An increasing number of scanning tools with low technical thresholds emerge, and vulnerabilities in the architecture of a large number of websites are detected. This poses threats to the security of the websites. You can enable the scan protection module for your websites to improve the security.
Procedure
For more information, see Configure scan protection.
Usage notes
When you create a policy, turn on Make Default. This way, the policy automatically applies to all domain names that have not been associated with a custom policy including domain names to add and to disassociate from an existing custom policy.
Scenarios
In the following sample scenarios, if scan protection affects your business, you need to change the policy.
Scenario 1: An employee in the company uses a scanning tool to detect the domain name. As a result, the egress IP address is blocked by the high-frequency scanning module. To ensure the usage of this IP address by other employees, you can add the egress IP address to the whitelist of the protection module.
Scenario 2: If your business requires converting image formats, the server traverses image files to check whether the formats of all images are converted. In this case, a large number of HTTP 404 status codes are returned. To keep your business uninterrupted, you can add related operations to the whitelist of the protection module.