Help Center>
Host Security Service (Old)>
FAQs>
Alarm and Event Management>
Intrusions>
What Should I Do If I Find My Servers Attacking Others?
Updated on 2022-08-11 GMT+08:00
What Should I Do If I Find My Servers Attacking Others?
If your servers are launching attacks, they may be infected with Trojans. You are advised to reinstall the OS and set strong passwords to harden the servers and applications such as phpStudy and Redis. Countermeasures include:
- Set strong passwords for all accounts. Do not use default passwords or other passwords that are easy to guess.
- Configure security group policies. Set fixed access IP addresses for non-public service ports to avoid its exposure to the Internet.
- Update the system and applications, installing the latest patches in a timely manner.
- Regularly back up data.
- Delete or rename the phpmyadmin folder.
Parent topic: Intrusions
Intrusions FAQs
- What Do I Do If My Servers Are Subjected to a Mining Attack?
- Why a Process Is Still Isolated After It Was Whitelisted?
- What Should I Do If a Mining Process Is Detected on a Server?
- What Should I Do If I Find My Servers Attacking Others?
- Why Some Attacks on Servers Are Not Detected?
- Can I Unblock an IP Address Blocked by HSS, and How?
- Why a Blocked IP Address Is Automatically Unblocked?
- What Do I Do If an IP Address Is Blocked by HSS?
- How Do I Defend Against Ransomware Attacks?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore