The number following an alert type indicates the number of alerts not processed. (BOT Attack displays the number of all alerts.) If the security baseline alert feature is not enabled, the console will not display the security baseline option.
Why is an IP address banned after interception?
Intrusion defense detects network attacks for sessions. Only when an IP is banned (added to the blocklist), all its access operations will be blocked.
In "Blocked statistics", you can directly click the IP address to redirect to details.
Why is an IP address following a red exclamation mark?
It means that this IP address may be a Tencent Cloud CDN address, which is not advised to be manually blocked or banned. If you have enabled the Block mode of IPS, CFW will automatically block attacks from this address. Normal traffic will not be affected.
How frequently will data in Alert Management be updated?
Data in Alert Management will be updated every 10 minutes.
What should I do to display the traffic trend chart in Alert Management?
1. On the Firewall toggle page, select an instance, click Firewall toggle -> OK to enable the firewall toggle.
2. After the firewall toggle is enabled, CFW ACL is in "All-pass" mode and intrusion defense is "Observe" mode by default. There is no impact on your service system.
Why is there no blocking data in Alert Management?
1. Check whether you have enabled the firewall toggle and set it to block or interception mode.
2. Select all policies for blocking data, and then check whether you can view corresponding events.
3. If you still fail to view corresponding events, contact us for help.
Can I receive bandwidth alerts if primary account and sub-account are not configured as alert objects in Alert Management?
If no primary account or sub-account is selected for receiving alerts, you will not be notified via SMS from Alert Management, or Message Center. However, alerts will still be displayed on the console.
Yes
No
Was this page helpful?