Help Center> Host Security Service (New)> FAQs> Unsafe Settings> How Do I Handle Unsafe Configurations?
Updated on 2023-01-20 GMT+08:00

How Do I Handle Unsafe Configurations?

The HSS service automatically performs a configuration detection for servers. You can repair risky configuration items or ignore the configuration items you trust based on the detection result.

  • Modifying unsafe configuration items

    View details about a detection rule, verify the detection result based on the audit description, and handle the exception based on the modification recommendation.

    You are advised to repair the configurations with a high threat level immediately. The configurations with a medium or low threat level can be fixed later based on service requirements.

  • Ignoring trusted configuration items
    1. Click the name of an ECS to view its details. Choose Baseline Checks > Unsafe Configurations.
    2. Locate the target risk item, click in front of its name to expand the check items and click Ignore in the Operation column. You can also select multiple detection rules and click Ignore in the upper part of the page to ignore them in batches.
      Figure 1 Ignoring a risky configuration

      To unignore an ignored detection rule, click Unignore in the Operation column. You can also select multiple ignored detection rules and click Unignore in the upper part of the page to unignore them in batches.

      Figure 2 Unignoring malicious programs
  • Verification

    After modifying configuration items, you are advised to choose Prediction > Vulnerabilities and click Scan to perform manual scan immediately to verify the result.

Unsafe Settings FAQs

more