In the Security Center console, you can manage your web directories that you want Security Center to scan and alert handling rules that are generated for alerts added to the whitelist in the Settings panel of the Alerts page. This allows you to create finer-grained protection rules and manage the rules in a centralized manner. You can use the rules to identify the security risks in your assets at the earliest opportunity and monitor the security status of your assets in real time. This topic describes how to manage custom web directories and alert handling rules.
Background information
The entry points to configure logon settings and protection rules are moved to . The logon settings include approved logon locations, approved logon IP addresses, approved logon time ranges, and approved logon accounts. The protection rules include defense rules against brute-force attacks and IP address blocking policies.
For more information about how to create defense rules against brute-force attacks and IP address blocking policies, see Defense against brute-force attacks.
For more information about how to specify approved logon locations, IP addresses, time ranges, and accounts, see Approved logon management.
Limits
All editions of Security Center support this feature. For more information about the features that each edition supports, see Functions and features.
Specify custom web directories to scan
Security Center automatically scans the web directories of your server and runs dynamic and static scan tasks. You can also specify the web directories to scan. If suspicious connections are established by using known webshells, Security Center intercepts the connections and generates alerts. The alerts are displayed in the alert list of the Alerts page.
Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to protect. The following regions are supported: China and Outside China.
In the left-side navigation pane, choose .
On the Alerts page, click Settings in the upper-right corner. In the panel that appears, click the Web Directory Definition tab.
Click Management to the right of the Add Scan Targets section.
Specify a commonly used web directory and select the servers on which the specified web directory is scanned.
NoteTo ensure the scan performance and efficiency, we recommend that you do not specify a root directory.
Click OK.
Manage alert handling rules
If you add an alert to the whitelist, an alert handling rule is created and displayed in the list of alert handling rules of the Settings panel. You can modify or delete the alert handling rule in the Settings panel.
Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to protect. The following regions are supported: China and Outside China.
In the left-side navigation pane, choose .
On the Alerts page, click Settings in the upper-right corner.
In the Settings panel, click the Alert Handling Rule tab.
In the Alert Handling Rule section, modify or delete an alert handling rule.
Modify an alert handling rule
Find the rule that you want to modify and click Edit in the Actions column.
In the Edit Rule panel, add or remove the servers on which the alert rule takes effect.
Click OK. The rule is modified.
Delete an alert handling rule
Find the rule that you want to delete and click Delete in the Actions column.
In the message that appears, click OK. The rule is deleted.