All Products
Document Center

How to enhance the security of ECS instances running Windows

Last Updated: Sep 21, 2020

Disclaimer: This article may contain information about third-party products. Such information is for reference only. Alibaba Cloud does not make any guarantee, express or implied, with respect to the performance and reliability of third-party products, as well as potential impacts of operations on the products.



This article describes how to enhance the security of ECS instances running Windows.



This article introduces the following security reinforcement methods.

  • Install security protection software and anti-virus software, such as server security dog.
  • Modify the default service ports such as remote desktop 3389.
  • Restrict remote desktop access through the firewall.
  • Enable threat detection service.
  • Modify the default administrator name to enable the account lockout policy and logon audit policy.
  • Configure IP security policies to disable outbound packets from common high-risk ports.
  • Regularly check for code vulnerabilities in programs, such as open-source dede and WordPress programs, and regularly upgrade the programs on the official website.
  • Use snapshots to back up data after business configuration is complete.


Application scope

  • ECS