If Alibaba Cloud Security notifies me of a vulnerability, do I need to modify the codes on my server to fix the vulnerability or does Alibaba Cloud Security fix it automatically?
Currently, the web vulnerability detection service and Trojan horse detection service only provide the detection function and recommended solution. The services cannot automatically fix vulnerabilities. You need to modify the code to fix the vulnerability. The Alibaba Cloud Security WAF service provides automatic attack defense.
The vulnerability scan frequency is typically 3 qps (number of requests every second), and may fluctuate from 1 qps to 5 qps. We recommend that you enable, then disable, the cloud security checking function to verify the cause of reduced performance.
Yes, you can disable it on the Alibaba Cloud Security console.