All Products
Search

This Product

    Security Center:Configure alert settings

    Document Center

    Security Center:Configure alert settings

    Last Updated:Apr 15, 2025

    In the Security Center console, you can manage your web directories that you want Security Center to scan and alert handling rules that are generated for alerts added to the whitelist in the Settings panel of the Alerts page. This allows you to create finer-grained protection rules and manage the rules in a centralized manner. You can use the rules to identify the security risks in your assets at the earliest opportunity and monitor the security status of your assets in real time. This topic describes how to manage custom web directories and alert handling rules.

    Limits

    Both free and paid users of Security Center can use this feature.

    Specify custom web directories to scan

    Security Center automatically scans the web directories of your server and runs dynamic and static scan tasks. You can also specify the web directories to scan. If suspicious connections are established by using known webshells, Security Center intercepts the connections and generates alerts. The alerts are displayed in the alert list of the Alerts page.

    1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. The following regions are supported: China and Outside China.

    2. In the left-side navigation pane, choose Detection and Response > Alert.

      Note

      If you have activated the Cloud Threat Detection and Response (CTDR) feature, the left-side navigation pane will change to CTDR > Alert.

    3. On the Alert page, click Cloud Workload Alert Management > Alert Settings in the upper-right corner.

    4. In the Custom Web Directory section of the Alert Settings panel, click Manage in the right corner.

    5. In the Custom Web Directory section, specify a commonly used web directory and select the servers on which the specified web directory is scanned.

      Note

      To ensure the scan performance and efficiency, we recommend that you do not specify a root directory.

    6. Click OK.

    Manage alert handling rules

    If you add an alert to the whitelist, an alert handling rule is created and displayed on the Alert Handling Rule tab of the Alert Settings panel. You can modify or delete the alert handling rule in the Alert Settings panel.

    1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. The following regions are supported: China and Outside China.

    2. In the left-side navigation pane, choose Detection and Response > Alert.

      Note

      If you have activated the CTDR feature, the left-side navigation pane will change to CTDR > Alert.

    3. On the Alert page, click Cloud Workload Alert Management > Alert Settings in the upper-right corner.

    4. In the Alert Settings panel, click the Alert Handling Rule tab.

    5. In the Alert Handling Rule section, Edit or Delete an alert handling rule.

      • Edit an alert handling rule

        1. Find the rule that you want to modify and click Edit in the Actions column.

        2. In the Edit Rule panel, add or remove the servers on which the alert rule takes effect.

        3. Click OK.

      • Delete an alert handling rule

        1. Find the rule that you want to delete and click Delete in the Actions column.

        2. In the message that appears, click OK.

    Brute-force attacks protection and approved logon management

    Security Center supports features such as brute-force attacks protection, approved logon locations, and logon IP address management. This helps you protect against brute-force attacks and monitor logons. For more information, see Defense against brute-force attacks and Approved logon management.