edit-icon download-icon

Backend operations triggered when Alibaba Cloud Security accesses the interface URL of a website

Last Updated: May 09, 2018

Question

Backend operations (such as database operations or sending text messages and emails) are triggered when Alibaba Cloud Security visits the interface URL of my website.

What is the reason and how can I solve the issue?

Answer

The vulnerability scanning system performs traffic analysis on the inbound data, and automatically analyzes and tests for vulnerabilities in the traffic.

During the scan, the system may capture the accessing requests from external users to your website URL and then perform security detection on the page. If the captured URL involves backend operations and no verification mechanisms are in place, the vulnerability scanning system may trigger these operations.

We recommend that you implement access verification for URLs involving backend operations, or disable the vulnerability scanning service. For more information on disabling vulnerability scanning, see Disable Alibaba Cloud Security health check.

Thank you! We've received your feedback.