MagiAegis Defense System is a powerful security protection software. Despite its robust inherent capabilities, its full potential cannot be fully realized without proper configuration. The system comes with numerous built-in rules, and by simply configuring them, we can unleash its unparalleled protective power. This article is intended for users who have just installed the MagiAegis Defense System, guiding them through the quick configuration of security protection rules.

1. Webshell Protection

The Webshell Protection module is designed to detect and eliminate Webshell . Once a hacker uploads a Webshell   to the website, it will be automatically quarantined or deleted.

It is recommended to add all websites to the "Protected Directorys" such as: /www/ or /wwwroot/.

2. Remote Protection

The Remote Protection module is capable of preventing hackers from brute-forcing their way into remote desktops. It is recommended to enable "Remote IP/Region Protection" and authorize access only from your specific region.

After configuration, only remote logins from your authorized region will be permitted to access the server. (The likelihood of encountering hackers from the same region is minimal, as they typically prefer to use international IP proxies for their activities.)

3. Firewall

The firewall comes with pre-configured inbound rules for websites and remote desktops. You simply need to toggle on the "Mod-Switch" to activate it.

Once enabled, all inbound access attempts to ports other than those explicitly allowed will be blocked. If you need to allow access to additional ports, please add corresponding rules under "Inbound Rules"

It is recommended to replace the "system firewall" with our firewall, as our firewall offers the following distinctive features:
1. Region-based Protection Support: For instance, it allows you to open the FTP port exclusively for a specific region.
2. Malicious IP Protection: It incorporates an extensive built-in database of malicious IPs, automatically blocking hacker scans and intrusion attempts.

As shown in the figure above, only IP addresses from the United Arab Emirates are permitted to access port 21 (meaning only users in the UAE region can access FTP, significantly enhancing security).

4. WAF

The system comes with built-in default configurations. We simply need to toggle on the "Mod-Switch" and then configure "Access -> Website Backend Protection" as needed.

As illustrated in the figure below, first fill in the website admin address, then add authorized regions and an authorization password. Users from authorized regions can directly access the admin backend, while users outside these regions must enter the "authorization password" to gain access. If the authorization password is left blank, users outside the authorized regions will be prohibited from accessing the admin backend.

5. Tamper Protection

The system includes built-in general protection rules. However, to thoroughly prevent website tampering, be sure to add CMS protection rules for each website.

Click "Add CMS Protection" select the website's root directory, choose a matching security template, and then fill in the website admin address.

Friendly Reminder:
1. The "WAF - Access - Website Backend Protection" module must be enabled for the admin protection to function properly.
2. If there are no CMS protection rules available for your website, please contact customer support to have them added!
3. The tamper protection module is highly robust. If you have additional protection requirements, you can add advanced rules on your own.

6. Patch Updates

For Windows servers, it is crucial to update system patches regularly.

Navigate to "Security Audit - Patch Updates" and click "Check Patches" You also have the option to configure automatic updates to eliminate the hassle of manual updates.

System patches require repeated updates. After updating, restart the server and check for patches again until you are prompted that no further patches are available.

Automatically update patches at 2:40 AM every day and notify the administrator after the update is completed.

7. System Reinforcement

When an operating system is initially released by the manufacturer, strict security restrictions are often not implemented to maintain compatibility. If you are using a Windows server, it is imperative to perform a security hardening process to prevent hacker intrusions.

To harden your system, navigate to "Security Audit - System Reinforcement" select the items that require hardening (it is recommended to select all items for the initial reinforcement), and click "Start Reinforcement" This will allow you to enhance your system's security online in a simple and efficient manner.

After following the above configuration steps, your server and website will be highly secure. Additionally, you're welcome to contact us, and we'd be happy to assist you in conducting a thorough security check and making any necessary configurations.