Baseline Inspection Overview¶
Baseline Inspection includes password complexity policy detection, common weak password detection, and configuration check. It can detect insecure password configurations and risky configurations in key software on servers, and provide rectification suggestions for detected risks, helping you correctly handle risky configurations on servers.
Baseline Inspection Content¶
Item | Description | Supported Check Mode | Supported HSS Version |
---|---|---|---|
Unsafe configuration | Check the unsafe Tomcat, Nginx, SSH login, and system configurations found by HSS. Currently, the following check standards and types are supported:
|
| Enterprise, premium, WTP, and container edition |
Password complexity policies | Check whether your password complexity policy of Linux system account is proper and modify it based on suggestions provided by HSS, improving password security. | Manual baseline checks | All versions |
Common weak passwords | Weak passwords defined in the common weak password library. You can check for accounts and remind users to change them. Common weak passwords of MySQL, FTP, and system accounts. |
| All |
Usage Process¶
No. | Operation | Description |
---|---|---|
1 | The baseline inspection supports automatic and manual baseline checks.
| |
2 | After the baseline inspection is complete, you need to view and handle baseline configuration risks. |