Enabling the Enterprise/Premium Edition

Before enabling protection on servers, you need to allocate quota to a specified server. If the protection is disabled or the server is deleted, the quota can be allocated to other servers.

For the WTP edition, choose Prevention > Web Tamper Protection > Server Protection and then enable it.

To enable the WTP edition, choose Prevention > Web Tamper Protection > Server Protection and click the Servers tab. All the functions of the premium edition are included with the WTP edition.

Check Mode

HSS performs a full scan in the early morning every day.

After you enable server protection, you can view scan results after the automatic scan in the next early morning.

Prerequisites

The agent status of the server to be protected is Online. To check the status, choose Asset Management > Servers & Quota on the HSS.
To better protect your containers, you are advised to set security configurations.

Restrictions

Linux OS
On servers running the EulerOS with ARM, HSS does not block the IP addresses suspected of SSH brute-force attacks, but only generates alarms.
Windows OS
- Authorize the Windows firewall when you enable protection for a Windows server. Do not disable the Windows firewall during the HSS in-service period. If the Windows firewall is disabled, HSS cannot block brute-force attack IP addresses.
- If the Windows firewall is manually enabled, HSS may also fail to block brute-force attack IP addresses.

Enabling Protection

Log in to the management console.
Click in the upper left corner of the page, select a region, and choose Security > Host Security Service.
In the navigation pane, choose Asset Management > Servers & Quota. Click the Servers tab.
Select the target server and click Enable.
In the Enable Protection dialog box, select an HSS edition.
Click OK. View the server protection status in the server list.
If the Protection Status of the target server is Enabled, the professional, enterprise or premium edition has been enabled.
- A quota can be bound to a server to protect it, on condition that the agent on the server is online.
After HSS is enabled, it will scan your servers for security issues. Check items vary according to the edition you enabled.

Viewing Detection Details

After server protection is enabled, HSS will immediately perform comprehensive detection on the server. The detection may take a long time.

On the left of the protection list, click Risky.

Click a server name to go to the details page. On this page, you can quickly check the detected information and risks of the server.

Follow-up Operation

You can manually configure check items. Configurable items vary according to the edition you enabled.

Follow-Up Procedure

Disabling HSS

On the Servers tab of the Servers & Quotas page, click Disable in the Operation column of a server.

Before disabling protection, perform a comprehensive detection on the server, handle known risks, and record operation information to prevent attacks.
After protection is disabled, clear important data on the server, stop important applications on the server, and disconnect the server from the external network to avoid unnecessary loss caused by attacks.

Parent topic: Enabling Protection

Previous topic: Enabling Protection

Next topic: Enabling Web Tamper Protection

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot