Updated on 2024-11-15 GMT+08:00

Viewing Server Protection Status

You are advised to periodically check the server protection status and handle security risks in a timely manner to prevent asset loss.

The server list on the Servers & Quota page displays the protection status of only the following servers:
  • Huawei Cloud servers purchased in the selected region
  • Non-Huawei Cloud servers that have been added to the selected region

Viewing Server Protection Status

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > HSS.
  3. In the navigation pane, choose Asset Management > Servers & Quota. On the Servers tab, view the protection status of the server. For more information, see Table 1.

    You can also view the server name, ID, IP address, OS, status, and enterprise project on the Servers page. To select the items to be displayed in the server protection list, click in the upper right corner of the list.

    If your servers are managed by enterprise projects, you can select the target enterprise project to view or operate the asset and detection information.

    Figure 1 Server protection status
    • Searching for a server
      To check the protection status of a server, enter a server name, server ID, or IP address in the search box above the server protection list.
      Figure 2 Searching for a protected server
    • Viewing servers of a certain type

      On the left of the server protection list, select a server protection edition or an asset importance category to view the protection status of each type of servers.

    • Viewing server details

      Hover the cursor on a server name to view the server OS and more details.

    • Viewing server protection information

      In the row containing the server, view the protection status of the server in the Agent Status, Protection Status, and Scan Result columns. For details about related parameters, see Table 1.

      Table 1 Protection description

      Parameter

      Description

      Agent Status

      • Not installed: The agent has not been installed or successfully started.

        Click Install Agent and install the agent as prompted. For details, see Installing an Agent.

      • Online: The agent is running properly.
      • Offline: The communication between the agent and the HSS server is abnormal, and HSS cannot protect your servers.
        NOTE:

        For an IDC server, its information will be automatically deleted from the server management page after its agent goes offline for 30 days.

      Protection Status

      • Enabled: The server is fully protected by HSS.
      • Unprotected: HSS is disabled for the server. After the agent is installed, click Enable in the Operation column to enable protection.
      • Protection interrupted: The server is not protected, because the HSS protection server is interrupted. You can hover the cursor on next to Protection interrupted to view the cause.

      Scan Results

      • Risky: The host has risks. Hover the cursor over Risky to view the risk distribution.
      • Safe: No risks are found.
      • Pending risk detection: HSS is not enabled for the server.

Viewing the WTP Status

  1. Log in to the management console and go to the HSS page.
  2. Choose Server Protection > Web Tamper Protection and click Servers to view the protection status of the servers.

    To check the protection status of a target server, enter a server name, server ID, or IP address in the search box above the protection list, and click .

    If your servers are managed by enterprise projects, you can select an enterprise project to view or operate the asset and scan information.

    Figure 3 Servers protected by WTP
    Table 2 Statuses

    Parameter

    Description

    Protection Status

    Protected: HSS provides static web tamper protection (WTP) for the server.

    Dynamic WTP

    Status of dynamic WTP, which can be:
    • : Dynamic WTP is enabled.
    • : Dynamic WTP is disabled. (After enabling dynamic WTP, restart Tomcat to make this setting take effect.)

    Static Tampering Attacks

    Number of times that static web page files are attacked and tampered with.

    Dynamic Tampering Attacks

    Number of web application vulnerability exploits and injection attacks.