Help Center/
Host Security Service (New)/
FAQs/
Brute-force Attack Defense/
What Do I Do If a Huawei Cloud IP Address Trigger a Brute-force Attack Alarm?
Updated on 2024-06-28 GMT+08:00
What Do I Do If a Huawei Cloud IP Address Trigger a Brute-force Attack Alarm?
An alarm indicates that an attack was detected. It does not mean your cloud servers have been intruded.
If you receive an alarm, handle it and take countermeasures in a timely manner.
Possible Cause
Some Huawei Cloud servers users use simple passwords or common ports, or do not use any security protection products. These users' accounts can be easily cracked. Attackers can exploit the accounts and attack other users. In this way, alarms are reported from the IP addresses of the exploited accounts.
Solution
- Restrict access from the IP addresses that triggered alarms. For details, see Adding a Security Group Rule.
- When brute-force attacks are detected, they are blocked immediately and alarms are reported. Handle the alarm within seven days, or the EIPs that triggered alarms will be blocked until their alarms are handled.
- You can enhance security by setting strong passwords and changing ports. For details, see How Do I Defend Against Brute-force Attacks?
- You can purchase HSS to protect your servers. For more information, see Purchase HSS Quota. For details about HSS editions, see Editions.
Parent topic: Brute-force Attack Defense
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
