Docs
uhids
Functional Principles and Detection Cycles
Security baseline check

Security Baseline Check

Security baseline checks automatically detect risks in the system, middleware, database, and account configurations on your server and provide you with remediation suggestions for any issues found.

Detection Principle

Different checks employ different detection rules, checking whether they meet some risk features to prompt risk points and remediation suggestions.

Detection Cycle

By default, checks are performed once every hour.

After risk mitigation, the risk will be checked again within 1 hour. If the risk is found to have been mitigated, the corresponding alert will be automatically deleted.

Detected Items

CategoryDetected ItemsDescriptionCorresponding Version
SystemExistence of weak account passwordsCheck if the login password of the Linux system account is weakV3.0
SystemExistence of non-root privilege accountsCheck if there are accounts with root privileges in the Linux systemV3.0
ApplicationUse of insecure SSH protocol versionCheck if an insecure security protocol is in useV3.0
ApplicationAllowance of SSH blank password loginCheck if SSH allows blank password loginV3.0
ApplicationDetection of Nginx running with high privilegesCheck if Nginx is running with root privilegesV3.0
ApplicationApache running with high privilegesCheck if Apache Httpd is running with root privilegesV3.0
ApplicationExistence of PHP version information disclosureCheck if there is improperly configured PHP causing version information disclosureV3.0
ApplicationExistence of executable high-risk PHP functionsCheck if executable high-risk functions are disabled in PHP configurationV3.0
ApplicationExistence of Java environment vulnerabilitiesCheck if there are risks in Java environment variables and configurations (such as apache-log4j vulnerability)V3.0
DatabaseRedis password verification is setCheck if password verification is enabled in redis server configurationV3.0
DatabaseMySQL running with high privilegesCheck if MySQL service is running with root privilegesV3.0
DatabaseMongodb authentication enabledCheck if password verification is enabled in Mongodb configurationV3.0
WebWeb-CMS vulnerabilitiesThe latest vulnerability warnings and related patches.V3.0

The corresponding version refers to the product version number, for which you can refer to the upgrade record to view the version number and corresponding upgrade content.