Skip to main content

Configure tamper protection

The Server Security feature allows you to configure tamper protection for web pages.

Context

  • For each server, you can add a maximum of 10 directories for protection.
  • If you want to add directories that are on a Windows server, the directories must meet the following requirements: The size of each directory does not exceed 20 GB. Each directory contains no more than 2,000 folders. The number of directory levels does not exceed 20. The size of each file does not exceed 3 MB.
  • If you want to add directories that are on a Linux server, the directories must meet the following requirements:The size of each directory does not exceed 20 GB. Each directory contains no more than 3,000 folders. The number of directory levels does not exceed 20 . The size of each file does not exceed 3 MB.
  • Before you add a directory for protection, make sure that the directory meets the preceding requirements.
  • We recommend that you exclude file formats that do not require protection, such as LOG, PNG, JPG, MP4, AVI, and MP3. Multiple file formats can be separated by semicolons (;).

Operation Steps

  1. In the product management page, choose "Server Guard". fg-dc-sg-3.3.2.1-1

  2. In the left-side navigation pane, click "Intrusion Prevention"> "File Tamper Protection". fg-dc-sg-3.3.2.1-2

  3. On the Tamper Protection page, click Add Servers for Protection. fg-dc-sg-3.3.2.1-3

  4. In the Add Servers for Protection panel, select a server that you want to protect.

  5. Click Next to go to the Add Directory step.

  6. In the Add Directory step, configure the parameters.

    Select a protection mode. The settings of other parameters vary based on the protection mode. You can select Whitelist Mode or Blacklist Mode. In whitelist mode, tamper protection is enabled for the specified directories and file formats. In blacklist mode, tamper protection is enabled for the subdirectories, file formats, and files that are not specified. By default, Whitelist Mode is selected.

  • The following table describes the parameters that you must configure if you select Whitelist Mode. fg-dc-sg-3.3.2.1-4

  • The following table describes the parameters that you must configure if you select Blacklist Mode. fg-dc-sg-3.3.2.1-5 fg-dc-sg-3.3.2.1-6

  1. Click Enable Protection.

    After you enable this feature for a server, the server is displayed on the Management tab of the Tamper Protection page.
    By default, tamper protection is in the Off state for the server. To enable tamper protection for the server, you must turn on turn on the switch in the Protection column on the Tamper Protection page.

  2. On the Tamper Protection page, find the server that you add. Then, click the Management tab and turn on the switch in the Protection column to enable protection for the server.

    By default, tamper protection is in the Off state for the server. To enable tamper protection for the server, you must turn on the switch in the Protection column on the Tamper Protection page.
    After tamper protection is enabled, the status of the server changes to Running.
    If the status of the server is Exception, move the pointer over Exception in the Status column to view the cause and click Retry to enable tamper protection again

  3. Can go the Alerts page and select Web page Tampering from the alert type drop-down list to view the alerts generated upon tampering events.
    Tamper protection does not take effect immediately after you configure the protected directory, and you can still write files to the directory. In this case, you must go to the Management page, disable Protection for the server where the directory is located, and then enable Protection again.
    Handling suggestions for abnormal protection states fg-dc-sg-3.3.2.1-7