard-cli /rdp traffic-monitoring-method

The following output will be displayed:

To set the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli /rdp traffic-monitoring-method set <method>

  <method> - engine traffic monitoring method: winpcap, rawsockets

To get the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli /rdp traffic-monitoring-method get

RdpGuard Service restart is required for these changes to take effect

For example, to set the RDP traffic monitoring method to WinPcap, run the following command:

rdpguard-cli /rdp traffic-monitoring-method set winpcap

raw-sockets-addresses

The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.

To get detailed help for the raw-sockets-addresses command, run the following command:

rdpguard-cli /rdp raw-sockets-addresses

The following output will be displayed:

To set the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /rdp raw-sockets-addresses set <addresses>

  <addresses> - comma-separated list of addresses (* - all addresses)

To get the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /rdp raw-sockets-addresses get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored raw sockets addresses to 192.168.1.37 and 127.0.0.1, run the following command:

rdpguard-cli /rdp raw-sockets-addresses set 192.168.1.37,127.0.0.1

pcap-adapter

The pcap-adapter command allows you to set the WinPcap adapter for monitoring.

To get detailed help for the pcap-adapter command, run the following command:

rdpguard-cli /rdp pcap-adapter

The following output will be displayed:

To set the winpcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /rdp pcap-adapter set <adapter-id>

  <adapter-id> - winpcap adapter id (use the /pcap adapters to get one)

To get the winpcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /rdp pcap-adapter get

RdpGuard Service restart is required for these changes to take effect

For example, to set the WinPcap adapter for monitoring to rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}, run the following command:

rdpguard-cli /rdp pcap-adapter set rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}

ports

The ports command allows you to set the monitored ports.

To get detailed help for the ports command, run the following command:

rdpguard-cli /rdp ports

The following output will be displayed:

To set the monitored ports, please use the following syntax:

  rdpguard-cli /rdp ports set <ports>

  <ports> - one or multiple ports, comma-separated

To get the monitored ports, please use the following syntax:

  rdpguard-cli /rdp ports get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored ports to 3389, run the following command:

rdpguard-cli /rdp ports set 3389

exclusions

The exclusions command allows you to set the RDP engine exclusions.

To get detailed help for the exclusions command, run the following command:

rdpguard-cli /rdp exclusions

The following output will be displayed:

To set the engine exclusions, please use the following syntax:

  rdpguard-cli /rdp exclusions set <exclusions>

  <exclusions> - comma separated list of IP addresses or CIDR ranges

To get the engine exclusions, please use the following syntax:

  rdpguard-cli /rdp exclusions get

RdpGuard Service restart is required for these changes to take effect

For example, to set the RDP engine exclusions to exclude logon attempts with the LogonType 4 and the TargetUserName starting with test, run the following command:

rdpguard-cli /rdp exclusions set "LogonType=4 OR TargetUserName=test*"

Please note that exclusions must be enclosed in double quotes if they contain spaces.

get

The get command allows you to get the RDP protection settings.

To get the RDP protection settings, run the following command:

rdpguard-cli /rdp get

For example, the following output will be displayed:

enabled                  : on
traffic-monitoring       : off
traffic-monitoring-method: winpcap
raw-sockets-addresses    : *
pcap-adapter             : rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports                    : 3389
exclusions               : LogonType=4 OR TargetUserName=test*

set

The set command allows you to set the RDP protection settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /rdp set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /rdp set <setting=value>,<setting=value>,..

For example, to set the RDP protection settings in bulk, run the following command:

rdpguard-cli /rdp set enabled=on,traffic-monitoring=off

Ftp Object

The ftp object allows you to manage FTP protection settings.

To get detailed help for the ftp object, run the following command:

rdpguard-cli /ftp

The following output will be displayed:

Available commands:

  enabled
  monitoring-method
  server
  logs
  traffic-monitoring-method
  raw-sockets-addresses
  pcap-adapter
  ports
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /ftp <command>

enabled

The enabled command allows you to enable or disable the FTP protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /ftp enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /ftp enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /ftp enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the FTP protection engine, run the following command:

rdpguard-cli /ftp enabled set on

monitoring-method

The monitoring-method command allows you to set the engine monitoring method.

To get detailed help for the monitoring-method command, run the following command:

rdpguard-cli /ftp monitoring-method

The following output will be displayed:

To set the engine monitoring method, please use the following syntax:

  rdpguard-cli /ftp monitoring-method set <method>

  <method> - engine monitoring method: logs, traffic

To get the engine monitoring method, please use the following syntax:

  rdpguard-cli /ftp monitoring-method get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine monitoring method to logs, run the following command:

rdpguard-cli /ftp monitoring-method set logs

server

The server command allows you to set the FTP server type.

The server must be set if you want to use the logs monitoring method.

To get detailed help for the server command, run the following command:

rdpguard-cli /ftp server

The following output will be displayed:

To set the FTP server type, please use the following syntax:

  rdpguard-cli /ftp server set <server-type>

  <server-type> - FTP server type:

    iis       : Microsoft IIS
    filezilla : FileZilla
    axigen    : Axigen Mail Server (FTP-BACKUP)
    solarwinds: SolarWinds SFTP/SCP
    serv-u    : Serv-U

To get the FTP server type, please use the following syntax:

  rdpguard-cli /ftp server get

RdpGuard Service restart is required for these changes to take effect

For example, to set the FTP server type to Microsoft IIS, run the following command:

rdpguard-cli /ftp server set iis

logs

The logs command allows you to set the the engine monitored logs.

The logs must be set if you want to use the logs monitoring method.

To get detailed help for the logs command, run the following command:

rdpguard-cli /ftp logs

The following output will be displayed:

To set the the engine monitored logs, please use the following syntax:

  rdpguard-cli /ftp logs set <location>

  <location> - one or more comma-separated log locations

To get the engine monitored logs, please use the following syntax:

  rdpguard-cli /ftp logs get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine monitored logs to C:\Temp\iis\ftp-1 and C:\Temp\iis\ftp-2, run the following command:

rdpguard-cli /ftp logs set C:\Temp\iis\ftp-1,C:\Temp\iis\ftp-2

traffic-monitoring-method

The traffic-monitoring-method command allows you to set the engine traffic monitoring method.

To get detailed help for the traffic-monitoring-method command, run the following command:

rdpguard-cli /ftp traffic-monitoring-method

The following output will be displayed:

To set the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli /ftp traffic-monitoring-method set <method>

  <method> - engine traffic monitoring method: winpcap, rawsockets

To get the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli /ftp traffic-monitoring-method get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine traffic monitoring method to WinPcap, run the following command:

rdpguard-cli /ftp traffic-monitoring-method set winpcap

raw-sockets-addresses

The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.

The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.

To get detailed help for the raw-sockets-addresses command, run the following command:

rdpguard-cli /ftp raw-sockets-addresses

The following output will be displayed:

To set the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /ftp raw-sockets-addresses set <addresses>

  <addresses> - comma-separated list of addresses (* - all addresses)

To get the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /ftp raw-sockets-addresses get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored raw sockets addresses to all addresses, run the following command:

rdpguard-cli /ftp raw-sockets-addresses set *

pcap-adapter

The pcap-adapter command allows you to set the WinPcap adapter for monitoring.

Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.

To get detailed help for the pcap-adapter command, run the following command:

rdpguard-cli /ftp pcap-adapter

The following output will be displayed:

To set the WinPcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /ftp pcap-adapter set <adapter-id>

  <adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)

To get the WinPcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /ftp pcap-adapter get

RdpGuard Service restart is required for these changes to take effect

For example, to set the WinPcap adapter for monitoring to rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}, run the following command:

rdpguard-cli /ftp pcap-adapter set rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}

ports

The ports command allows you to set the monitored ports.

To get detailed help for the ports command, run the following command:

rdpguard-cli /ftp ports

The following output will be displayed:

To set the monitored ports, please use the following syntax:

  rdpguard-cli /ftp ports set <ports>

  <ports> - one or multiple ports, comma-separated

To get the monitored ports, please use the following syntax:

  rdpguard-cli /ftp ports get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored ports to 21, run the following command:

rdpguard-cli /ftp ports set 21

get

The get command allows you to get the current FTP protection settings.

To get detailed help for the get command, run the following command:

rdpguard-cli /ftp get

The following output will be displayed:

enabled                  : on
monitoring-method        : logs
server                   : Microsoft IIS
logs                     : C:\Temp\iis\ftp-1,C:\Temp\iis\ftp-2
traffic-monitoring-method: rawsockets
raw-sockets-addresses    : *
pcap-adapter             : rpcap://\Device\NPF_{bdecb3da-0249-409e-b233-fcb8e96bca33}
ports                    : 21

set

The set command allows you to set engine settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /ftp set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /ftp set <setting=value>,<setting=value>,..

HTTP Object

The http object allows you to manage HTTP protection settings.

To get detailed help for the http object, run the following command:

rdpguard-cli /http

The following output will be displayed:

Available commands:

  enabled
  logs
  rules
  use-x-forwarded-for-field
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /http <command>

enabled

The enabled command allows you to enable or disable the HTTP protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /http enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /http enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /http enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the HTTP protection engine, run the following command:

rdpguard-cli /http enabled set on

logs

The logs command allows you to set the engine monitored logs.

To get detailed help for the logs command, run the following command:

rdpguard-cli /http logs

The following output will be displayed:

To set the engine monitored logs, please use the following syntax:

  rdpguard-cli /http logs set <location>

  <location> - one or more comma-separated log locations

To get the engine monitored logs, please use the following syntax:

  rdpguard-cli /http logs get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine monitored logs to C:\inetpub\logs\LogFiles\W3SVC1 and C:\inetpub\logs\LogFiles\W3SVC2, run the following command:

rdpguard-cli /http logs set C:\inetpub\logs\LogFiles\W3SVC1,C:\inetpub\logs\LogFiles\W3SVC2

rules

The rules command allows you to set the detection rules for the HTTP protection engine.

To get detailed help for the rules command, run the following command:

rdpguard-cli /http rules

The following output will be displayed:

To set the detection rules, please use the following syntax:

  rdpguard-cli /http rules set <rules>

  <rules> - HTTP detection rules

To get the detection rules, please use the following syntax:

  rdpguard-cli /http rules get

RdpGuard Service restart is required for these changes to take effect

For example, to set detection rules, run the following command:

rdpguard-cli /http rules set "Status=404,Threshold=15\r\nUri=*/.aws*\r\nUri=*/.env*\r\nUri=*/.git*\r\nUri=*/.hg/*\r\nUri=*/.svn*\r\nUri=*/.vscode*"

use-x-forwarded-for-field

The use-x-forwarded-for-field command allows you to set the Use X-Forwarded-For Field flag.

To get detailed help for the use-x-forwarded-for-field command, run the following command:

rdpguard-cli /rdweb use-x-forwarded-for-field

The following output will be displayed:

To set the Use X-Forwarded-For Field flag status, please use the following syntax:

  rdpguard-cli /http use-x-forwarded-for-field set <on|off>

  <on|off> - on to use the X-Forwarded-For header to read client IP address and off otherwise

DO NOT ENABLE THIS OPTION UNLESS YOU ARE HOSTING YOUR WEBSITE BEHIND A PROXY

To get the Use X-Forwarded-For Field flag status, please use the following syntax:

  rdpguard-cli /http use-x-forwarded-for-field get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the Use X-Forwarded-For Field flag, run the following command:

rdpguard-cli /http use-x-forwarded-for-field set on

get

The get command allows you to get the current HTTP protection settings.

To get detailed help for the get command, run the following command:

rdpguard-cli /http get

The following output will be displayed:

enabled: off
logs   : C:\inetpub\logs\LogFiles\W3SVC1,C:\inetpub\logs\LogFiles\W3SVC2
rules  :

# This is comment, it starts with the # symbol

# Treat each 15 requests with HTTP status 404 as scan attempt
Status=404,Threshold=15

# secrets, environment variables, repository metadata scan
Uri=*/.aws*
Uri=*/.env*
Uri=*/.git*
Uri=*/.hg/*
Uri=*/.svn*
Uri=*/.vscode*

# scan for backups, uncomment if you do not host these archive types
#Uri=/*.bz2
#Uri=/*.tar.gz
#Uri=/*.tgz
#Uri=/*.7z
#Uri=/*.zip, Uri!=/download/*
#Uri=/*.rar

# scan for wordpress files, uncomment if necessary
#Uri=*/wp-content/*
#Uri=*/wp-admin/*
#Uri=*/wp-includes/*
#Uri=*/wp-json/*
#Uri=*/wp-config*
#Uri=*/wp-login.php*

use-x-forwarded-for-field : off

set

The set command allows you to set engine settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /http set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /http set <setting=value>,<setting=value>,..

IMAP Object

The imap object allows you to manage IMAP protection settings.

To get detailed help for the imap object, run the following command:

rdpguard-cli /imap

The following output will be displayed:

Available commands:

  enabled
  monitoring-method
  server
  logs
  traffic-monitoring-method
  raw-sockets-addresses
  pcap-adapter
  ports
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /imap <command>

enabled

The enabled command allows you to enable or disable the IMAP protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /imap enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /imap enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /imap enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the IMAP protection engine, run the following command:

rdpguard-cli /imap enabled set on

monitoring-method

The monitoring-method command allows you to set the engine monitoring method.

To get detailed help for the monitoring-method command, run the following command:

rdpguard-cli /imap monitoring-method

The following output will be displayed:

To set the engine monitoring method, please use the following syntax:

  rdpguard-cli /imap monitoring-method set <method>

  <method> - engine monitoring method: logs, traffic

To get the engine monitoring method, please use the following syntax:

  rdpguard-cli /imap monitoring-method get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine monitoring method to logs (recommended), run the following command:

rdpguard-cli /imap monitoring-method set logs

server

The server command allows you to set the IMAP server type.

The server must be set if you want to use the logs monitoring method.

To get detailed help for the server command, run the following command:

rdpguard-cli /imap server

The following output will be displayed:

To set the IMAP server type, please use the following syntax:

  rdpguard-cli /imap server set <server-type>

  <server-type> - IMAP server type:

    mailenable : MailEnable
    kerio      : Kerio Connect
    hmailserver: hMailServer
    exchange   : MS Exchange
    axigen     : Axigen Mail Server
    mdaemon    : MDaemon Email Server
    smartermail: SmarterMail

To get the IMAP server type, please use the following syntax:

  rdpguard-cli /imap server get

RdpGuard Service restart is required for these changes to take effect

For example, to set the IMAP server type to SmarterMail, run the following command:

rdpguard-cli /imap server set smartermail

logs

The logs command allows you to set the engine monitored logs.

The logs must be set if you want to use the logs monitoring method.

To get detailed help for the logs command, run the following command:

rdpguard-cli /imap logs

The following output will be displayed:

To set the the engine monitored logs, please use the following syntax:

  rdpguard-cli /imap logs set <location>

  <location> - one or more comma-separated log locations

To get the engine monitored logs, please use the following syntax:

  rdpguard-cli /imap logs get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine monitored logs to C:\Temp\smartermail, run the following command:

rdpguard-cli /imap logs set C:\Temp\smartermail

traffic-monitoring-method

The traffic-monitoring-method command allows you to set the engine traffic monitoring method.

To get detailed help for the traffic-monitoring-method command, run the following command:

rdpguard-cli /imap traffic-monitoring-method

The following output will be displayed:

To set the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli

 /imap traffic-monitoring-method set <method>

  <method> - engine traffic monitoring method: winpcap, rawsockets

To get the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli /imap traffic-monitoring-method get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine traffic monitoring method to WinPcap, run the following command:

rdpguard-cli /imap traffic-monitoring-method set winpcap

raw-sockets-addresses

The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.

The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.

To get detailed help for the raw-sockets-addresses command, run the following command:

rdpguard-cli /imap raw-sockets-addresses

The following output will be displayed:

To set the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /imap raw-sockets-addresses set <addresses>

  <addresses> - comma-separated list of addresses (* - all addresses)

To get the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /imap raw-sockets-addresses get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored raw sockets addresses to all addresses, run the following command:

rdpguard-cli /imap raw-sockets-addresses set *

pcap-adapter

The pcap-adapter command allows you to set the WinPcap adapter for monitoring.

Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.

To get detailed help for the pcap-adapter command, run the following command:

rdpguard-cli /imap pcap-adapter

The following output will be displayed:

To set the WinPcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /imap pcap-adapter set <adapter-id>

  <adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)

To get the WinPcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /imap pcap-adapter get

RdpGuard Service restart is required for these changes to take effect

For example, to set the WinPcap adapter for monitoring to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:

rdpguard-cli /imap pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}

ports

The ports command allows you to set the monitored ports.

To get detailed help for the ports command, run the following command:

rdpguard-cli /imap ports

The following output will be displayed:

To set the monitored ports, please use the following syntax:

  rdpguard-cli /imap ports set <ports>

  <ports> - one or multiple ports, comma-separated

To get the monitored ports, please use the following syntax:

  rdpguard-cli /imap ports get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored ports to 143, run the following command:

rdpguard-cli /imap ports set 143

get

The get command allows you to get the current IMAP protection settings.

To get detailed help for the get command, run the following command:

rdpguard-cli /imap get

The following output will be displayed:

enabled                  : off
monitoring-method        : logs
server                   : SmarterMail
logs                     : C:\Temp\smartermail
traffic-monitoring-method: rawsockets
raw-sockets-addresses    : *
pcap-adapter             : rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports                    : 143

set

The set command allows you to set engine settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /imap set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /imap set <setting=value>,<setting=value>,..

POP3 Object

The pop3 object allows you to manage POP3 protection settings.

To get detailed help for the pop3 object, run the following command:

rdpguard-cli /pop3

The following output will be displayed:

Available commands:

  enabled
  monitoring-method
  server
  logs
  traffic-monitoring-method
  raw-sockets-addresses
  pcap-adapter
  ports
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /pop3 <command>

enabled

The enabled command allows you to enable or disable the POP3 protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /pop3 enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /pop3 enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /pop3 enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the POP3 protection engine, run the following command:

rdpguard-cli /pop3 enabled set on

monitoring-method

The monitoring-method command allows you to set the engine monitoring method.

To get detailed help for the monitoring-method command, run the following command:

rdpguard-cli /pop3 monitoring-method

The following output will be displayed:

To set the engine monitoring method, please use the following syntax:

  rdpguard-cli /pop3 monitoring-method set <method>

  <method> - engine monitoring method: logs, traffic

To get the engine monitoring method, please use the following syntax:

  rdpguard-cli /pop3 monitoring-method get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine monitoring method to logs (recommended), run the following command:

rdpguard-cli /pop3 monitoring-method set logs

server

The server command allows you to set the POP3 server type.

The server must be set if you want to use the logs monitoring method.

To get detailed help for the server command, run the following command:

rdpguard-cli /pop3 server

The following output will be displayed:

To set the POP3 server type, please use the following syntax:

  rdpguard-cli /pop3 server set <server-type>

  <server-type> - POP3 server type:

    mailenable : MailEnable
    kerio      : Kerio Connect
    hmailserver: hMailServer
    exchange   : MS Exchange
    axigen     : Axigen Mail Server
    mdaemon    : MDaemon Email Server
    smartermail: SmarterMail
    unknown    : Unknown

To get the POP3 server type, please use the following syntax:

  rdpguard-cli /pop3 server get

RdpGuard Service restart is required for these changes to take effect

For example, to set the POP3 server type to hMailServer, run the following command:

rdpguard-cli /pop3 server set hmailserver

logs

The logs command allows you to set the engine monitored logs.

The logs must be set if you want to use the logs monitoring method.

To get detailed help for the logs command, run the following command:

rdpguard-cli /pop3 logs

The following output will be displayed:

To set the the engine monitored logs, please use the following syntax:

  rdpguard-cli /pop3 logs set <location>

  <location> - one or more comma-separated log locations

To get the engine monitored logs, please use the following syntax:

  rdpguard-cli /pop3 logs get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine monitored logs to C:\Temp\hmailserver, run the following command:

rdpguard-cli /pop3 logs set C:\Temp\hmailserver

traffic-monitoring-method

The traffic-monitoring-method command allows you to set the engine traffic monitoring method.

To get detailed help for the traffic-monitoring-method command, run the following command:

rdpguard-cli /pop3 traffic-monitoring-method

The following output will be displayed:

To set the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli /pop3 traffic-monitoring-method set <method>

  <method> - engine traffic monitoring method: winpcap, rawsockets

To get the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli /pop3 traffic-monitoring-method get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine traffic monitoring method to WinPcap, run the following command:

rdpguard-cli /pop3 traffic-monitoring-method set winpcap

raw-sockets-addresses

The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.

The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.

To get detailed help for the raw-sockets-addresses command, run the following command:

rdpguard-cli /pop3 raw-sockets-addresses

The following output will be displayed:

To set the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /pop3 raw-sockets-addresses set <addresses>

  <addresses> - comma-separated list of addresses (* - all addresses)

To get the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /pop3 raw-sockets-addresses get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored raw sockets addresses to all addresses, run the following command:

rdpguard-cli /pop3 raw-sockets-addresses set *

pcap-adapter

The pcap-adapter command allows you to set the WinPcap adapter for monitoring.

Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.

To get detailed help for the pcap-adapter command, run the following command:

rdpguard-cli /pop3 pcap-adapter

The following output will be displayed:

To set the WinPcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /pop3 pcap-adapter set <adapter-id>

  <adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)

To get the WinPcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /pop3 pcap-adapter get

RdpGuard Service restart is required for these changes to take effect

For example, to set the WinPcap adapter for monitoring to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:

rdpguard-cli /pop3 pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}

ports

The ports command allows you to set the monitored ports.

To get detailed help for the ports command, run the following command:

rdpguard-cli /pop3 ports

The following output will be displayed:

To set the monitored ports, please use the following syntax:

  rdpguard-cli /pop3 ports set <ports>

  <ports> - one or multiple ports, comma-separated

To get the monitored ports, please use the following syntax:

  rdpguard-cli /pop3 ports get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored ports to 110, run the following command:

rdpguard-cli /pop3 ports set 110

get

The get command allows you to get the current POP3 protection settings.

To get detailed help for the get command, run the following command:

rdpguard-cli /pop3 get

The following output will be displayed:

enabled                  : off
monitoring-method        : logs
server                   : hMailServer
logs                     : c:\Temp\hmailserver
traffic-monitoring-method: rawsockets
raw-sockets-addresses    : *
pcap-adapter             :
ports                    : 110

set

The set command allows you to set engine settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /pop3 set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /pop3 set <setting=value>,<setting=value>,..

SMTP Object

The smtp object allows you to manage SMTP protection settings.

To get detailed help for the smtp object, run the following command:

rdpguard-cli /smtp

The following output will be displayed:

Available commands:

  enabled
  monitoring-method
  server
  logs
  traffic-monitoring-method
  raw-sockets-addresses
  pcap-adapter
  ports
  get
  set
  advanced-settings

To get detailed help for an each command please use:

  rdpguard-cli /smtp <command>

enabled

The enabled command allows you to enable or disable the SMTP protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /smtp enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /smtp enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /smtp enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the SMTP protection engine, run the following command:

rdpguard-cli /smtp enabled set on

monitoring-method

The monitoring-method command allows you to set the engine monitoring method.

To get detailed help for the monitoring-method command, run the following command:

rdpguard-cli /smtp monitoring-method

The following output will be displayed:

To set the engine monitoring method, please use the following syntax:

  rdpguard-cli /smtp monitoring-method set <method>

  <method> - engine monitoring method: logs, traffic

To get the engine monitoring method, please use the following syntax:

  rdpguard-cli /smtp monitoring-method get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine monitoring method to logs (recommended), run the following command:

rdpguard-cli /smtp monitoring-method set logs

server

The server command allows you to set the SMTP server type.

The server must be set if you want to use the logs monitoring method.

To get detailed help for the server command, run the following command:

rdpguard-cli /smtp server

The following output will be displayed:

To set the SMTP server type, please use the following syntax:

  rdpguard-cli /smtp server set <server-type>

  <server-type> - SMTP server type:

    mailenable : MailEnable
    kerio      : Kerio Connect
    hmailserver: hMailServer
    exchange   : MS Exchange
    domino     : IBM Domino
    axigen     : Axigen Mail Server
    mdaemon    : MDaemon Email Server
    smartermail: SmarterMail

To get the SMTP server type, please use the following syntax:

  rdpguard-cli /smtp server get

RdpGuard Service restart is required for these changes to take effect

For example, to set the SMTP server type to hMailServer, run the following command:

rdpguard-cli /smtp server set hmailserver

logs

The logs command allows you to set the engine monitored logs.

The logs must be set if you want to use the logs monitoring method.

To get detailed help for the logs command, run the following command:

rdpguard-cli /smtp logs

The following output will be displayed:

To set the the engine monitored logs, please use the following syntax:

  rdpguard-cli /smtp logs set <location>

  <location> - one or more comma-separated log locations

To get the engine monitored logs, please use the following syntax:

  rdpguard-cli /smtp logs get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine monitored logs to C:\Temp\hmailserver, run the following command:

rdpguard-cli /smtp logs set C:\Temp\hmailserver

traffic-monitoring-method

The traffic-monitoring-method command allows you to set the engine traffic monitoring method.

To get detailed help for the traffic-monitoring-method command, run the following command:

rdpguard-cli /smtp traffic-monitoring-method

The following output will be displayed:

To set the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli /smtp traffic-monitoring-method set <method>

  <method> - engine traffic monitoring method: winpcap, rawsockets

To get the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli /smtp traffic-monitoring-method get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine traffic monitoring method to WinPcap, run the following command:

rdpguard-cli /smtp traffic-monitoring-method set winpcap

raw-sockets-addresses

The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.

The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.

To get detailed help for the raw-sockets-addresses command, run the following command:

rdpguard-cli /smtp raw-sockets-addresses

The following output will be displayed:

To set the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /smtp raw-sockets-addresses set <addresses>

  <addresses> - comma-separated list of addresses (* - all addresses)

To get the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /smtp raw-sockets-addresses get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored raw sockets addresses to all addresses, run the following command:

rdpguard-cli /smtp raw-sockets-addresses set *

pcap-adapter

The pcap-adapter command allows you to set the WinPcap adapter for monitoring.

Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.

To get detailed help for the pcap-adapter command, run the following command:

rdpguard-cli /smtp pcap-adapter

The following output will be displayed:

To set the WinPcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /smtp pcap-adapter set <adapter-id>

  <adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)

To get the WinPcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /smtp pcap-adapter get

RdpGuard Service restart is required for these changes to take effect

For example, to set the WinPcap adapter for monitoring to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:

rdpguard-cli /smtp pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}

ports

The ports command allows you to set the monitored ports.

To get detailed help for the ports command, run the following command:

rdpguard-cli /smtp ports

The following output will be displayed:

To set the monitored ports, please use the following syntax:

  rdpguard-cli /smtp ports set <ports>

  <ports> - one or multiple ports, comma-separated

To get the monitored ports, please use the following syntax:

  rdpguard-cli /smtp ports get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored ports to 25, run the following command:

rdpguard-cli /smtp ports set 25

get

The get command allows you to get the current SMTP protection settings.

To get detailed help for the get command, run the following command:

rdpguard-cli /smtp get

The following output will be displayed:

enabled                  : on
monitoring-method        : logs
server                   : hMailServer
logs                     : C:\Temp\hmailserver
traffic-monitoring-method: rawsockets
raw-sockets-addresses    : *
pcap-adapter             :
ports                    : 25
advanced-settings        : failed-web-admin,failed-web-mail,username-enum,relay-attempts,spam-attacks,dns-blacklisted,no-reverse-dns

set

The set command allows you to set engine settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /smtp set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /smtp set <setting=value>,<setting=value>,..

advanced-settings

The advanced-settings command allows you to set advanced SMTP protection settings.

To get detailed help for the advanced-settings command, run the following command:

rdpguard-cli /smtp advanced-settings

The following output will be displayed:

To set advanced SMTP protection settings, please use the following syntax:

  rdpguard-cli /smtp advanced-settings set <settings>

  <settings> - comma-separated list of advanced settings:

    failed-web-admin    : Failed web admin logins
    failed-web-mail     : Failed web mail logins
    username-enum       : Username enumeration attempts
    relay-attempts      : Relay attempts
    spam-attacks        : Spam attacks
    dns-blacklisted     : DNS blacklisted IPs
    no-reverse-dns      : No reverse DNS entries

To get the advanced SMTP protection settings, please use the following syntax:

  rdpguard-cli /smtp advanced-settings get

RdpGuard Service restart is required for these changes to take effect

For example, to set the advanced settings to monitor failed web admin logins and spam attacks, run the following command:

rdpguard-cli /smtp advanced-settings set failed-web-admin,spam-attacks

MySQL Object

The mysql object allows you to manage MySQL protection settings.

To get detailed help for the mysql object, run the following command:

rdpguard-cli /mysql

The following output will be displayed:

Available commands:

  enabled
  log-type
  config-location
  general-log-location
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /mysql <command>

enabled

The enabled command allows you to enable or disable the MySQL protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /mysql enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /mysql enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /mysql enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the MySQL protection engine, run the following command:

rdpguard-cli /mysql enabled set on

log-type

The log-type command allows you to set the MySQL log type.

To get detailed help for the log-type command, run the following command:

rdpguard-cli /mysql log-type

The following output will be displayed:

To set the MySQL log type, please use the following syntax:

  rdpguard-cli /mysql log-type set <log-type>

  <log-type> - application, general

To get the MySQL log type, please use the following syntax:

  rdpguard-cli /mysql log-type get

RdpGuard Service restart is required for these changes to take effect

For example, to set the MySQL log type to application, run the following command:

rdpguard-cli /mysql log-type set application

config-location

The config-location command allows you to set the MySQL config location.

To get detailed help for the config-location command, run the following command:

rdpguard-cli /mysql config-location

The following output will be displayed:

To set the MySQL config location, please use the following syntax:

  rdpguard-cli /mysql config-location set <location>

  <location> - the location of MySQL configuration file

    specify "auto" to automatically detect the location

To get the MySQL config location, please use the following syntax:

  rdpguard-cli /mysql config-location get

RdpGuard Service restart is required for these changes to take effect

For example, to set the MySQL config location to C:\MySql, run the following command:

rdpguard-cli /mysql config-location set C:\MySql

general-log-location

The general-log-location command allows you to set the MySQL general log file location.

To get detailed help for the general-log-location command, run the following command:

rdpguard-cli /mysql general-log-location

The following output will be displayed:

To set the MySQL general log file location, please use the following syntax:

  rdpguard-cli /mysql general-log-location set <location>

  <location> - the location of MySQL general log file

    specify "auto" to automatically detect the location

To get the MySQL general log file location, please use the following syntax:

  rdpguard-cli /mysql general-log-location get

RdpGuard Service restart is required for these changes to take effect

For example, to set the MySQL general log file location to auto, run the following command:

rdpguard-cli /mysql general-log-location set auto

get

The get command allows you to get the current MySQL protection settings.

To get detailed help for the get command, run the following command:

rdpguard-cli /mysql get

The following output will be displayed:

enabled             : off
log-type            : Application
config-location     : C:\Temp
general-log-location: auto

set

The set command allows you to set engine settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /mysql set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /mysql set <setting=value>,<setting=value>,..

MSSQL Object

The mssql object allows you to manage MSSQL protection settings.

To get detailed help for the mssql object, run the following command:

rdpguard-cli /mssql

The following output will be displayed:

Available commands:

  enabled
  events
  18456-exclusions
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /mssql <command>

enabled

The enabled command allows you to enable or disable the MSSQL protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /mssql enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /mssql enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /mssql enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the MSSQL protection engine, run the following command:

rdpguard-cli /mssql enabled set on

events

The events command allows you to set the events to monitor.

To get detailed help for the events command, run the following command:

rdpguard-cli /mssql events

The following output will be displayed:

To set the events to monitor, please use the following syntax:

  rdpguard-cli /mssql events set <ids>

  <ids> - comma-separated list of event IDs to monitor

    supported IDs are: 18456, 17832, 17836

To get the events to monitor, please use the following syntax:

  rdpguard-cli /mssql events get

RdpGuard Service restart is required for these changes to take effect

For example, to set the events to monitor to 18456, 17832, and 17836, run the following command:

rdpguard-cli /mssql events set 18456,17832,17836

18456-exclusions

The 18456-exclusions command allows you to set the exclusions for event ID 18456.

To get detailed help for the 18456-exclusions command, run the following command:

rdpguard-cli /mssql 18456-exclusions

The following output will be displayed:

To set the exclusions for event ID 18456, please use the following syntax:

  rdpguard-cli /mssql 18456-exclusions set <exclusions>

  <exclusions> - comma-separated list of exclusions for event ID 18456
    event is skipped if the Reason field contains any of the exclusion patterns

To get the exclusions for event ID 18456, please use the following syntax:

  rdpguard-cli /mssql 18456-exclusions get

RdpGuard Service restart is required for these changes to take effect

For example, to set the exclusions for event ID 18456, run the following command:

rdpguard-cli /mssql 18456-exclusions set exclusion1,exclusion2

get

The get command allows you to get the current MSSQL protection settings.

To get detailed help for the get command, run the following command:

rdpguard-cli /mssql get

The following output will be displayed:

enabled         : off
events          : 18456,17832,17836
18456-exclusions:

set

The set command allows you to set engine settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /mssql set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /mssql set <setting=value>,<setting=value>,..

SIP Object

The sip object allows you to manage SIP protection settings.

To get detailed help for the sip object, run the following command:

rdpguard-cli /sip

The following output will be displayed:

Available commands:

  enabled
  traffic-monitoring-method
  raw-sockets-addresses
  pcap-adapter
  ports
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /sip <command>

enabled

The enabled command allows you to enable or disable the SIP protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /sip enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /sip enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /sip enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the SIP protection engine, run the following command:

rdpguard-cli /sip enabled set on

traffic-monitoring-method

The traffic-monitoring-method command allows you to set the engine traffic monitoring method.

To get detailed help for the traffic-monitoring-method command, run the following command:

rdpguard-cli /sip traffic-monitoring-method

The following output will be displayed:

To set the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli /sip traffic-monitoring-method set <method>

  <method> - engine traffic monitoring method: winpcap, rawsockets

To get the engine traffic monitoring method, please use the following syntax:

  rdpguard-cli /sip traffic-monitoring-method get

RdpGuard Service restart is required for these changes to take effect

For example, to set the engine traffic monitoring method to WinPcap, run the following command:

rdpguard-cli /sip traffic-monitoring-method set winpcap

raw-sockets-addresses

The raw-sockets-addresses command allows you to set the monitored raw sockets addresses.

The raw sockets addresses must be set if you want to use the raw sockets traffic monitoring method.

To get detailed help for the raw-sockets-addresses command, run the following command:

rdpguard-cli /sip raw-sockets-addresses

The following output will be displayed:

To set the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /sip raw-sockets-addresses set <addresses>

  <addresses> - comma-separated list of addresses (* - all addresses)

To get the monitored raw sockets addresses, please use the following syntax:

  rdpguard-cli /sip raw-sockets-addresses get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored raw sockets addresses to all addresses, run the following command:

rdpguard-cli /sip raw-sockets-addresses set *

pcap-adapter

The pcap-adapter command allows you to set the WinPcap adapter for monitoring.

Pcap adapter must be set if you want to use the WinPcap traffic monitoring method.

To get detailed help for the pcap-adapter command, run the following command:

rdpguard-cli /sip pcap-adapter

The following output will be displayed:

To set the WinPcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /sip pcap-adapter set <adapter-id>

  <adapter-id> - WinPcap adapter id (use the /pcap adapters to get one)

To get the WinPcap adapter for monitoring, please use the following syntax:

  rdpguard-cli /sip pcap-adapter get

RdpGuard Service restart is required for these changes to take effect

For example, to set the WinPcap adapter for monitoring to rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}, run the following command:

rdpguard-cli /sip pcap-adapter set rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}

ports

The ports command allows you to set the monitored ports.

To get detailed help for the ports command, run the following command:

rdpguard-cli /sip ports

The following output will be displayed:

To set the monitored ports, please use the following syntax:

  rdpguard-cli /sip ports set <ports>

  <ports> - one or multiple ports, comma-separated

To get the monitored ports, please use the following syntax:

  rdpguard-cli /sip ports get

RdpGuard Service restart is required for these changes to take effect

For example, to set the monitored ports to 5060, run the following command:

rdpguard-cli /sip ports set 5060

get

The get command allows you to get the current SIP protection settings.

To get detailed help for the get command, run the following command:

rdpguard-cli /sip get

The following output will be displayed:

enabled                  : off
traffic-monitoring-method: winpcap
raw-sockets-addresses    : *
pcap-adapter             : rpcap://\Device\NPF_{b8e2dabc-0428-451d-8039-332efad28f0c}
ports                    : 5060

set

The set command allows you to set engine settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /sip set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /sip set <setting=value>,<setting=value>,..

WebForms Object

The webforms object allows you to manage ASP.NET web forms protection settings.

To get detailed help for the webforms object, run the following command:

rdpguard-cli /webforms

The following output will be displayed:

Available commands:

  enabled
  rules
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /webforms <command>

enabled

The enabled command allows you to enable or disable the ASP.NET web forms protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /webforms enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /webforms enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /webforms enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the WebForms protection engine, run the following command:

rdpguard-cli /webforms enabled set on

rules

The rules command allows you to set the detection rules.

To get detailed help for the rules command, run the following command:

rdpguard-cli /webforms rules

The following output will be displayed:

To set the detection rules, please use the following syntax:

  rdpguard-cli /webforms rules set <rules>

  <rules> - webforms detection rules

To get the detection rules, please use the following syntax:

  rdpguard-cli /webforms rules get

RdpGuard Service restart is required for these changes to take effect

For example, to set the detection rules, run the following command:

rdpguard-cli /webforms rules set EventData1=3003,EventData18=HttpRequestValidationException\r\nEventData1=3005,EventData18=HttpException,EventData19=*ValidateInputIfRequiredByConfig*

Please note, new line characters \r\n are used to separate the rules.

get

The get command allows you to get the current WebForms protection settings.

To get detailed help for the get command, run the following command:

rdpguard-cli /webforms get

The following output will be displayed:

enabled: off
rules  :

EventData1=3003,EventData18=HttpRequestValidationException
EventData1=3005,EventData18=HttpException,EventData19=*ValidateInputIfRequiredByConfig*

set

The set command allows you to set engine settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /webforms set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /webforms set <setting=value>,<setting=value>,..

RDWeb Object

The rdweb object allows you to manage RDWeb protection settings.

To get detailed help for the rdweb object, run the following command:

rdpguard-cli /rdweb

The following output will be displayed:

Available commands:

  enabled
  log-location
  use-x-forwarded-for-field
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /rdweb <command>

enabled

The enabled command allows you to enable or disable the RDWeb protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /rdweb enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /rdweb enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /rdweb enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the RDWeb protection engine, run the following command:

rdpguard-cli /rdweb enabled set on

log-location

The log-location command allows you to set the IIS log files location for RDWeb.

To get detailed help for the log-location command, run the following command:

rdpguard-cli /rdweb log-location

The following output will be displayed:

To set the IIS log files location, please use the following syntax:

  rdpguard-cli /rdweb log-location set <location>

  <location> - the location of RD Web Access website log files

  use 'auto' to automatically discover the log files location

To get the IIS log files location, please use the following syntax:

  rdpguard-cli /rdweb log-location get

RdpGuard Service restart is required for these changes to take effect

For example, to set the log files location to 'auto', run the following command:

rdpguard-cli /rdweb log-location set auto

use-x-forwarded-for-field

The use-x-forwarded-for-field command allows you to set the Use X-Forwarded-For Field flag.

To get detailed help for the use-x-forwarded-for-field command, run the following command:

rdpguard-cli /rdweb use-x-forwarded-for-field

The following output will be displayed:

To set the Use X-Forwarded-For Field flag, please use the following syntax:

  rdpguard-cli /rdweb use-x-forwarded-for-field set <on|off>

  <on|off> - on to use the X-Forwarded-For Field to read client IP address and off otherwise

DO NOT ENABLE THIS OPTION UNLESS YOU ARE HOSTING YOUR RD-WEB ACCESS WEBSITE BEHIND A PROXY

To get the Use X-Forwarded-For Field flag status, please use the following syntax:

  rdpguard-cli /rdweb use-x-forwarded-for-field get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the Use X-Forwarded-For Field feature, please run the following command:

rdpguard-cli /rdweb use-x-forwarded-for-field set on

get

The get command allows you to get the current RDWeb protection settings.

To get detailed help for the get command, run the following command:

rdpguard-cli /rdweb get

The following output will be displayed:

enabled                   : on
log-location              : auto
use-x-forwarded-for-field : off

set

The set command allows you to set engine settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /rdweb set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /rdweb set <setting=value>,<setting=value>,..

MSVPN Object

The msvpn object allows you to manage MSVPN protection settings.

To get detailed help for the msvpn object, run the following command:

rdpguard-cli /msvpn

The following output will be displayed:

Available commands:

  enabled
  get
  set

To get detailed help for an each command please use:

  rdpguard-cli /msvpn <command>

enabled

The enabled command allows you to enable or disable the MSVPN protection engine.

To get detailed help for the enabled command, run the following command:

rdpguard-cli /msvpn enabled

The following output will be displayed:

To set the engine Enabled status, please use the following syntax:

  rdpguard-cli /msvpn enabled set <on|off>

  <on|off> - on to enable engine and off otherwise

To get the engine Enabled status, please use the following syntax:

  rdpguard-cli /msvpn enabled get

RdpGuard Service restart is required for these changes to take effect

For example, to enable the MSVPN protection engine, run the following command:

rdpguard-cli /msvpn enabled set on

get

The get command allows you to get the current MSVPN protection settings.

To get detailed help for the get command, run the following command:

rdpguard-cli /msvpn get

The following output will be displayed:

enabled: off

set

The set command allows you to set engine settings in bulk.

To get detailed help for the set command, run the following command:

rdpguard-cli /msvpn set

The following output will be displayed:

To set engine settings in bulk, please use the following syntax:

  rdpguard-cli /msvpn set <setting=value>,<setting=value>,..
RdpGuard 9.7.9 Free Trial

RdpGuard protects:

Social Connection
RdpGuard Logo
 
People like RdpGuard!
Our customers say

"This sotware is really great. It's a relief. Because my server is constantly under attack. Thanks RdpGuard" - Joaquim De Sousa Marques

"Nice product. I used to implement something similiar in a low-tech and cumbersome manner via a script called TSBlock (not mine). This makes it much easier and is well worth the pricetag for SMB's." - J. Johnson

"Absolutely amazed at your product. We are a church in the North Dallas area, and I discovered this morning multiple failed logon attempts via our Remote Access Server. A friend suggested your product, so I immediately downloaded the trial. It had a list of about five blocked IP addresses in minutes, and that was enough to lead me to push the BUY button. Over the past 10-15 minutes the list is now about thirty with at least a third being international attempts to break into our system. Thanks for a great product. You may have just saved us much grief." - John Hallford

"Love the software. RDP on our Windows servers is just ridiculous. We would block it in the router but we have lots of old-time customers that would have issues." - Scott Hirsch

"Love the software! Makes it easier than tailoring VB Scripts!!" - Nick Brennan

"It's a great product - really stopping those RDP attackers :-)" - Dave, UK

"First of all: Your application is very (!!!) useful and I like it very much securing my 2012 R2 server. RdpGuard is the best solution, I found on the market and after 10 minutes of testing it I ordered the fully-featured version. :-)" - Carsten Baltes

Our Other Products
Copyright © 2012-2024 NetSDK Software. All rights reserved.  Terms of Use.  Privacy Policy.