This topic describes common issues with Security Center and their solutions.
New feature updates
Pre-sales FAQ
Free Trial Issues
Product Usage Issues
Purchase and renewal issues
Renewal issues
Security Center prompts me that my service is about to expire. How do I renew it?
How long before my Security Center instance expires can I renew it?
How do I change the auto-renewal cycle or disable auto-renewal?
What do I do if a "no permission" message appears when a RAM user tries to renew the service?
Upgrade and downgrade issues
Refund issues
Vulnerability remediation billing issues
Console operation issues
If you see error messages in the Security Center console, refresh the page. If the issue persists, submit a ticket to contact technical support.
Error code | Message |
ConsoleSystemError_1001 | System error. Please refresh the page and try again later. |
ConsoleSystemError_1007 | The API is unpublished. |
ConsoleSystemError_1008 | PostOnly verification failed. |
ConsoleSystemError_1009 | The CSRF token is empty. Refresh the page and try again. |
ConsoleSystemError_1010 | CSRF token verification failed. Check the token and try again. |
ConsoleSystemError_1011 | The RegionID is empty. Enter a RegionID. |
ConsoleSystemError_1012 | The RegionID has an invalid format. Check the RegionID. |
ConsoleSystemError_1013 | A parameter is empty. Check the parameters. |
ConsoleSystemError_1014 | A parameter has an invalid format. Check the parameters. |
Security score issues
How do I view the version number of the virus database?
What is the priority for handling events that affect the security score?
Asset-related issues
How do I detach (release) a non-Alibaba Cloud asset?
How do I detach an Alibaba Cloud ECS server from Security Center?
Why do two identical servers, one online and one offline, appear in the server list?
Anti-ransomware issues
What is the anti-ransomware feature? Why is it a paid service?
After I purchase data protection capacity for anti-ransomware, does data backup start automatically?
The anti-ransomware backup cache occupies a large amount of disk space. How do I clear it?
What do I do if the anti-ransomware client consumes excessive CPU or memory resources on my server?
What do I do if my purchased data protection capacity for anti-ransomware is insufficient?
What do I do if the status of a mitigation policy is abnormal?
Web tamper-proofing issues
What are the requirements for the local backup directory for web tamper-proofing?
Why is an "invalid path" error reported when I configure a tamper-proofing directory?
Why does web tamper-proofing not take effect after I configure a protected directory?
Can I write files to a protected directory after I configure it?
What do I do if I receive a text message or an email that indicates a web shell exists?
Linux software vulnerability issues
How do I manually scan for Linux software vulnerabilities on my server?
How do I obtain the current software version and vulnerability information?
How do I upgrade the 3.1* kernel of an Ubuntu 14.04 system to the 4.4 kernel?
How do I verify that an Ubuntu kernel patch has been successfully applied?
Do I need to restart the system after a vulnerability is fixed?
Vulnerability remediation issues
What are the suggestions for fixing server software vulnerabilities?
In what order are vulnerabilities fixed in a batch operation?
Why does snapshot creation fail when I fix a vulnerability? What do I do?
What do I do if Security Center still reports a vulnerability after I have fixed it?
How do I clear the Windows vulnerability patch packages from the agent directory?
Does Security Center support Elasticsearch vulnerability detection?
How do I handle a timeout error when connecting to the official Alibaba Cloud YUM repository?
What do I do if a "token verification failed" message appears when I fix a vulnerability?
What do I do if Security Center cannot verify that a system vulnerability is fixed?
Why does manual verification not respond after a vulnerability is fixed?
Vulnerability scan issues
What do I do if I cannot enable vulnerability detection for a server in Asset Center?
Why may the detection results for Fastjson-related emergency vulnerabilities vary for each scan?
Does a vulnerability scan detect system-level and application-level vulnerabilities?
Why does an out-of-memory (OOM) error occur during a vulnerability scan?
Baseline check issues
Security alert issues
How do I determine whether a mining threat exists in my assets?
What do I do if my server is attacked by a mining program and virus blocking is disabled?
I accidentally added a mining alert to the whitelist. How do I remove it?
How do I confirm that automatic virus blocking has taken effect?
Does Security Center automatically quarantine web shell files?
What is the detection principle of web shells in Security Center?
Which objects can be added to the whitelist for security alerts?
Brute-force attack issues
How do I view the number of brute-force attacks on my server or the blocking status?
What do I do if brute-force attack protection is triggered by an accidental operation?
Does brute-force attack protection support web applications or websites?
Why do I still receive brute-force attack alerts after I change the weak password?
Does a weak logon password for an ECS instance refer to a system-level RDP or SSH scan?