CN104917716B - Page security management method and device - Google Patents

Page security management method and device Download PDF

Info

Publication number
CN104917716B
CN104917716B CN201410085745.2A CN201410085745A CN104917716B CN 104917716 B CN104917716 B CN 104917716B CN 201410085745 A CN201410085745 A CN 201410085745A CN 104917716 B CN104917716 B CN 104917716B
Authority
CN
China
Prior art keywords
page
access
user terminal
terminal
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410085745.2A
Other languages
Chinese (zh)
Other versions
CN104917716A (en
Inventor
樊伟
陆莉
刘杰
段文文
秦铭雪
陈旺林
陈文辉
曾岳锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201410085745.2A priority Critical patent/CN104917716B/en
Publication of CN104917716A publication Critical patent/CN104917716A/en
Application granted granted Critical
Publication of CN104917716B publication Critical patent/CN104917716B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the invention discloses a page security management method, which comprises the following steps: acquiring a page access request submitted by a user terminal; acquiring an access account and terminal identification information of the user terminal; judging whether the user terminal is a common terminal of the access account or not according to pre-recorded login information of the access account, wherein the login information comprises terminal identification information of the login terminal of the access account and login times corresponding to each login terminal within a preset time range; and if the user terminal is the common terminal of the access account, returning the requested page to the user terminal according to the page access request. The embodiment of the invention also discloses a page security management device. By adopting the method and the device, illegal users can be effectively prevented from invading the security page through brute force cracking/page brushing.

Description

Page security management method and device
Technical Field
The invention relates to the field of internet security, in particular to a page security management method and device.
Background
With the rapid development of internet technology, people increasingly use internet technology to bring convenience to life, and meanwhile, internet security risks increasingly become a problem worried by users, for example, an illegal user often invades a security page in a mode of breaking/swiping the page violently, so that the internet information such as account information, private information, financial information and the like of the user is leaked. The existing scheme for preventing the brute force from cracking/refreshing the page is to issue the access verification code, but the use efficiency and experience of the user internet can be greatly reduced by carrying out access verification on all the access requests; in the prior art, an IP (Internet Protocol) address used when a user accesses a page is also obtained, and if the frequency of the user requesting to access the page using the same IP is too high, a verification code is issued, but an illegal user can still continuously change the IP address of the page requested to be accessed by using an IP agent, so that the existing scheme for preventing brute force from cracking/refreshing the page still has defects, and a safety mechanism using the same IP access limit still has serious potential safety hazards.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method and an apparatus for page security management, which can effectively prevent an illegal user from invading a security page by cracking/refreshing the page violently and take into account user efficiency and experience.
In order to solve the above technical problem, an embodiment of the present invention provides a page security management method, where the method includes:
acquiring a page access request submitted by a user terminal;
acquiring an access account and terminal identification information of the user terminal;
judging whether the user terminal is a common terminal of the access account or not according to pre-recorded login information of the access account, wherein the login information comprises terminal identification information of the login terminal of the access account and login times corresponding to each login terminal within a preset time range;
and if the user terminal is the common terminal of the access account, returning the requested page to the user terminal according to the page access request.
Correspondingly, an embodiment of the present invention further provides a page security management apparatus, where the page security management apparatus includes:
the access request acquisition module is used for acquiring a page access request submitted by a user terminal;
the terminal information acquisition module is used for acquiring an access account and terminal identification information of the user terminal;
the common terminal judgment module is used for judging whether the user terminal is a common terminal of the access account according to pre-recorded login information of the access account, wherein the login information comprises terminal identification information of the login terminal of the access account and login times corresponding to each login terminal within a preset time range;
and the page returning module is used for returning the requested page to the user terminal according to the page access request when the frequently-used terminal judging module judges that the user terminal is the frequently-used terminal of the access account.
The background server in the embodiment judges whether the user terminal is a common terminal of the access account number or not by submitting the access account number of the page access request and the terminal identification information of the user terminal, if so, the requested page can be directly returned, otherwise, the access verification request can be issued, so that the security page is effectively prevented from being invaded by an illegal user through brute force cracking/page brushing, and the use efficiency and experience of the user are considered.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart of a page security management method in an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a page security management method according to another embodiment of the present invention;
FIG. 3 is a flowchart illustrating a page security management method according to another embodiment of the present invention;
fig. 4 is a schematic structural diagram of a page security management apparatus in an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a schematic flow diagram of a page security management method in an embodiment of the present invention, where the page security management method in the present invention may be executed by a page security management device in a background server such as a website server, a web server, an internet program background server, and the like, and as shown in fig. 1, the page security management method in the embodiment at least may include:
s101, acquiring a page access request submitted by a user terminal.
In a specific implementation, the user terminal may include an internet device such as a personal computer, a tablet computer, a smart phone, an e-reader, a vehicle-mounted terminal, and the like, and may submit the page access request to the backend server through a browser or an operating client, where the page access request at least may include identification information of a requested web page, such as a web page address, a connection, and the like, and request the backend server to return the requested web page to the backend server. The requested web page may be a preset target security page, for example, a web page containing user private information, a web page set by the user to be private, or a security page related to important information such as user account information, private information, financial information, and the like, such as an account login page, a password retrieval page, a password modification page, and the like.
And S102, acquiring the access account and the terminal identification information of the user terminal.
Specifically, the access account of the user terminal may be an identification information such as a client login account and a website login account, which may represent a user Identity, for example, an instant messaging account or an SNS (Social Networking service) account, and the terminal identification information may be an identification information of a unique identification terminal such as an MAC (Media access control) address, an IMEI (International Mobile Equipment Identity), an ICCID (integrated circuit card identification) of the user terminal. It should be noted that in an optional embodiment, the page access request may carry an access account and terminal identification information of the user terminal, and the page security management device may obtain the access account and terminal identification information of the user terminal from the page access request, may also read the access account or terminal identification information of the user terminal through a client running on the user terminal or a web page, and may also obtain the access account or terminal identification information of the user terminal submitted by the user through the web page in a manner of prompting the user to input information through the web page, so steps S102 and S101 may be performed simultaneously in other optional embodiments of the present invention, or may perform step S102 first, and then perform step S101.
S103, judging whether the user terminal is a common terminal of the access account according to the pre-recorded login information of the access account.
Specifically, the background server may record login information of the access account when the user logs in to the background server using the access account, where the login information includes terminal identification information of login terminals of the access account and login times corresponding to each login terminal within a preset time range. For example, three user terminals that a user logs in a month by using a pre-registered account a via an instant messaging tool are a personal computer, a mobile phone and a tablet personal computer of the user, respectively, the login information of the access account recorded and obtained by the background server may include MAC addresses of the three user terminals, and login times that the user logs in by using the three user terminals, such as 15 times of the personal computer, 30 times of the mobile phone and 3 times of the tablet personal computer, respectively, and then the page security management device may query the login information to obtain the login times of the user terminal in the month according to the terminal identification information of the user terminal that submits the page access request by using the access account in this time, which is obtained in S102, so as to determine whether the user terminal is a common terminal of the access account. Specifically, in an optional embodiment, whether the login number of the user terminal in a preset time range reaches a preset threshold may be determined according to the terminal identification information of the user terminal and the login information of the access account, if so, it is determined that the user terminal is a common terminal of the access account, for example, if the user terminal that submits the page access request using the access account this time is a personal computer, and if the login number of the user account a that is obtained by querying the login information through the personal computer is 15 times, and is greater than the preset threshold by 10 times, it is determined that the personal computer is the common terminal of the user account a; if the user terminal which uses the access account to submit the page access request is a tablet personal computer, the login times of the user account A which is obtained by inquiring the login information through the tablet personal computer are 5 times and less than 10 times of a preset threshold value, and then the personal computer is judged not to be a common terminal of the user account A.
And S104, if the user terminal is the common terminal of the access account, returning the requested page to the user terminal according to the page access request.
In a specific implementation, after determining that the user terminal is the frequently-used terminal of the access account in S103, the background server may return the requested page to the user terminal according to the page access request, otherwise, if it is determined that the user terminal is not the frequently-used terminal of the access account, the background server directly rejects the page access request, and returns an access rejection message to the user terminal. In an optional embodiment, the page security management device may return an access verification request or reject a page access request of the user terminal to the user terminal according to the security level of the requested page, for example, if it is determined that the user terminal is not a common terminal of the access account, the page security management device further determines the security level of the accessed page, if the security level of the page accessed this time is high, the page access request may be directly rejected, otherwise, the access verification request may be returned to the user terminal, the access verification request is used to prompt the user to input verification information, so that verification information submitted by the user terminal according to the access verification request is obtained and access verification is performed, and if verification passes, the requested page is returned to the user terminal. The security level of the accessed page can be preset by the background server, and can also be set or adjusted according to the preset setting of the user. The access authentication request can prompt a user to input preset authentication information, for example, a string of pre-submitted character strings such as a mobile phone number, a birthday, a favorite star name and the like are input, or a picture containing the authentication information is carried, the user is prompted to fill the authentication information content in the picture into an input frame in a page and submit the authentication information content to a background server, the page security management device receives the authentication information submitted by the user terminal and then performs access authentication, namely, whether the authentication information submitted by the user is consistent with the preset authentication information or consistent with the authentication information in the picture is verified, if so, the access authentication is passed, the requested page is returned to the user terminal, otherwise, the page access request is rejected if the access authentication is failed.
In an optional embodiment, the page security management device may further determine whether the frequency of the user terminal submitting the page access request reaches a preset frequency threshold, and if the frequency of the user terminal submitting the page access request does not reach the preset threshold, return the requested page to the user terminal according to the page access request; otherwise, if the frequency of the page access requests submitted by the user terminal reaches a preset threshold value, returning an access verification request to the user terminal, wherein the access verification request is used for prompting a user to input verification information, the page security management device acquires the verification information submitted by the user terminal according to the access verification request and carries out access verification, and if the verification is passed, returning the requested page to the user terminal. The frequency limitation of the user terminal submitting the page access request can effectively prevent illegal users from breaking/brushing pages to invade the target page through the same user terminal.
The background server in the embodiment judges whether the user terminal is a common terminal of the access account number or not by submitting the access account number of the page access request and the terminal identification information of the user terminal, if so, the requested page can be directly returned, otherwise, the access verification request can be issued, so that the security page is effectively prevented from being invaded by an illegal user through brute force cracking/page brushing, and the use efficiency and experience of the user are considered.
Fig. 2 is a schematic flow chart of a page security management method in another embodiment of the present invention, as shown in the figure, the page security management method in the embodiment may include:
s201, obtaining the access account number and the terminal identification information of the user terminal.
Specifically, in this embodiment, the background server may read the access account or the terminal identification information of the user terminal through a client running on the user terminal or a web page, and may also prompt the user to input information through the web page, so as to obtain the access account or the terminal identification information of the user terminal submitted by the user through the web page
S202, acquiring a page access request submitted by the user terminal.
In this embodiment, because the access account and the terminal identification information of the user terminal are obtained in advance in S201, the page access request only needs to carry information of the accessed page, such as an access address of a target page, a web page link, and the like. The requested web page may be a preset target security page, for example, a web page containing user private information, a web page set by the user to be private, or a security page related to important information such as user account information, private information, financial information, and the like, such as an account login page, a password retrieval page, a password modification page, and the like.
S203, judging whether the login times of the user terminal in a preset time range reach a preset threshold value or not according to the terminal identification information of the user terminal and the login information of the access account, if so, executing S204, and otherwise, executing S205.
Specifically, the backend server may record login information of the access account in advance when the user logs in to the backend server using the access account, where the login information includes terminal identification information of login terminals of the access account and login times corresponding to each login terminal within a preset time range, and after receiving a page access request submitted by the user terminal through S202, the page security management device may query the login information to obtain the login times of the user terminal within the preset time range, and further determine whether the login times of the user terminal within the preset time range reach a preset threshold. Taking the foregoing as an example, for example, if the user terminal that submits the page access request using the access account is a personal computer, the login frequency of the user account a that passes through the personal computer in the month is 15 times, which is obtained by querying the login information, and is greater than the preset threshold value by 10 times, then S204 is executed.
And S204, judging that the user terminal is a frequently-used terminal of the access account, and executing S207.
S205, an access verification request is returned to the user terminal, and the access verification request is used for prompting the user to input verification information.
The access authentication request can prompt a user to input preset authentication information, for example, a string of pre-submitted character strings such as a mobile phone number, a birthday, a favorite star name and the like, or can carry a picture containing the authentication information, and prompt the user to fill the authentication information content in the picture into an input frame in a page and submit the authentication information content to a background server.
And S206, acquiring the verification information submitted by the user terminal according to the access verification request, performing access verification, if the verification is passed, executing S207, and if the access verification is failed, rejecting the page access request.
And if the verification information submitted by the user is consistent with the preset verification information or the verification information in the picture, the access verification is passed, and the requested page is returned to the user terminal, otherwise, the page access request is rejected if the access verification fails.
S207, the requested page is returned to the user terminal.
The background server in the embodiment judges whether the user terminal is a common terminal of the access account number or not by submitting the access account number of the page access request and the terminal identification information of the user terminal, if so, the requested page can be directly returned, otherwise, the access verification request can be issued, so that the security page is effectively prevented from being invaded by an illegal user through brute force cracking/page brushing, and the use efficiency and experience of the user are considered.
Fig. 3 is a schematic flow chart of a page security management method in another embodiment of the present invention, where as shown in the figure, the page security management method in the embodiment may include:
s301, acquiring a page access request submitted by a user terminal.
In a specific implementation, the user terminal may include internet devices such as a personal computer, a tablet computer, a smart phone, an e-reader, and a vehicle-mounted terminal, and may submit the page access request to the backend server through a browser or an operating client, and request the backend server to return a requested web page to the backend server. The requested web page may be a preset target security page, for example, a web page containing user private information, a web page set by the user to be private, or a security page related to important information such as user account information, private information, financial information, and the like, such as an account login page, a password retrieval page, a password modification page, and the like.
S,302, obtaining the access account number and the terminal identification information of the user terminal.
Specifically, the access account of the user terminal may be an identification information that may represent a user identity, such as a client login account, a website login account, and the like, for example, an instant messaging account or an SNS account, and the terminal identification information may be identification information that uniquely identifies the terminal, such as an MAC address, an IMEI, and an ICCID, of the user terminal. In this embodiment, the page access request may carry an access account and terminal identification information of the user terminal, and the page security management apparatus may thereby obtain the access account and terminal identification information of the user terminal from the page access request.
And S303, judging whether the login times of the user terminal in a preset time range reach a preset threshold value or not according to the terminal identification information of the user terminal and the login information of the access account, if so, executing S304, and otherwise, executing S306.
Specifically, the backend server may record login information of the access account in advance when the user logs in to the backend server using the access account, where the login information includes terminal identification information of login terminals of the access account and login times corresponding to each login terminal within a preset time range, and after receiving a page access request submitted by the user terminal through S202, the page security management device may query the login information to obtain the login times of the user terminal within the preset time range, and further determine whether the login times of the user terminal within the preset time range reach a preset threshold. Taking the above as an example, for example, if the user terminal that submits the page access request using the access account is a personal computer, the page security management device queries from the login information that the login frequency of the user account a through the personal computer in this month is 15 times, and is greater than the preset threshold 10 times, then S304 is executed, otherwise S306 is executed.
S304, determining that the user terminal is a frequently-used terminal of the access account, and then executing S305.
S305, determining whether the frequency of the page access request submitted by the user terminal reaches a preset frequency threshold, if yes, executing S308, otherwise, executing S306.
The frequency of submitting page access requests by the user terminal is limited, and if the frequency reaches a preset frequency threshold value, access verification is carried out, so that illegal users can be effectively prevented from breaking or swiping the page to invade a target page through the same user terminal.
S306, returning an access verification request to the user terminal, wherein the access verification request is used for prompting the user to input verification information.
The access authentication request can prompt a user to input preset authentication information, for example, a string of pre-submitted character strings such as a mobile phone number, a birthday, a favorite star name and the like, or can carry a picture containing the authentication information, and prompt the user to fill the authentication information content in the picture into an input frame in a page and submit the authentication information content to a background server.
And S307, acquiring verification information submitted by the user terminal according to the access verification request, performing access verification, if the verification is passed, executing S208, and if the access verification is failed, rejecting the page access request.
And if the verification information submitted by the user is consistent with the preset verification information or the verification information in the picture, the access verification is passed, and the requested page is returned to the user terminal, otherwise, the page access request is rejected if the access verification fails.
S308, the requested page is returned to the user terminal.
The background server in the embodiment judges whether the user terminal is a common terminal of the access account number or not by submitting the access account number of the page access request and the terminal identification information of the user terminal, if the user terminal is the common terminal, the requested page can be directly returned, and if the user terminal is not the common terminal or the access frequency of the common terminal is too high, the access verification request can be issued, so that the situation that an illegal user breaks/brushes the page to invade the security page through violence is effectively prevented, and the use efficiency and the experience of the user are considered.
Fig. 4 is a schematic structural diagram of a page security management apparatus in an embodiment of the present invention, where the page security management apparatus of the present invention may be implemented in a background server such as a website server, a web server, an internet program background server, and the like, and as shown in fig. 4, the page security management apparatus in the embodiment of the present invention at least may include:
an access request obtaining module 410, configured to obtain a page access request submitted by a user terminal.
In a specific implementation, the user terminal may include an internet device such as a personal computer, a tablet computer, a smart phone, an e-reader, a vehicle-mounted terminal, and the like, and may submit the page access request to the background server through a browser or an operating client, where the page access request may at least include identification information of a requested web page, such as a web page address, a connection, and the like, the request background server returns the requested web page to the request background server, and the access request obtaining module 410 obtains the page access request. The requested web page may be a preset target security page, for example, a web page containing user private information, a web page set by the user to be private, or a security page related to important information such as user account information, private information, financial information, and the like, such as an account login page, a password retrieval page, a password modification page, and the like.
A terminal information obtaining module 420, configured to obtain an access account and terminal identification information of the user terminal.
In a specific implementation, the access account of the user terminal may be an identification information such as a client login account and a website login account, which may represent a user Identity, for example, an instant messaging account or an SNS (Social Networking service) account, and the terminal identification information may be an identification information of a unique identification terminal such as an MAC (Media access control) address, an IMEI (International Mobile Equipment Identity), an ICCID (integrated circuit card identification code) of the user terminal. It should be noted that in an optional embodiment, the page access request may carry an access account and terminal identification information of the user terminal, the terminal information obtaining module 420 may obtain the access account and the terminal identification information of the user terminal from the page access request, the terminal information obtaining module 420 may also read the access account or the terminal identification information of the user terminal through a client running on the user terminal or a web page, and may also obtain the access account or the terminal identification information of the user terminal submitted by the user through the web page in a manner of prompting the user to input information through the web page.
The common terminal determining module 430 is configured to determine whether the user terminal is a common terminal of the access account according to pre-recorded login information of the access account, where the login information includes terminal identification information of login terminals of the access account and login times corresponding to each login terminal within a preset time range.
In a specific implementation, the background server may record login information of the access account when a user logs in to the background server using the access account, where the login information includes terminal identification information of login terminals of the access account and login times corresponding to each login terminal within a preset time range. For example, three user terminals that a user logs in a month by using a pre-registered account a via an instant messaging tool are a personal computer, a mobile phone and a tablet personal computer, the login information of the access account recorded and obtained by the background server may include MAC addresses of the three user terminals, and login times of the user logging in the three user terminals respectively, such as 15 times of the personal computer, 30 times of the mobile phone and 3 times of the tablet personal computer, and the frequently-used terminal determining module 430 may obtain the login times of the user terminal in the month by querying the login information according to the terminal identification information of the user terminal that submits the page access request by using the access account this time, which is obtained by the terminal information obtaining module 420, so as to determine whether the user terminal is the frequently-used terminal of the access account. Specifically, in an optional embodiment, the common terminal determining module 430 may determine, according to the terminal identification information of the user terminal and the login information of the access account, whether the login frequency of the user terminal in a preset time range reaches a preset threshold, if so, determine that the user terminal is the common terminal of the access account, taking the foregoing as an example, for example, the user terminal that uses the access account to submit a page access request this time is a personal computer, the login frequency of the user account a that is obtained by querying from the login information through the personal computer is 15 times, and is greater than the preset threshold for 10 times, then the common terminal determining module 430 determines that the personal computer is the common terminal of the user account a; if the user terminal that submits the page access request using the access account is a tablet computer, the login times of the user account a through the tablet computer, which are obtained by querying the login information, are 5 times and less than the preset threshold value 10 times, the frequently-used terminal judgment module 430 judges that the personal computer is not a frequently-used terminal of the user account a.
A page returning module 440, configured to return the requested page to the user terminal according to the page access request when the frequently-used terminal determining module 430 determines that the user terminal is the frequently-used terminal of the access account.
In a specific implementation, the page returning module 440 may return the requested page to the user terminal according to the page access request after the frequent terminal determining module 430 determines that the user terminal is the frequently-used terminal of the access account, or directly reject the page access request and return an access rejection message to the user terminal if it determines that the user terminal is not the frequently-used terminal of the access account.
Further in an optional embodiment, the page security management apparatus may further include:
the page security module 480 is configured to, when the frequently-used terminal determining module 430 determines that the user terminal is not the frequently-used terminal of the access account, reject the page access request of the user terminal according to the security level of the requested page or trigger the verification request returning module 440 to return an access verification request to the user terminal.
In an optional embodiment, the page security module 480 may return an access verification request or reject a page access request of the user terminal to the user terminal according to the security level of the requested page, for example, if it is determined that the user terminal is not a common terminal of the access account, the page security module 480 further determines the security level of the page to be accessed, if the security level of the page to be accessed is high, the page access request may be directly rejected, otherwise, the verification request return module 440 may be triggered to return an access verification request to the user terminal, the access verification request is used to prompt the user to input verification information, so as to obtain verification information submitted by the user terminal according to the access verification request and perform access verification, and if the verification passes, the requested page is returned to the user terminal. The security level of the accessed page can be preset by the background server, and can also be set or adjusted according to the preset setting of the user.
Further in an optional embodiment, the page security management apparatus may further include:
a verification request returning module 450, configured to return an access verification request to the user terminal when the frequently-used terminal determining module determines that the user terminal is not the frequently-used terminal of the access account, where the access verification request is used to prompt the user to input verification information.
In a specific implementation, the access authentication request may prompt the user to input preset authentication information, for example, to input a string of pre-submitted character strings, such as a mobile phone number, a birthday, a favorite star name, etc., or may carry a picture containing the authentication information, prompt the user to fill the authentication information content in the picture into an input box in a page and submit the authentication information content to a background server,
and an access authentication module 460, configured to obtain authentication information submitted by the user terminal according to the access authentication request, perform access authentication, and if the authentication passes, trigger the page returning module 440 to return the requested page to the user terminal.
In a specific implementation, the access validation module 460 performs access validation after receiving validation information submitted by the user terminal, that is, checks whether the validation information submitted by the user is consistent with preset validation information or consistent with validation information in a picture, if so, the access validation passes, and triggers the page return module 440 to return the requested page to the user terminal, otherwise, if the access validation fails, the page access request of this time is rejected, and if so, an access rejection message is returned to the user terminal.
Further in an optional embodiment, the page security management apparatus may further include:
the access frequency control module 490 is configured to determine whether the frequency of the page access request submitted by the user terminal reaches a preset frequency threshold, trigger the page returning module 440 to return the requested page to the user terminal according to the page access request if the frequency of the page access request submitted by the user terminal does not reach the preset threshold, and trigger the authentication request returning module 450 to return an access authentication request to the user terminal if the frequency of the page access request submitted by the user terminal reaches the preset threshold.
The page security management device in the embodiment judges whether the user terminal is a common terminal of the access account number or not by submitting the access account number of the page access request and the terminal identification information of the user terminal, and if the user terminal is the common terminal, the user terminal can directly return to the requested page, otherwise, the user terminal can issue the access verification request, and further frequency limitation can be performed on the page access request submitted by the user terminal, so that the security page is effectively prevented from being invaded by an illegal user through brute force cracking/brushing of the page, and the use efficiency and experience of the user are both considered.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.

Claims (7)

1. A page security management method is characterized by comprising the following steps:
acquiring a page access request submitted by a user terminal, wherein the page access request comprises identification information of a requested webpage, the requested webpage is a target security page preset by a user and comprises a webpage containing user private information, a webpage set by the user to be private or a security page containing user account information, private information and financial information, and the security page comprises an account login page, a password recovery page or a password modification page;
acquiring an access account and terminal identification information of the user terminal;
judging whether the user terminal is a common terminal of the access account or not according to pre-recorded login information of the access account, wherein the login information of the access account is obtained by recording when a user logs in by using the access account in advance, and the login information comprises terminal identification information of the login terminal of the access account and login times corresponding to each login terminal within a preset time range;
if the user terminal is a common terminal of the access account, returning a requested page to the user terminal according to the page access request;
if the user terminal is not the common terminal of the access account, returning an access verification request or rejecting a page access request of the user terminal to the user terminal according to the security level of the requested page preset by the user, including:
if the security level of the accessed page is high, directly rejecting the page access request;
otherwise, returning an access verification request to the user terminal, wherein the access verification request is used for prompting the user to input verification information;
and acquiring verification information submitted by the user terminal according to the access verification request, performing access verification, and returning a requested page to the user terminal if the verification is passed.
2. The page security management method according to claim 1, wherein the determining, according to the pre-recorded login information of the access account, whether the user terminal is a frequently-used terminal of the access account comprises:
and judging whether the login times of the user terminal in a preset time range reach a preset threshold value or not according to the terminal identification information of the user terminal and the login information of the access account, and if so, judging that the user terminal is a common terminal of the access account.
3. The page security management method according to claim 1, wherein if the user terminal is a common terminal of the access account, returning the requested page to the user terminal according to the page access request includes:
judging whether the frequency of the user terminal submitting the page access request reaches a preset frequency threshold value or not;
if the frequency of the user terminal submitting the page access request does not reach a preset threshold value, returning a requested page to the user terminal according to the page access request;
if the frequency of the user terminal submitting the page access request reaches a preset threshold value, returning an access verification request to the user terminal, wherein the access verification request is used for prompting a user to input verification information;
and acquiring verification information submitted by the user terminal according to the access verification request, performing access verification, and returning a requested page to the user terminal if the verification is passed.
4. A page security management apparatus, characterized in that the page security management apparatus comprises:
the system comprises an access request acquisition module, a password recovery module and a password modification module, wherein the access request acquisition module is used for acquiring a page access request submitted by a user terminal, the page access request comprises identification information of a requested webpage, the requested webpage is a target security page preset by a user and comprises a webpage containing user private information, a webpage set by the user to be private or a security page containing user account information, private information and financial information, and the security page comprises an account login page, a password recovery page or a password modification page;
the terminal information acquisition module is used for acquiring an access account and terminal identification information of the user terminal;
the common terminal judgment module is used for judging whether the user terminal is a common terminal of the access account according to pre-recorded login information of the access account, wherein the login information of the access account is recorded in advance when a user logs in by using the access account, and the login information comprises terminal identification information of the login terminal of the access account and login times corresponding to each login terminal within a preset time range;
the page returning module is used for returning the requested page to the user terminal according to the page access request when the frequently-used terminal judging module judges that the user terminal is the frequently-used terminal of the access account;
the page security module is used for rejecting a page access request of the user terminal or triggering a verification request return module to return an access verification request to the user terminal according to the security level of a requested page preset by a user when the common terminal judgment module judges that the user terminal is not the common terminal of the access account, wherein if the security level of the accessed page is high, the page access request is directly rejected, otherwise, the verification request return module is triggered to return an access verification request to the user terminal;
a verification request returning module, configured to return an access verification request to the user terminal when the frequently-used terminal determining module determines that the user terminal is not a frequently-used terminal of the access account and the security level of the requested page is not high, where the access verification request is used to prompt a user to input verification information;
and the access verification module is used for acquiring verification information submitted by the user terminal according to the access verification request, performing access verification, and triggering the page return module to return the requested page to the user terminal if the verification is passed.
5. The page security management device according to claim 4, wherein the common terminal determining module is configured to:
and judging whether the login times of the user terminal in a preset time range reach a preset threshold value or not according to the terminal identification information of the user terminal and the login information of the access account, and if so, judging that the user terminal is a common terminal of the access account.
6. The page security management apparatus of claim 4, further comprising:
the access frequency control module is used for judging whether the frequency of the page access requests submitted by the user terminal reaches a preset frequency threshold value, if the frequency of the page access requests submitted by the user terminal does not reach the preset threshold value, the page return module is triggered to return the requested page to the user terminal according to the page access requests, and if the frequency of the page access requests submitted by the user terminal reaches the preset threshold value, the verification request return module is triggered to return access verification requests to the user terminal.
7. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program comprising program instructions which, when executed by a processor, perform the method according to any one of claims 1-3.
CN201410085745.2A 2014-03-10 2014-03-10 Page security management method and device Active CN104917716B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410085745.2A CN104917716B (en) 2014-03-10 2014-03-10 Page security management method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410085745.2A CN104917716B (en) 2014-03-10 2014-03-10 Page security management method and device

Publications (2)

Publication Number Publication Date
CN104917716A CN104917716A (en) 2015-09-16
CN104917716B true CN104917716B (en) 2020-06-16

Family

ID=54086429

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410085745.2A Active CN104917716B (en) 2014-03-10 2014-03-10 Page security management method and device

Country Status (1)

Country Link
CN (1) CN104917716B (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105354505B (en) * 2015-09-28 2019-04-16 武汉钢铁(集团)公司 A kind of image adaptation method and electronic equipment
CN105897667A (en) * 2015-10-22 2016-08-24 乐视致新电子科技(天津)有限公司 Device access history tracking method, apparatus, server and system
CN105812380A (en) * 2016-04-26 2016-07-27 北京小米移动软件有限公司 Verification method and device
CN106230710A (en) * 2016-09-14 2016-12-14 广东欧珀移动通信有限公司 A kind of information synchronization method and device
CN107872428A (en) * 2016-09-26 2018-04-03 平安科技(深圳)有限公司 The login method and device of application program
CN106487928B (en) 2016-12-09 2019-12-13 北京小米移动软件有限公司 Message pushing method and device
CN108134770A (en) * 2017-10-19 2018-06-08 黄策 Verify the application layer theft preventing method of short message
CN109801092B (en) * 2017-11-16 2023-09-08 腾讯科技(武汉)有限公司 Resource security management method, device, computer equipment and storage medium
CN108173823A (en) * 2017-12-21 2018-06-15 五八有限公司 The anti-grasping means of the page and device
CN109255230A (en) * 2018-09-29 2019-01-22 武汉极意网络科技有限公司 Recognition methods, system, user equipment and the storage medium of abnormal verifying behavior
CN109302394A (en) * 2018-09-29 2019-02-01 武汉极意网络科技有限公司 A kind of anti-simulation login method of terminal, device, server and storage medium
CN110875921B (en) * 2018-12-27 2022-10-18 安天科技集团股份有限公司 Printer network access security detection method and device and electronic equipment
CN109876451A (en) * 2019-03-18 2019-06-14 北京智明星通科技股份有限公司 The login method and equipment of game APP
CN109962922B (en) * 2019-04-04 2021-08-06 北京网聘咨询有限公司 Processing method and system for anti-ATS behavior of resume
CN111385313B (en) * 2020-05-28 2020-09-11 支付宝(杭州)信息技术有限公司 Method and system for verifying object request validity
CN112115462B (en) * 2020-09-23 2022-07-08 国网江苏省电力有限公司泰州供电分公司 Method and system for limiting access terminal based on web page

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101374050A (en) * 2008-10-23 2009-02-25 普天信息技术研究院有限公司 Apparatus, system and method for implementing identification authentication
CN102325062A (en) * 2011-09-20 2012-01-18 北京神州绿盟信息安全科技股份有限公司 Abnormal login detecting method and device
CN102970296A (en) * 2012-11-22 2013-03-13 网宿科技股份有限公司 Intelligent website content capture-preventing method and system based on content delivery network
CN103095658A (en) * 2011-11-03 2013-05-08 北京神州泰岳软件股份有限公司 Account login method and system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100268557A1 (en) * 2009-04-17 2010-10-21 Patrick Faith Enrollment server
CN102957682A (en) * 2011-08-30 2013-03-06 北京百度网讯科技有限公司 Method and equipment for providing picture verification code based on verification security level
CN103488922B (en) * 2013-08-27 2017-06-23 百度在线网络技术(北京)有限公司 A kind of method and apparatus for providing identifying code

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101374050A (en) * 2008-10-23 2009-02-25 普天信息技术研究院有限公司 Apparatus, system and method for implementing identification authentication
CN102325062A (en) * 2011-09-20 2012-01-18 北京神州绿盟信息安全科技股份有限公司 Abnormal login detecting method and device
CN103095658A (en) * 2011-11-03 2013-05-08 北京神州泰岳软件股份有限公司 Account login method and system
CN102970296A (en) * 2012-11-22 2013-03-13 网宿科技股份有限公司 Intelligent website content capture-preventing method and system based on content delivery network

Also Published As

Publication number Publication date
CN104917716A (en) 2015-09-16

Similar Documents

Publication Publication Date Title
CN104917716B (en) Page security management method and device
US10554655B2 (en) Method and system for verifying an account operation
US9954855B2 (en) Login method and apparatus, and open platform system
US10880290B2 (en) Comprehensive authentication and identity system and method
EP3522446B1 (en) System and method for credentialed access to a remote server
US9544295B2 (en) Login method for client application and corresponding server
US9450939B2 (en) Method and apparatus for service login based on third party's information
US10332116B2 (en) Systems and methods for fraudulent account detection and management
US9112828B2 (en) Method for defending against session hijacking attacks and firewall
WO2015024447A1 (en) Methods and systems for secure internet access and services
US20160072792A1 (en) Verification method, apparatus, server and system
US20170300453A1 (en) System and method of providing notification of suspicious access attempts
US11770385B2 (en) Systems and methods for malicious client detection through property analysis
CN108156270B (en) Domain name request processing method and device
CN105993156B (en) Server access verification method and device
CN108737398B (en) Processing method and device of trust system, computer equipment and storage medium
WO2015078247A1 (en) Method, apparatus and terminal for monitoring phishing
CN105490993B (en) Method and device for preventing Cookie tracking in browser
CN107885986A (en) A kind of form filling method, form data store method and device
CN105656936A (en) Data encryption and storage method
WO2014117563A1 (en) Method, apparatus and system for user authentication
CN110912901A (en) Application login verification method, device and system
KR20150104667A (en) Authentication method
CN116248365A (en) Protection method and device for website access
CN114978552A (en) Safe management method, device, equipment and medium for mailbox verification code

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant