- Service Overview
- Getting Started
-
User Guide
- Granting Permissions to Use FlexusL Instances Through IAM
- Purchasing a FlexusL Instance
- Remotely Logging In to a FlexusL Instance
- Managing FlexusL Instances
- Managing Images
- Managing EVS Disks
- Managing Server Security
- Managing Backups
- Managing Domain Names
- Monitoring
-
Best Practices
- Best Practices for FlexusL
-
Setting Up a Website
- Managing Servers Using the BT Panel
- Building a WordPress Website
- Using Matomo to Build a Website Traffic Statistics System
- Using Odoo to Build an ERP System
- Using Moodle to Build an Online Learning System
- Using Joomla to Build a Content Management System
- Using Ghost to Build a Personal Blog
- Using EspoCRM to Build a Content Management System
- Setting Up the Development Environment
- Setting Up an Application
- Server Migration
- API Reference
-
FAQs
-
Product Consulting
- What Are the Differences Among FlexusL, FlexusX, and ECS?
- How Do I Find My Purchased FlexusL Instances on the Management Console?
- Where Can I View the FlexusL Instance ID and Cloud Server ID Packaged in the FlexusL Instance?
- Can I Migrate Cloud Servers to FlexusL?
- What Should I Do If I Do Not Have Permissions to Purchase FlexusL?
- What Regions Does FlexusL Support?
- What Is the Relationship Among FlexusL Instances, the Dashboard, and the O&M Page?
- Billing
- Creation and Unsubscription
- Specification Changes
-
OS and Image
- Do FlexusL OS Images Provide Visualized Dashboards?
- What Should I Do If a Private Image Cannot Be Used to Create a FlexusL Instance or Change the OS of a FlexusL Instance Because the Password Reset Plug-in Is Not Installed on the Image or the Image's onekey_resetpasswd Tag Is Missing?
- How Do I Check that an Application Image Has Been Up and Running?
- How Do I View the Applications That Are Installed in the FlexusL Application Images by Default?
- Why Can't I Open the Dashboard of the Application Pre-installed in the Application Image?
- How Do I Upgrade the BT Panel?
- Why Can't I Access the Dashboard of the Application Pre-installed in the Application Image After Entering the Initial Username and Password?
- What Do I Do If HSS Is Not Started After I Use a Private Image to Create a FlexusL Instance or Change the OS of an Instance?
- Remote Login
-
Password
- What Are the Username and Password for Remotely Logging In to a FlexusL Instance Server?
- What Can I Do If I Forget the Login Password of a FlexusL Instance?
- What Should I Do If the Password Cannot Be Reset After I Use a Private Linux Image to Create a FlexusL Instance or Change the OS of an Existing FlexusL Instance and I Forgot the Initial Password of the Private Image?
- What Should I Do If the Password Cannot Be Reset After I Use a Private Linux Image to Create a FlexusL Instance or Change the OS of an Existing FlexusL Instance and I Know the Initial Password of the Private Image?
-
Network
- Does a FlexusL Instance Have an EIP?
- Can I Change the Public and Private IP Addresses of a FlexusL Instance?
- How Do I Use Data Packages in FlexusL Instances?
- How Do I View the Traffic Usage of My FlexusL Instance?
- Can I Add a Data Package to a FlexusL Instance?
- What Do I Do If My FlexusL Instance Freezes?
- How Does FlexusL Instances Communicate with Each Other and with Other Cloud Resources Over a Private Network?
-
EVS Disks
- How Do I Detach or Unsubscribe from a System or Data Disk of a FlexusL Instance?
- Can I Use EVS Disk Snapshots to Back Up FlexusL Instance Data?
- Can EVS Disks of FlexusL Instances Be Expanded?
- Can I Change the EVS Disk Type for a FlexusL Instance?
- Can I Attach Existing Data Disks to My FlexusL Instances?
-
Product Consulting
- General Reference
Copied.
Overview
If FlexusL instances are not protected, they may be attacked by viruses, resulting in data leakage or data loss. This section describes common measures to improve FlexusL instance security.
Security Protection
FlexusL instances can be protected externally and internally.
|
Type |
Description |
Protection Method |
|---|---|---|
|
External security |
DDoS attacks and Trojan horses or other viruses are common external security issues. To address these issues, you can enable Host Security Service (HSS) to protect your FlexusL instances. |
|
|
Internal security |
Weak passwords and incorrect ports opening may cause internal security issues. Improving the internal security is the key to improving the instance security. If the internal security is not improved, external security solutions cannot effectively intercept and block various external attacks. |
Enabling HSS
HSS is designed to improve the overall security for cloud servers. It helps you identify and manage the assets on your servers, eliminate risks, and defend against intrusions and web page tampering. There are also advanced protection and security operations functions available to help you easily detect and handle threats.
- You can enable HSS (basic edition) when purchasing a FlexusL instance. After the purchase, your instance is automatically protected.
- You can also enable HSS on the HSS console after the FlexusL instance is purchased.
For details about how to enable HSS, see Configuring HSS for a FlexusL Instance.
Backing Up Data Periodically
CBR enables you to back up FlexusL instances and disks with ease. In case of a virus attack, accidental deletion, or software or hardware fault, you can restore data to any point when the data was backed up. CBR protects your services by ensuring the security and consistency of your data.
- You can enable CBR when purchasing a FlexusL instance. After the purchase, CBR automatically backs up the FlexusL instance based on the default backup policy.
- You can also enable CBR on the CBR console after the FlexusL instance is purchased.
For details, see Backing Up a FlexusL Instance.
Enhancing the Login Password Strength
To ensure the security of your FlexusL instance, you can set a strong login password by following these guidelines:
- Set a password which consists of at least 10 characters.
- Do not use easily guessed passwords (for example, passwords in common rainbow tables or passwords with adjacent keyboard characters). The password must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters.
- Do not use your username or any part of it, such as administrator, test, root, oracle, and mysql.
- Change the password at least every 90 days.
- Do not reuse the latest five passwords.
- Set different passwords for different applications. Do not use the same password for multiple applications.
Improving the Port Security
A security group is a collection of access control rules for cloud servers in a VPC. You can define access rules for a security group to protect the cloud servers in this group.
You can configure security group rules to control access to or from specific ports. You are advised to disable high-risk ports and only enable necessary ports.
Table 2 lists some high-risk ports. Do not use these ports for your services.
Periodically Upgrading the OS
After a FlexusL instance is created, you need to maintain and periodically upgrade the OS. Officially released vulnerabilities will be published in Security Notices.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
