Updated on 2024-09-23 GMT+08:00

Enabling Dynamic WTP

Dynamic WTP protects your web pages while Tomcat applications are running, and can detect tampering of dynamic data, such as database data. It can be enabled with static WTP or separately.

Constraints and Limitations

  • Only the servers that are protected by the HSS WTP edition support the operations described in this section.
  • Dynamic WTP can be provided only for Tomcat of JDK 8.

Prerequisites

You are using a server running the Linux OS.

Enabling Dynamic WTP

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > HSS.
  3. Choose Server Protection > Web Tamper Protection. Click Configure Protection in the Operation column.

    If your servers are managed by enterprise projects, you can select an enterprise project to view or operate the asset and scan information.

    Figure 1 Entering the page of protection settings

  4. On the Configure Protection tab, toggle on to enable Dynamic WTP.

    Figure 2 Enabling Dynamic WTP

  5. In the displayed dialog box, modify the Tomcat bin Directory.

    To enable dynamic WTP, you need to modify the Tomcat bin directory first. The system presets the setenv.sh script in the bin directory for setting anti-tamper program startup parameters. After enabling dynamic WTP, restart Tomcat to make this setting take effect.
    Figure 3 Configuring a Tomcat directory

  6. Click OK to enable dynamic WTP.