Disable application protection

更新时间:
复制 MD 格式

To stop protecting a specific process, disable application protection at the level you need: a single application, an application group, or the entire feature.

The steps for disabling a single application depend on how you originally connected the application — automatic access, automatic provisioning, or manual provisioning — and whether the application runs Java or PHP.

Disable protection for a single application

Before you begin

On the Application Protection page, click the Application Configurations tab. In the Actions column for the target application group, click Access Management to open the Access Management panel.

Java applications

Automatic access (Security Center client is online)

On the Automatic Access tab, select the servers to uninstall from, then click Batch Disable Protection. To uninstall from a single server, click Uninstall in the Actions column.

Important

After the Runtime Application Self-Protection (RASP) probe is uninstalled, remove the server from the application group if it no longer needs protection. On the Automatic Access tab, click Delete in the Actions column for that server, or select multiple servers and click Batch Delete.

Automatic provisioning (Security Center client is offline)

If the Security Center client is offline, uninstall the RASP probe manually.

The following steps use Linux as an example.
  1. Run crontab -e on the server.

  2. Delete the application protection task from the scheduled task list. The entry looks similar to:

    * * * * * bash -c /usr/local/aegis/rasp/apps/664dd403cd24364f9e******/attach/runJavaFinder.sh http://update-vpc.aegis.aliyuncs.com/rasp/plugin/v1/error/report aa97bdc587ac7ab37028506359****** 6901ad53-a454-4681-afdb-c894d2******
  3. Save the file and exit:

    • In vi or vim: press Esc, type :wq, then press Enter.

    • In nano: press Ctrl+O to save, then Ctrl+X to exit.

  4. Restart the process during off-peak hours.

The RASP probe is uninstalled only after the process restarts.

Manual provisioning

Delete the JVM parameters you added when you configured the application, then restart the application to disable protection.

PHP applications

Automatic access (Security Center client is online)

On the Automatic Access tab, select the servers to uninstall from, then click Batch Disable Protection. To uninstall from a single server, click Uninstall in the Actions column.

Important

After the RASP agent is uninstalled, remove the server from the application group if it no longer needs protection. On the Automatic Access tab, click Delete in the Actions column for that server, or select multiple servers and click Batch Delete.

Automatic provisioning (Security Center client is offline)

If the Security Center client is offline, uninstall the RASP agent manually.

The following steps use Linux as an example.
  1. Run crontab -e on the server.

  2. Delete the application protection task from the scheduled task list. The entry looks similar to:

    * * * * * bash -c /usr/local/aegis/rasp/apps/664dd403cd24364f9e******/attach/runPhpFinder.sh http://update-vpc.aegis.aliyuncs.com/rasp/plugin/v1/error/report aa97bdc587ac7ab37028506359****** 6901ad53-a454-4681-afdb-c894d2******
  3. Save the file and exit:

    • In vi or vim: press Esc, type :wq, then press Enter.

    • In nano: press Ctrl+O to save, then Ctrl+X to exit.

  4. Restart the process during off-peak hours.

The RASP agent is uninstalled only after the process restarts.

Manual provisioning

  1. Delete the INI configuration you added when you set up the application:

    [alirasp]
    extension=/alirasp.so
    alirasp.root_dir=
  2. Restart the application. RASP protection is disabled after the restart.

Disable protection for an application group

Disable protection for all applications in a group

On the Application Protection page, click the Application Configurations tab. In the Protection Status column, click the image icon for the target application group.

Delete an application group

Important

Deleting an application group disables protection for all instances in that group. Before deleting, confirm that the group contains no authorized instances, or that the Application Protection switches for all automatically added servers are in the Off state.

On the Application Protection page, click the Application Configurations tab. Click Delete in the Actions column for the target application group.

Disable the application protection feature

To stop using application protection entirely, unsubscribe from the feature. Security Center automatically uninstalls all RASP probes and agents after you unsubscribe.

The steps differ by billing model:

  • Subscription: On the Overview page, in the Subscription area, click Change Specifications > Downgrade. You are redirected to the order upgrade or downgrade page. On the Order Downgrade tab, in the Application Protection area, set Purchase to No. For details, see Downgrade.

    Important

    The refund amount is shown on the downgrade page. For details on refund destinations, see Refund destinations.

  • Pay-as-you-go: On the Overview page, in the Pay-as-you-go Services area, turn off the Application Protection switch.

    Important

    After you turn off the switch, no new fees are generated.