Help Center/ Host Security Service/ User Guide (Kuala Lumpur Region)/ and Accessing HSS/ Enabling Protection
Updated on 2025-10-10 GMT+08:00
View PDF
Share

Enabling Protection

Enabling the Enterprise/Premium Edition

  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project.
  3. In the upper left corner of the page, click and choose Security > Host Security Service.
  4. In the navigation pane on the left, choose Asset Management > Servers & Quota.
  5. Click OK. If the Protection Status of the target server is Enabled, the enterprise or premium edition has been enabled.

    • A quota can be bound to a server to protect it, on condition that the agent on the server is online.
    • After HSS is enabled, it will scan your servers for security issues. Check items vary according to the edition you enabled.

  6. (Optional) Configure alarm notification, protection policies, server login protection, and malicious program isolation and removal.

    • Configuring alarm notifications

      After HSS is enabled, alarms are displayed on the console by default. To learn the security risks of servers, containers, or web pages in a timely manner, you can enable alarm notification, and HSS will notify you of risks by SMS or email. For details, see Alarm Configuration.

    • Configuring protection policies

      Each HSS edition provides a group of protection policies preset with default settings. You can enable or disable policies and adjust protection rules as needed. For details, see Policy Management.

    • Configuring login protection

      To enhance server login security, perform the operations in Enabling 2FA, Configuring Common Login Locations, Configuring Common Login IP Addresses, and Configuring an SSH Login IP Address Whitelist.

    • Enabling malicious program isolation and removal

      If this function is enabled, HSS will automatically isolate identified malicious programs, such as backdoors, Trojans, and worms, to help you handle security risks. For details, see Isolating and Killing Malicious Programs.

Enabling Web Tamper Protection

  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project.
  3. In the upper left corner of the page, click and choose Security > Host Security Service.
  4. In the navigation pane, choose Server Protection > Web Tamper Protection. On the Web Tamper Protection page, click Add Server.
  5. On the Add Server page, click the Available Servers tab. Select the target server, and click Add and Enable Protection.
  6. You can check the server protection status on the Web Tamper Protection page.

    • Choose Server Protection > Web Tamper Protection. If the Protection Status of the server is Protected, WTP has been enabled.
    • After WTP is enabled for a website, if you need to update the website, add a privileged process or temporarily disable WTP. Enable WTP after the update is complete. Otherwise, the website will fail to be updated. Your website is not protected while WTP is disabled. Enable it immediately after updating your website.

Enabling Container Protection

  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project.
  3. In the upper left corner of the page, click and choose Security > Host Security Service.
  4. In the navigation pane, choose Asset Management > Containers & Quota.
  5. In the row of a server, click Enable Protection in the Operation column. The confirmation dialog box is displayed.

  6. Confirm the node information and select a billing mode.

  7. Read the Host Security Service Disclaimer and select I have read and agree to the Container Guard Service Disclaimer.
  8. Click OK. If the Protection Status of the node changes to Protected, protection has been enabled.
  9. (Optional) Configure alarm notification, protection policies, server login protection, and malicious program isolation and removal.

    • Configuring alarm notifications

      After HSS is enabled, alarms are displayed on the console by default. To learn the security risks of servers, containers, or web pages in a timely manner, you can enable alarm notification, and HSS will notify you of risks by SMS or email. For details, see Alarm Configuration.

    • Configuring protection policies

      Each HSS edition provides a group of protection policies preset with default settings. You can enable or disable policies and adjust protection rules as needed. For details, see Policy Management.

    • Configuring login protection

      To enhance server login security, perform the operations in Enabling 2FA, Configuring Common Login Locations, Configuring Common Login IP Addresses, and Configuring an SSH Login IP Address Whitelist.

    • Enabling malicious program isolation and removal

      If this function is enabled, HSS will automatically isolate identified malicious programs, such as backdoors, Trojans, and worms, to help you handle security risks. For details, see Isolating and Killing Malicious Programs.

Viewing Scan Details

After server protection is enabled, HSS will immediately perform a comprehensive scan on the server. It may take a long time. After the scan is complete, you can check its details.

  1. Choose Asset Management > Servers & Quota. Locate the server on the Servers tab page.
  2. Check the Risk Level column of the server.

    Table 1 Risk status

    Status

    Description

    Pending risk detection

    The server is neither protected nor scanned.

    Safe

    No risks were found in the comprehensive scan on the server; or the protection has just been enabled, and no risks have been found yet.

    Risky

    The server has security risks.

  3. Hover the cursor over the risk status to view the risk distribution.

    You can click a value to go to the details page.

Advanced Protection

HSS provides a series of advanced defense functions. You can enable or use them as required to enhance the security of your servers and containers. For details, see Table 2.

Table 2 Advanced protection

Function

Description

Version Restriction

Application Protection

To protect your applications with RASP, you simply need to add probes to them, without having to modify application files.

Premium, WTP, and container editions

Ransomware Prevention

The function can detect and defend against ransomware. It can automatically back up data either at a scheduled time, or immediately if ransomware is detected. This can help you defend against ransomware and reduce loss.

Ransomware prevention is automatically enabled with the container edition. HSS will deploy honeypot files on servers and automatically isolate suspicious encryption processes. You can modify the ransomware protection policy.

Premium, WTP, and container editions

Application Process Control

Application process control helps to enhance the security of applications and processes running on servers. It can automatically identify and analyze application processes, and classify them into trusted, suspicious, and malicious processes. It allows trusted processes to run, and generates alarms for suspicious and malicious processes. This helps to build a secure environment for application processes, and protects servers from untrusted or malicious application processes.

Premium, WTP, and container editions

Virus Scanning and Removal

This function combines cloud-based and local antivirus mechanisms to scan executable files, compressed files, scripts, documents, images, and audiovisual files for viruses. You can perform quick scan, full-disk scan, and custom scans on servers as needed to detect and remove virus files in a timely manner, enhancing the virus defense of the system.

Professional, enterprise, premium, WTP, and container editions

Dynamic Port Honeypot

The dynamic port honeypot function is a proactive defense measure. It uses a real port as a honeypot port to induce attackers to access the network. In the horizontal penetration scenario, the function can effectively detect attackers' scanning, identify compromised servers, and protect real user resources.

Premium, WTP, and container editions

Container Firewall

The container firewall can isolate pods, workloads, and nodes in a network to prevent lateral movement and minimize permissions, and enhancing security and stability.

Container edition

Container Cluster Protection

HSS can check for non-compliance baseline issues, vulnerabilities, and malicious files when a container image is started and report alarms on or block container startup that has not been unauthorized or may incur high risks.

Container edition