Updated on 2025-08-15 GMT+08:00

Enabling Ransomware Prevention

Function

To enable ransomware protection, ensure CBR is available in the region. Ransomware prevention works with CBR.

Calling Method

For details, see Calling APIs.

URI

POST /v5/{project_id}/ransomware/protection/open

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Definition

Project ID, which is used to specify the project that an asset belongs to. After the project ID is configured, you can query assets in the project using the project ID. For details about how to obtain it, see Obtaining a Project ID.

Constraints

N/A

Range

The value contains 1 to 256 characters.

Default Value

N/A

Table 2 Query Parameters

Parameter

Mandatory

Type

Description

enterprise_project_id

No

String

Definition

Enterprise project ID, which is used to filter assets in different enterprise projects. For details, see Obtaining an Enterprise Project ID.

To query assets in all enterprise projects, set this parameter to all_granted_eps.

Constraints

You need to set this parameter only after the enterprise project function is enabled.

Range

The value can contain 1 to 256 characters.

Default Value

0: default enterprise project.

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Definition

User token, which contains user identity and permissions. The token can be used for identity authentication when an API is called. For details about how to obtain the token, see Obtaining a User Token.

Constraints

N/A

Range

The value can contain 1 to 32,768 characters.

Default Value

N/A

region

No

String

Definition

Region ID, which is used to query assets in the required region. For details about how to obtain a region ID, see Obtaining a Region ID.

Constraints

N/A

Range

The value can contain 0 to 128 characters.

Default Value

N/A

Table 4 Request body parameters

Parameter

Mandatory

Type

Description

operating_system

Yes

String

Definition

OS supported by the policy.

Constraints

N/A

Range

Its value can be:

  • Windows

  • Linux

Default Value

N/A

ransom_protection_status

Yes

String

Definition

Whether ransomware prevention is enabled. If ransomware prevention is enabled, specify either protection_policy_id or create_protection_policy.

Constraints

N/A

Range

Its value can be:

  • closed

  • opened

Default Value

N/A

protection_policy_id

No

String

Definition

Ransomware prevention policy ID. This parameter is mandatory if you select an existing protection policy when enabling ransomware protection.

Constraints

N/A

Range

You can enter 0 to 64 characters.

Default Value

N/A

create_protection_policy

No

ProtectionProxyInfoRequestInfo object

Definition

Create a protection policy. If you enable ransomware protection and create a protection policy, protection_policy_id is left blank and create_protection_policy is mandatory.

Constraints

N/A

Range

The value can contain 0 to 64 characters.

Default Value

N/A

backup_protection_status

Yes

String

Definition

Whether server backup is enabled. If server backup is enabled, backup_cycle is mandatory.

Constraints

N/A

Range

Its value can be:

  • closed

  • opened

Default Value

N/A

backup_resources

No

BackupResources object

Definition

This parameter is mandatory if backup is enabled. If this parameter is left blank, HSS is compatible with the vault bound to HSS_projectid.

Constraints

N/A

Range

0 to 20 BackupResources objects

Default Value

N/A

backup_policy_id

No

String

Definition

Backup policy ID.

Constraints

N/A

Range

You can enter 0 to 64 characters.

Default Value

N/A

backup_cycle

No

UpdateBackupPolicyRequestInfo1 object

Backup policy.

agent_id_list

Yes

Array of strings

Definition

IDs of agents where protection is enabled.

Constraints

N/A

Range

The list can contain 0 to 64 items.

Default Value

N/A

host_id_list

Yes

Array of strings

Definition

IDs of servers where protection is enabled.

Constraints

N/A

Range

The list can contain 0 to 64 items.

Default Value

N/A

Table 5 ProtectionProxyInfoRequestInfo

Parameter

Mandatory

Type

Description

policy_id

No

String

Definition

Policy ID. This parameter is optional for a new policy.

Constraints

N/A

Range

You can enter 0 to 64 characters.

Default Value

N/A

policy_name

No

String

Definition

Policy name. This parameter is mandatory when you create a protection policy.

Constraints

N/A

Range

You can enter 0 to 64 characters.

Default Value

N/A

protection_mode

No

String

Definition

Protection action. This parameter is mandatory when you create a protection policy.

Constraints

N/A

Range

Its value can be:

  • alarm_and_isolation: Report an alarm and isolate

  • alarm_only: Only report an alarm

Default Value

N/A

bait_protection_status

No

String

Definition

Whether to enable honeypot protection. This parameter is mandatory when you create a protection policy.

Constraints

N/A

Range

The option is as follows:

  • opened

Default Value

N/A

protection_directory

No

String

Definition

Protected directory. This parameter is mandatory when you create a protection policy.

Constraints

Separate multiple directories with semicolons (;). You can configure up to 20 directories.

Range

The value can contain 0 to 128 characters. Only the following special characters are allowed: ._+-. The value cannot start with a space. Up to 256 characters are allowed.

Default Value

N/A

protection_type

No

String

Definition

Protected file type, for example, .docx, .txt, or .avi. This parameter is mandatory when you create a protection policy.

Constraints

N/A

Range

The value can contain 0 to 128 characters.

Default Value

N/A

exclude_directory

No

String

Definition

(Optional) Excluded directory.

Constraints

Separate multiple directories with semicolons (;). You can configure up to 20 excluded directories.

Range

The value can contain 0 to 128 characters. Only the following special characters are allowed: ._+-. The value cannot start with a space. Up to 256 characters are allowed.

Default Value

N/A

runtime_detection_status

No

String

Definition

Whether to perform runtime checks.

Constraints

N/A

Range

Currently, it can only be disabled. This field is reserved.

  • closed

Default Value

N/A

operating_system

No

String

Definition

OS that supports the policy. This parameter is mandatory when you create a protection policy.

Constraints

N/A

Range

The options are as follows:

  • Windows

  • Linux

Default Value

N/A

process_whitelist

No

Array of TrustProcessInfo objects

Process whitelist

Table 6 TrustProcessInfo

Parameter

Mandatory

Type

Description

path

No

String

Definition

Process path.

Constraints

N/A

Range

The value can contain 0 to 128 characters.

Default Value

N/A

hash

No

String

Definition

Process hash.

Constraints

N/A

Range

The value can contain 0 to 128 characters.

Default Value

N/A

Table 7 BackupResources

Parameter

Mandatory

Type

Description

vault_id

No

String

Parameter description:

Select the ID of the vault to be bound. The value cannot be empty.

Constraints:

N/A

Options:

The value contains 0 to 64 characters.

Default value:

N/A

resource_list

No

Array of ResourceInfo objects

Definition

List of servers for which the backup function needs to be enabled.

Constraints

N/A

Range

0 to 20 server IDs

Default Value

N/A

Table 8 ResourceInfo

Parameter

Mandatory

Type

Description

host_id

No

String

Definition

Server ID.

Constraints

N/A

Range

The value can contain 0 to 128 characters.

Default Value

N/A

history_backup_status

No

String

Definition

Whether to enable backup status depends on error_message or status of available servers. If error_message is left blank, backup is not enabled and the value of this field is closed. If error_message has a value, the value of this field is opened.

Constraints

N/A

Range

  • closed: Backup is disabled.

  • opened: Backup is enabled.

Default Value

N/A

Table 9 UpdateBackupPolicyRequestInfo1

Parameter

Mandatory

Type

Description

enabled

No

Boolean

Definition

Whether the policy is enabled.

Constraints

N/A

Range

  • true: The policy is enabled.

  • false: The policy is disabled.

Default Value

true

policy_id

No

String

Definition

Policy ID. This parameter is mandatory if backup protection is enabled.

Constraints

N/A

Range

The value contains 1 to 256 characters.

Default Value

N/A

operation_definition

No

OperationDefinitionRequestInfo object

Definition

Scheduling parameter.

Constraints

N/A

Range

The value range is 0 to 100.

Default Value

N/A

trigger

No

BackupTriggerRequestInfo1 object

Definition

Time scheduling rule for the policy.

Constraints

N/A

Range

N/A

Default Value

N/A

Table 10 OperationDefinitionRequestInfo

Parameter

Mandatory

Type

Description

day_backups

No

Integer

Definition

Number of daily backups retained, which is not affected by the allowed maximum number of retained backups. If this parameter is configured, timezone is mandatory.

Constraints

N/A

Range

The value range is 0 to 100.

Default Value

N/A

max_backups

No

Integer

Definition

Maximum number of backups that can be automatically created for an object. If the value is set to -1, backups will not be cleared when they reach the quantity limit. If this parameter and retention_duration_days are both left blank, the backups will be retained permanently.

Constraints

N/A

Range

The value can be -1 or in the range 1 to 99,999.

Default Value

-1

month_backups

No

Integer

Definition

Number of monthly backups retained, which is not affected by the allowed maximum number of retained backups. If this parameter is configured, timezone is mandatory.

Constraints

N/A

Range

The value range is 0 to 100.

Default Value

N/A

retention_duration_days

No

Integer

Definition

Backup retention period, in days. The maximum value is 99,999. If the value is set to -1, backups will not be cleared by retention duration. If this parameter and max_backups are both left blank, the backups will be retained permanently.

Constraints

N/A

Range

Value range: -1 to 99,999

Default Value

-1

timezone

No

String

Definition

Time zone where the user is located, for example, UTC+08:00

Constraints

This parameter cannot be set if none of the yearly, monthly, weekly, and daily backup parameters is selected.

Range

  • UTC+05:00

  • UTC+06:00

  • UTC+07:00

...

Default Value

N/A

week_backups

No

Integer

Definition

Number of weekly backups retained, which is not affected by the allowed maximum number of retained backups. If this parameter is configured, timezone is mandatory.

Constraints

N/A

Range

The value range is 0 to 100.

Default Value

N/A

year_backups

No

Integer

Definition

Number of yearly backups retained, which is not affected by the allowed maximum number of retained backups. If this parameter is configured, timezone is mandatory.

Constraints

N/A

Range

The value range is 0 to 100.

Default Value

N/A

Table 11 BackupTriggerRequestInfo1

Parameter

Mandatory

Type

Description

properties

No

BackupTriggerPropertiesRequestInfo1 object

Definition

Time rule for policy execution. This parameter is mandatory if the backup function is enabled with ransomware protection.

Constraints

N/A

Range

N/A

Default Value

N/A

Table 12 BackupTriggerPropertiesRequestInfo1

Parameter

Mandatory

Type

Description

pattern

No

Array of strings

Definition

Scheduling rule. This parameter is mandatory if the backup function is enabled with ransomware protection.

Constraints

A maximum of 24 rules can be configured.

Range

Scheduling rule. It complies with iCalendar RFC 2445, but it supports only parameters FREQ, BYDAY, BYHOUR, BYMINUTE, and INTERVAL. FREQ can be set only to WEEKLY or DAILY. BYDAY* can be set to MO, TU, WE, TH, FR, SA, or SU (seven days of a week). BYHOUR ranges from 0 to 23 hours. BYMINUTE ranges from 0 minutes to 59 minutes. The scheduling interval must not be less than 1 hour. A maximum of 24 time points can be configured in a day. For example, if the scheduling time is 14:00 from Monday to Sunday, set the scheduling rule as follows: 'FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR,SA,SU;BYHOUR=14;BYMINUTE=00' To start scheduling at 14:00 every day, the rule is as follows: FREQ=DAILY;INTERVAL=1;BYHOUR=14;BYMINUTE=00'

Default Value

N/A

Response Parameters

Status code: 200

Request succeeded.

None

Example Requests

Enable ransomware protection for the server. The OS type is Linux, the target server ID is 71a15ecc-049f-4cca-bd28-5e90aca1817f, and the agent ID of the target server is c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8. Server backup is disabled.

POST https://{endpoint}/v5/{project_id}/ransomware/protection/open

{
  "ransom_protection_status" : "opened",
  "backup_protection_status" : "closed",
  "operating_system" : "Linux",
  "protection_policy_id" : "",
  "agent_id_list" : [ "c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8" ],
  "host_id_list" : [ "71a15ecc-049f-4cca-bd28-5e90aca1817f" ],
  "create_protection_policy" : {
    "bait_protection_status" : "opened",
    "exclude_directory" : "",
    "protection_mode" : "alarm_only",
    "policy_name" : "test111",
    "protection_directory" : "/etc/test",
    "protection_type" : "docx"
  }
}

Example Responses

None

SDK Sample Code

The SDK sample code is as follows.

Enable ransomware protection for the server. The OS type is Linux, the target server ID is 71a15ecc-049f-4cca-bd28-5e90aca1817f, and the agent ID of the target server is c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8. Server backup is disabled.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.hss.v5.region.HssRegion;
import com.huaweicloud.sdk.hss.v5.*;
import com.huaweicloud.sdk.hss.v5.model.*;

import java.util.List;
import java.util.ArrayList;

public class StartProtectionSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        HssClient client = HssClient.newBuilder()
                .withCredential(auth)
                .withRegion(HssRegion.valueOf("<YOUR REGION>"))
                .build();
        StartProtectionRequest request = new StartProtectionRequest();
        ProtectionInfoRequestInfo body = new ProtectionInfoRequestInfo();
        List<String> listbodyHostIdList = new ArrayList<>();
        listbodyHostIdList.add("71a15ecc-049f-4cca-bd28-5e90aca1817f");
        List<String> listbodyAgentIdList = new ArrayList<>();
        listbodyAgentIdList.add("c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8");
        ProtectionProxyInfoRequestInfo createProtectionPolicybody = new ProtectionProxyInfoRequestInfo();
        createProtectionPolicybody.withPolicyName("test111")
            .withProtectionMode("alarm_only")
            .withBaitProtectionStatus("opened")
            .withProtectionDirectory("/etc/test")
            .withProtectionType("docx")
            .withExcludeDirectory("");
        body.withHostIdList(listbodyHostIdList);
        body.withAgentIdList(listbodyAgentIdList);
        body.withBackupProtectionStatus("closed");
        body.withCreateProtectionPolicy(createProtectionPolicybody);
        body.withProtectionPolicyId("");
        body.withRansomProtectionStatus("opened");
        body.withOperatingSystem("Linux");
        request.withBody(body);
        try {
            StartProtectionResponse response = client.startProtection(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Enable ransomware protection for the server. The OS type is Linux, the target server ID is 71a15ecc-049f-4cca-bd28-5e90aca1817f, and the agent ID of the target server is c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8. Server backup is disabled.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkhss.v5.region.hss_region import HssRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkhss.v5 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = HssClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(HssRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = StartProtectionRequest()
        listHostIdListbody = [
            "71a15ecc-049f-4cca-bd28-5e90aca1817f"
        ]
        listAgentIdListbody = [
            "c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8"
        ]
        createProtectionPolicybody = ProtectionProxyInfoRequestInfo(
            policy_name="test111",
            protection_mode="alarm_only",
            bait_protection_status="opened",
            protection_directory="/etc/test",
            protection_type="docx",
            exclude_directory=""
        )
        request.body = ProtectionInfoRequestInfo(
            host_id_list=listHostIdListbody,
            agent_id_list=listAgentIdListbody,
            backup_protection_status="closed",
            create_protection_policy=createProtectionPolicybody,
            protection_policy_id="",
            ransom_protection_status="opened",
            operating_system="Linux"
        )
        response = client.start_protection(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Enable ransomware protection for the server. The OS type is Linux, the target server ID is 71a15ecc-049f-4cca-bd28-5e90aca1817f, and the agent ID of the target server is c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8. Server backup is disabled.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    hss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := hss.NewHssClient(
        hss.HssClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.StartProtectionRequest{}
	var listHostIdListbody = []string{
        "71a15ecc-049f-4cca-bd28-5e90aca1817f",
    }
	var listAgentIdListbody = []string{
        "c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8",
    }
	policyNameCreateProtectionPolicy:= "test111"
	protectionModeCreateProtectionPolicy:= "alarm_only"
	baitProtectionStatusCreateProtectionPolicy:= "opened"
	protectionDirectoryCreateProtectionPolicy:= "/etc/test"
	protectionTypeCreateProtectionPolicy:= "docx"
	excludeDirectoryCreateProtectionPolicy:= ""
	createProtectionPolicybody := &model.ProtectionProxyInfoRequestInfo{
		PolicyName: &policyNameCreateProtectionPolicy,
		ProtectionMode: &protectionModeCreateProtectionPolicy,
		BaitProtectionStatus: &baitProtectionStatusCreateProtectionPolicy,
		ProtectionDirectory: &protectionDirectoryCreateProtectionPolicy,
		ProtectionType: &protectionTypeCreateProtectionPolicy,
		ExcludeDirectory: &excludeDirectoryCreateProtectionPolicy,
	}
	protectionPolicyIdProtectionInfoRequestInfo:= ""
	request.Body = &model.ProtectionInfoRequestInfo{
		HostIdList: listHostIdListbody,
		AgentIdList: listAgentIdListbody,
		BackupProtectionStatus: "closed",
		CreateProtectionPolicy: createProtectionPolicybody,
		ProtectionPolicyId: &protectionPolicyIdProtectionInfoRequestInfo,
		RansomProtectionStatus: "opened",
		OperatingSystem: "Linux",
	}
	response, err := client.StartProtection(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

200

Request succeeded.

Error Codes

See Error Codes.