tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Cloud Workload Protection Platform
    Documentation
    Download PDF

    Quick Start

    Last updated: 2024-08-13 15:56:40
    Download PDF

      Step 1: Installing CWPP

      Log in to the CWPP Console, and go to the Overview page to check if CWPP is installed on CVM.
      Note
      When purchasing Tencent CVM or CPM 1.0, you can select Security Reinforcement to install the CWPP client automatically.
      
      a. CVM with CWPP installed and Pro or Ultimate edition enabled enjoys comprehensive, multi-dimensional system security protection provided by CWPP.
      b. CVM with Basic edition of CWPP installed can upgrade the service to Pro or Ultimate edition by clicking Upgrade on the right side.
      c. CVM without CWPP can click Install on the right side and following the instructions below:
      Windows CVM environment
      Linux CVM environment

      Windows CVM Environment

      Supported Versions

      The following versions are supported for now:
      Windows server 2008, 2012, 2016, 2019, and 2022 (32-bit or 64-bit).
      Windows 10 and 11 (64-bit).

      CWPP Installation

      Server Type
      Server Products
      Server Architecture
      Network
      Client Download and Installation
      Tencent Cloud
      CVMs, Lighthouses, CPMs, and Edge Computing Machines
      x86
      VPC network
      Open the cmd command line window, and paste and run the following installation command:
      
powershell -executionpolicy bypass -c "(New-Object Net.WebClient).DownloadFile('http://u.yd.tencentyun.com/ydeyes_win32.exe', $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath('.\\ydeyes_win32.exe'))"; "./ydeyes_win32.exe"
      Tencent Cloud
      CVMs
      x86
      Basic network
      Open the cmd command line window, and paste and run the following installation command:
      

powershell -executionpolicy bypass -c "(New-Object Net.WebClient).DownloadFile('http://u.yd.qcloud.com/ydeyes_win32.exe', $ExecutionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath('.\\ydeyes_win32.exe'))"; "./ydeyes_win32.exe"
      Non-Tencent Cloud
      /
      x86
      Public network and DC
      Due to the restriction of the command validity period, please go to the Host List to view the installation instructions and download and install the client.

      Installation Notes

      Verification of successful Windows installation: Open Task Manager and check whether the YDService and YDLive processes are called. If yes, the installation is successful.
      

      Linux CVM Environment

      Supported Versions

      The following versions (64-bit) are supported for now:
      TencentOS Server
      Tencent tlinux
      CentOS 6 or later versions
      Ubuntu 9.10 or later versions
      Debian 6 or later versions
      RHEL 6 or later versions
      OpenCloudOS
      AlmaLinux
      openSUSE
      Rocky Linux
      Red Hat 6 or later versions
      Alibaba Cloud Linux
      Amazon Linux

      CWPP Installation

      Server Type
      Server Products
      Server Architecture
      Network
      Client Download and Installation
      Tencent Cloud
      CVMs, Lighthouses, CPMs, and Edge Computing Machines
      x86
      VPC network
      wget http://u.yd.tencentyun.com/ydeyes_linux64.tar.gz -O ydeyes_linux64.tar.gz && tar -zxvf ydeyes_linux64.tar.gz && ./self_cloud_install_linux64.sh
      Tencent Cloud
      CVMs
      x86
      Basic network
      wget http://u.yd.qcloud.com/ydeyes_linux64.tar.gz -O ydeyes_linux64.tar.gz && tar -zxvf ydeyes_linux64.tar.gz && ./self_cloud_install_linux64.sh
      Tencent Cloud
      CVMs, Lighthouses, CPMs, and Edge Computing Machines
      ARM
      VPC network
      wget http://u.yd.tencentyun.com/ydeyes_linux64_aarch64.tar.gz -O ydeyes_linux64_aarch64.tar.gz && tar -zxvf ydeyes_linux64_aarch64.tar.gz && ./self_cloud_install_linux64.sh
      Tencent Cloud
      CVMs
      ARM
      Basic network
      wget http://u.yd.qcloud.com/ydeyes_linux64_aarch64.tar.gz -O ydeyes_linux64_aarch64.tar.gz && tar -zxvf ydeyes_linux64_aarch64.tar.gz && ./self_cloud_install_linux64.sh
      Non-Tencent Cloud
      /
      x86, ARM
      Public network, DC
      Due to the restriction of the command validity period, please go to the Host List to view the installation instructions and download and install the client.

      Installation Notes

      Run the command to check whether the YDService and YDLive processes are running. If yes, the installation is successful.
      ps -ef | grep YD
      
      Note: If the processes are not running, the program can be started by running the following command via a root user:
      /usr/local/qcloud/YunJing/startYD.sh

      Step 2: Operating CWPP

      CWPP can process and display the security information of a server in real time. It supports detecting and isolating Trojan files, detecting vulnerabilities, identifying suspicious log-in behaviors and adding them to allowlist, blocking password-cracking attempts, and setting alarms. For details, see Operation Guide.

      Step 3: Troubleshooting

      If the host is hacked, you can follow the intrusion troubleshooting guide to troubleshoot the problem and restore the normal running of the website or system. For details, see Intrusions on Linux or Intrusions on Windows.

      Step 4: Uninstalling CWPP

      If you no longer need CWPP protection, you can uninstall it. There are two ways to uninstall CWPP: via the console and via the system. Here is a detailed introduction:

      Uninstalling via the Console

      1. Log in to the CWPP Console. Select Assets > Server List in the left sidebar to check if CWPP is installed on your CVM.
      2. In the Server List, select the server where you need to uninstall CWPP. Click Uninstall agent in the action bar on the right side.
      

      Uninstalling via the System

      Windows System: Follow the path C:\\Program Files\\QCloud\\YunJing\\uninst.exe to locate the uninst.exe file and double-click to uninstall.
      Linux System: Enter the command if [ -w '/usr' ]; then /usr/local/qcloud/YunJing/uninst.sh ; else /var/lib/qcloud/YunJing/uninst.sh ; fi to uninstall.

      FAQs

      How to Handle Firewall Interception During Installation?

      It is recommended to allow access to the CWPP backend server addresses in firewall policies:
      VPC Domain Names: s.yd.tencentyun.com, l.yd.tencentyun.com, u.yd.tencentyun.com
      VPC Network IP:169.254.0.55
      Basic Network Domain Names:s.yd.qcloud.com, u.yd.qcloud.com, l.yd.qcloud.com
      Basic Network IPs:10.148.188.202, 10.148.188.201, 11.177.125.116, 11.177.124.86, 11.149.252.57, 11.149.252.62, 11.149.252.51
      Non-Tencent Cloud Public Network Domain Names:sp.yd.qcloud.com, up.yd.qcloud.com, lp.yd.qcloud.com
      Non-Tencent Cloud Public Network IPs:120.232.65.223, 157.148.45.20, 183.2.143.163
      Ports:5574, 8080, 80, 9080 (Public network also needs to allow port 443)

      How to Configure if Not Using Default DNS?

      If you are not using the default DNS, you need to forward all resolutions of the root domains tencentyun.com and yd.qcloud.com to the default DNS.
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy