CN103944962A - Method for Web server information hiding and gateway equipment - Google Patents
Method for Web server information hiding and gateway equipment Download PDFInfo
- Publication number
- CN103944962A CN103944962A CN201410110675.1A CN201410110675A CN103944962A CN 103944962 A CN103944962 A CN 103944962A CN 201410110675 A CN201410110675 A CN 201410110675A CN 103944962 A CN103944962 A CN 103944962A
- Authority
- CN
- China
- Prior art keywords
- response message
- header
- server
- web server
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a method for Web server information hiding and gateway equipment, and relates to the technical field of computer networking. The method includes the following steps that S1, a response message transmitted by the Web server is received; S2, the response message is analyzed to obtain a header of the response message; S3, the header of the response message is rewritten to remove or replace Web server information in the header; S4, the rewritten response message is packaged and forwarded to a client side. The header of the response message is rewritten to remove or replace the Web server information in the header, so that the client side is prevented from obtaining the Web server information, and safety of the Web server is improved.
Description
Technical field
The present invention relates to technical field of the computer network, particularly a kind of method of Web server Information hiding and gateway device.
Background technology
So-called website (Website), just refers on internet, according to certain rule, use the tool makings such as HTML(Hypertext Markup Language) for showing the set of related web page of certain content.Briefly, website is a kind of communication tool, and just as notice board, people can be issued and oneself be wanted disclosed information (information) by website, or utilize website that relevant network service is provided, again or collect the information wanted.People can pass through web browser accessing website, obtain the information (information) oneself needing or enjoy network service.
Client sends request after message to Web server, conventionally Web server can return to a response message, but owing to there being important server info in the response message returning, when hacker in network launches a offensive to Web server by client, can utilize these server infos to initiate more efficiently attack, cause the fail safe of Web server to be guaranteed.
Summary of the invention
(1) technical problem that will solve
The technical problem to be solved in the present invention is: the fail safe that how to improve Web server.
(2) technical scheme
For solving the problems of the technologies described above, the invention provides a kind of method of Web server Information hiding, said method comprising the steps of:
S1: receive the response message transmitting from Web server;
S2: described response message is resolved, to obtain the header of described response message;
S3: the header of described response message is rewritten, to remove or to replace the Web server information in described header;
S4: the response message after rewriteeing is encapsulated, and be forwarded to client.
Wherein, before step S1, also comprise:
S0: receive the HTTP request message of client, and described HTTP request message is forwarded to described Web server.
Wherein, described Web server information comprises: at least one in the type information of server state code, server and the edit mode of server.
Wherein, in step S3, when the header of described response message is rewritten, the server state code in described header is replaced, then the server state code after replacing is re-writed to the header of described response message.
Wherein, in step S3, when the header of described response message is rewritten, the edit mode of the type information of the server in described header and/or server is directly deleted.
The invention also discloses a kind of gateway device, described gateway device comprises:
Message receiver module, for receiving the response message transmitting from Web server;
Control module, for described response message is resolved, to obtain the header of described response message;
Control module, also for the header of described response message is rewritten, to remove or to replace the Web server information in described header;
Message sending module, for the response message after rewriteeing is encapsulated, and is sent to client by the response message after encapsulation.
Wherein, described message receiver module, also for receiving the HTTP request message of client;
Described message sending module, also for being forwarded to described Web server by described HTTP request message.
Wherein, described Web server information comprises: at least one in the type information of server state code, server and the edit mode of server.
Wherein, described control module, also when the header of described response message is rewritten, replaces the server state code in described header, then the server state code after replacing is re-writed to the header of described response message.
Wherein, described control module, also when the header of described response message is rewritten, directly deletes the edit mode of the type information of the server in described header and/or server.
(3) beneficial effect
The present invention, by the header of described response message is rewritten, to remove the Web server information in described header, can prevent that client from acquiring Web server information, thereby improve the fail safe of web server.
Brief description of the drawings
Fig. 1 is the method flow diagram of the Web server Information hiding of one embodiment of the present invention;
Fig. 2 is the structured flowchart of the gateway device of one embodiment of the present invention;
Fig. 3 is that the gateway device of Fig. 2 is located at the structural representation between client and Web server.
Embodiment
Below in conjunction with drawings and Examples, the specific embodiment of the present invention is described in further detail.Following examples are used for illustrating the present invention, but are not used for limiting the scope of the invention.
Fig. 1 is the method flow diagram of the Web server Information hiding of one embodiment of the present invention; With reference to Fig. 1, said method comprising the steps of:
S1: receive the response message transmitting from Web server;
S2: described response message is resolved, to obtain the header of described response message;
S3: the header of described response message is rewritten, to remove or to replace the Web server information in described header;
S4: the response message after rewriteeing is encapsulated, and be forwarded to client.
Preferably, before step S1, also comprise:
S0: receive the HTTP request message of client, and described HTTP request message is forwarded to described Web server.
The more sensitive information field of ratio that in the response message of HTTP request message, header comprises conventionally comprises: server state code, Server field (for embodying the type information of server) and x-Powered-By field (for embodying the coded system of server) etc., in order to improve the fail safe of Web server, preferably, described Web server information comprises: at least one in the type information of server state code, server and the edit mode of server.
Because server state code normally needs to return client, in order to ensure that this real information is not obtained by client, preferably, in step S3, when the header of described response message is rewritten, server state code in described header is replaced, then the server state code after replacing is re-writed to the header of described response message, for example: server state code 4xx is replaced with to 417.
Due to fields such as Server field and x-Powered-By on the browser resolves of client without any impact, for improving treatment effeciency, preferably, in step S3, when the header of described response message is rewritten, the edit mode of the type information of the server in described header and/or server is directly deleted.
Fig. 2 is the structured flowchart of the gateway device of one embodiment of the present invention; With reference to Fig. 2, described gateway device comprises:
Message receiver module, for receiving the response message transmitting from Web server;
Control module, for described response message is resolved, to obtain the header of described response message;
Control module, also for the header of described response message is rewritten, to remove or to replace the Web server information in described header;
Message sending module, for the response message after rewriteeing is encapsulated, and is sent to client by the response message after encapsulation.
With reference to Fig. 3, gateway device is deployed in the front end of Web server, and client upload all needs through gateway device to all message flows of Web server, and preferably, described message receiver module, also for receiving the HTTP request message of client;
Described message sending module, also for being forwarded to described Web server by described HTTP request message.
Preferably, described Web server information comprises: at least one in the type information of server state code, server and the edit mode of server.
Preferably, described control module, also when the header of described response message is rewritten, replaces the server state code in described header, then the server state code after replacing is re-writed to the header of described response message.。
Preferably, described control module, also when the header of described response message is rewritten, directly deletes the edit mode of the type information of the server in described header and/or server.
Above execution mode is only for illustrating the present invention; and be not limitation of the present invention; the those of ordinary skill in relevant technologies field; without departing from the spirit and scope of the present invention; can also make a variety of changes and modification; therefore all technical schemes that are equal to also belong to category of the present invention, and scope of patent protection of the present invention should be defined by the claims.
Claims (10)
1. a method for Web server Information hiding, is characterized in that, said method comprising the steps of:
S1: receive the response message transmitting from Web server;
S2: described response message is resolved, to obtain the header of described response message;
S3: the header of described response message is rewritten, to remove or to replace the Web server information in described header;
S4: the response message after rewriteeing is encapsulated, and be forwarded to client.
2. the method for claim 1, is characterized in that, before step S1, also comprises:
S0: receive the HTTP request message of client, and described HTTP request message is forwarded to described Web server.
3. method as claimed in claim 2, is characterized in that, described Web server information comprises: at least one in the type information of server state code, server and the edit mode of server.
4. method as claimed in claim 3, it is characterized in that, in step S3, when the header of described response message is rewritten, server state code in described header is replaced, then the server state code after replacing is re-writed to the header of described response message.
5. method as claimed in claim 3, is characterized in that, in step S3, when the header of described response message is rewritten, the edit mode of the type information of the server in described header and/or server is directly deleted.
6. a gateway device, is characterized in that, described gateway device comprises:
Message receiver module, for receiving the response message transmitting from Web server;
Control module, for described response message is resolved, to obtain the header of described response message;
Control module, also for the header of described response message is rewritten, to remove or to replace the Web server information in described header;
Message sending module, for the response message after rewriteeing is encapsulated, and is sent to client by the response message after encapsulation.
7. gateway device as claimed in claim 6, is characterized in that, described message receiver module, also for receiving the HTTP request message of client;
Described message sending module, also for being forwarded to described Web server by described HTTP request message.
8. gateway device as claimed in claim 7, is characterized in that, described Web server information comprises: at least one in the type information of server state code, server and the edit mode of server.
9. gateway device as claimed in claim 8, it is characterized in that, described control module, also when rewriteeing the header of described response message, server state code in described header is replaced, then the server state code after replacing is re-writed to the header of described response message.
10. gateway device as claimed in claim 8, is characterized in that, described control module also when the header of described response message is rewritten, is directly deleted the edit mode of the type information of the server in described header and/or server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410110675.1A CN103944962A (en) | 2014-03-24 | 2014-03-24 | Method for Web server information hiding and gateway equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410110675.1A CN103944962A (en) | 2014-03-24 | 2014-03-24 | Method for Web server information hiding and gateway equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103944962A true CN103944962A (en) | 2014-07-23 |
Family
ID=51192443
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410110675.1A Pending CN103944962A (en) | 2014-03-24 | 2014-03-24 | Method for Web server information hiding and gateway equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103944962A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111901218A (en) * | 2020-06-23 | 2020-11-06 | 北京天融信网络安全技术有限公司 | Message transmission method, SSLVPN proxy server, electronic device and storage medium |
| CN114422563A (en) * | 2021-12-29 | 2022-04-29 | 海南同享数字科技有限公司 | Method, device, equipment and storage medium for calling background data by page |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101729497A (en) * | 2008-10-22 | 2010-06-09 | 国际商业机器公司 | Method and system for providing content |
| CN101888312A (en) * | 2009-05-15 | 2010-11-17 | 北京启明星辰信息技术股份有限公司 | Attack detection and response method and device of WEB page |
| CN102664881A (en) * | 2012-04-13 | 2012-09-12 | 东南大学 | Method for positioning hidden service under hypertext transfer protocol 1.1 |
| US8291495B1 (en) * | 2007-08-08 | 2012-10-16 | Juniper Networks, Inc. | Identifying applications for intrusion detection systems |
| CN102916972A (en) * | 2012-11-05 | 2013-02-06 | 杭州迪普科技有限公司 | Method and device for hiding web server information |
-
2014
- 2014-03-24 CN CN201410110675.1A patent/CN103944962A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8291495B1 (en) * | 2007-08-08 | 2012-10-16 | Juniper Networks, Inc. | Identifying applications for intrusion detection systems |
| CN101729497A (en) * | 2008-10-22 | 2010-06-09 | 国际商业机器公司 | Method and system for providing content |
| CN101888312A (en) * | 2009-05-15 | 2010-11-17 | 北京启明星辰信息技术股份有限公司 | Attack detection and response method and device of WEB page |
| CN102664881A (en) * | 2012-04-13 | 2012-09-12 | 东南大学 | Method for positioning hidden service under hypertext transfer protocol 1.1 |
| CN102916972A (en) * | 2012-11-05 | 2013-02-06 | 杭州迪普科技有限公司 | Method and device for hiding web server information |
Non-Patent Citations (1)
| Title |
|---|
| 徐远纯: "基于HTTP指纹识别的服务器安全对策", 《计算机科学》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111901218A (en) * | 2020-06-23 | 2020-11-06 | 北京天融信网络安全技术有限公司 | Message transmission method, SSLVPN proxy server, electronic device and storage medium |
| CN114422563A (en) * | 2021-12-29 | 2022-04-29 | 海南同享数字科技有限公司 | Method, device, equipment and storage medium for calling background data by page |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104767775B (en) | Web application information push method and system | |
| US9794242B2 (en) | Method, apparatus and application platform for realizing logon to an application service website | |
| US20240202372A1 (en) | Apparatus and method for securing web application server source code | |
| MY199771A (en) | Automatic login method and device between multiple websites | |
| US20140101236A1 (en) | Method and system for correlation of session activities to a browser window in a client-server environment | |
| CN102761554B (en) | Method, device and system for pushing information to client | |
| CN103577187A (en) | Method and related equipment for realizing webpage screenshot | |
| US20140214921A1 (en) | System and method for identification of an application executed on a mobile device | |
| CN110708215A (en) | Deep packet inspection rule base generation method and device, network equipment and storage medium | |
| DE602005027473D1 (en) | INTEGRATED METHOD AND DEVICE FOR MANAGING MOBILE DEVICES AND SERVICES | |
| CN104573520A (en) | Method and device for detecting permanent type cross site scripting vulnerability | |
| CN109561010B (en) | Message processing method, electronic equipment and readable storage medium | |
| CN103825772B (en) | Identifying user clicks on the method and gateway device of behavior | |
| US10291718B2 (en) | Method and apparatus for implementing communication from web page to client | |
| CN106878260B (en) | Single sign-on realization method and device | |
| CN103701779A (en) | Method and device for accessing website for second time and firewall equipment | |
| CN112261111A (en) | Method and system for realizing cross-domain access of browser in application program | |
| CN111901218A (en) | Message transmission method, SSLVPN proxy server, electronic device and storage medium | |
| CN103944962A (en) | Method for Web server information hiding and gateway equipment | |
| KR101349201B1 (en) | Apparatus for interoperability between Web-browser and Local-resources in the Mobile Device and method thereof | |
| CN105205073A (en) | Network advertisement filtering method and system based on transmission layer | |
| JP5458977B2 (en) | Relay processing method, program, and apparatus | |
| CN101911603A (en) | Service access control system and method using embedded browser agent | |
| CN103634338B (en) | Method for modifying primary domain name of webpage online, data processing device and system | |
| CN103533001A (en) | Communication method and communication system based on HTTP multi-proxy, and intermediate proxy server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140723 |
|
| RJ01 | Rejection of invention patent application after publication |