CN104252584B - The method and apparatus of guarding website content - Google Patents
The method and apparatus of guarding website content Download PDFInfo
- Publication number
- CN104252584B CN104252584B CN201310268038.2A CN201310268038A CN104252584B CN 104252584 B CN104252584 B CN 104252584B CN 201310268038 A CN201310268038 A CN 201310268038A CN 104252584 B CN104252584 B CN 104252584B
- Authority
- CN
- China
- Prior art keywords
- port
- user
- web site
- opened
- site contents
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the present invention provides a kind of method and apparatus of guarding website content; analyzed by the data flow treated by port transmission; obtain the character string of data flow; if above-mentioned character string belongs to the character string of web site contents; then block the transmission of data flow; the transmission for the data flow for belonging to web site contents has been blocked, so as to realize the protection to web site contents, has improved the reliability to web site contents protection.
Description
Technical field
The present embodiments relate to computer technology, more particularly to a kind of method and apparatus of guarding website content.
Background technology
With the rapid development of computer technology, web site contents safety problem causes the attention of people.
Web site contents refer to that network can not be passed through(web)The content that the page directly downloads, web site contents are the source generation of website
Code file or database file, for guarding website content, prior art by web site contents being encrypted to realize,
Specifically, when there are web site contents to be stored on website, web site contents are encrypted using encryption key, storage adds
Web site contents after close processing, and by used encryption key be stored in access cipher key list in, when need obtain website in
Rong Shi, obtained according to user right and access cipher key list, the encryption key of above-mentioned web site contents is obtained from access cipher key list,
Processing is decrypted to the web site contents after encryption using above-mentioned encryption key, to obtain in the website after decryption processing
Hold.
However, using the method for prior art, for the encryption key that web site contents are encrypted is easy to by
Invasion person obtains, and therefore, the reliability that the method for prior art is protected to web site contents is not high.
The content of the invention
The embodiment of the present invention provides a kind of method and apparatus of guarding website content, with improve to web site contents protection can
By property.
First aspect of the embodiment of the present invention provides a kind of method of guarding website content, including:
Treat and analyzed by the data flow of port transmission, obtain the character string of the data flow;
If the character string belongs to the character string of web site contents, the transmission of the data flow is blocked.
With reference in a first aspect, in the first possible implementation, described treat is flowed into by the data of port transmission
Before row analysis, in addition to:
Judge to have opened whether port is the port opened by system command;
If the port for judging to have opened port to open by system command, perform described in treat by port transmission
Data flow is analyzed;
If judging to have opened port not as the port opened by system command, the port is closed.
With reference to the first possible implementation, in second of possible implementation, if judging to have opened port not
For after the port opened by system command, in addition to:
Judge opened port whether be by pre-set user input instruction unpack port, wherein, the default use
Family is the user for having legal opening port authority;
If judging to have opened port as the port of the instruction unpack inputted by pre-set user, wait to pass through end described in execution
The data flow of port transmission is analyzed;
If judging to have opened port not as the port of the instruction unpack inputted by pre-set user, the closing institute is performed
State port.
With reference in a first aspect, or first aspect the first possible implementation or second of possible implementation,
In the third possible implementation, it is described treat analyzed by the data flow of port transmission before, in addition to:
The file attribute of web site contents is set, and the file attribute is blacklist or white list, and file attribute is blacklist
Web site contents do not allow user to make any modification operation to it, file attribute does not allow user couple for the web site contents of white list
It makes the modification operation of preset kind, and the modification operation of the preset kind includes following any operations:By running non-system
The application program of system to web site contents encode the operation of modification;The script write by running user is carried out to web site contents
The operation of modification;The operation that web site contents are modified by non-network server webserver;
Whether the file attribute for judging the web site contents of user's operation is blacklist;
If judging, the file attribute of the web site contents of user's operation for blacklist, prevents the user from operating;
If judging the file attribute of the web site contents of user's operation not for blacklist, judge whether user's operation belongs to
Operated in the modification of the preset kind;
If judging, user's operation belongs to the modification operation of the preset kind, prevents the user from operating.
With reference to second of possible implementation, in the 4th kind of possible implementation, port has been opened in the judgement
Whether it is to be included by the port of the instruction unpack of pre-set user input:
Pre-set user list is set;
Judge opened port whether be in pre-set user list user input instruction unpack port.
Second aspect of the embodiment of the present invention provides a kind of device of guarding website content, including:
Acquisition module, the data flow for treating by port transmission are analyzed, and obtain the character string of the data flow;
Processing module, if belonging to the character string of web site contents for the character string, block the transmission of the data flow.
With reference to second aspect, in the first possible implementation, the processing module, which is additionally operable to treat, passes through port
Before the data flow of transmission is analyzed, judge to have opened whether port is the port opened by system command;If judge
It is the port opened by system command to open port, then the data by port transmission are treated described in the acquisition module execution
Stream is analyzed;If judging to have opened port not as the port opened by system command, the port is closed.
With reference to the first possible implementation, in second of possible implementation, the processing module, it is additionally operable to
If judge to have opened port not as after the port opened by system command, judgement has opened whether port is to be used by default
The port of the instruction unpack of family input, wherein, the pre-set user is the user for having legal opening port authority;If judge
The port that port is the instruction unpack inputted by pre-set user is opened, then treats to flow into by the data of port transmission described in execution
Row analysis;If judging to have opened port not as the port of the instruction unpack inputted by pre-set user, the closing institute is performed
State port.
With reference to the possible implementation of the first of second aspect or second aspect or second of possible implementation,
In the third possible implementation, the processing module, it is additionally operable to treat the data flow by port transmission in acquisition module
Before being analyzed, the file attribute of web site contents is set, the file attribute is blacklist or white list, and file attribute is black
The web site contents of list do not allow user to make any modification operation to it, and file attribute does not allow to use for the web site contents of white list
The modification operation of preset kind is made at family to it, and the modification operation of the preset kind includes following any operations:Pass through operation
The application program of nonsystematic to web site contents encode the operation of modification;By running script that user writes to web site contents
The operation modified;The operation that web site contents are modified by non-network server webserver;Judge that user operates
The file attributes of web site contents whether be blacklist;If judging the file attribute of the web site contents of user's operation for blacklist,
The user is then prevented to operate;If judging, the file attribute of the web site contents of user's operation not for blacklist, judges the use
Whether family operation belongs to the modification operation of the preset kind;If judging, user's operation belongs to the modification of the preset kind
Operation, then the user is prevented to operate.
With reference to second of possible implementation, in the 4th kind of possible implementation, the processing module is specifically used
In judge opened port whether be by pre-set user input instruction unpack port before, set pre-set user list;
Judge opened port whether be in pre-set user list user input instruction unpack port.
The method and apparatus of guarding website content provided in an embodiment of the present invention, by treating the data by port transmission
Stream is analyzed, and obtains the character string of data flow, if above-mentioned character string belongs to the character string of web site contents, blocks data flow
Transmission, that is, blocked the transmission for the data flow for belonging to web site contents, so as to realize the protection to web site contents, improved in website
Hold the reliability of protection.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are this hairs
Some bright embodiments, for those of ordinary skill in the art, without having to pay creative labor, can be with
Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of the embodiment of the method one of guarding website content of the present invention;
Fig. 2 is the schematic flow sheet of the embodiment of the method two of guarding website content of the present invention;
Fig. 3 is the schematic flow sheet of the embodiment of the method three of guarding website content of the present invention;
Fig. 4 is the schematic flow sheet of the embodiment of the method four of guarding website content of the present invention;
Fig. 5 is the structural representation of the device embodiment one of guarding website content of the present invention.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention
In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is
Part of the embodiment of the present invention, rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art
The every other embodiment obtained under the premise of creative work is not made, belongs to the scope of protection of the invention.
With the rapid development of computer technology, the phenomenon that hacker attacks web server steals web site contents causes extensively
General concern, the process that hacker steals web site contents include getting net inside invasion web server and from web server internals
After content of standing and it is transferred to outside web server, the present invention is mainly got in website in hacker inside web server
After appearance and it is transferred in web server external procedure the web site contents of transmission is blocked, so as to realizes to web site contents
Protection, improve to web site contents protection reliability.
Technical scheme is described in detail with several specific embodiments below.
Fig. 1 be guarding website content of the present invention embodiment of the method one schematic flow sheet, the executive agent of the present embodiment
It is the device of guarding website content, the device can be arranged between web server and fire wall, as shown in figure 1, the present embodiment
Method include:
S101:Treat and analyzed by the data flow of port transmission, obtain the character string of data flow.
S102:If above-mentioned character string belongs to the character string of web site contents, the transmission of data flow is blocked.
The web site contents that any need is transferred to outside web server are required for including a lot by port transmission, port
Kind, for example, 80 ports for browsing web service, for FTP(File Transfer Protocol, below
Referred to as:FTP)21 ports of service, for Simple Mail Transfer protocol(Simple Mail Transfer Protocol, below
Referred to as:SMTP)25 ports etc., on the premise of being opened in port, invader can be transmitted web site contents by above-mentioned port
To outside web server, in order to prevent the generation of above-mentioned behavior, the present embodiment is treated to be divided by the data flow of port transmission
Analysis, that is, above-mentioned data flow is analyzed before data flow is by port transmission to web server outside, obtain data
The character string of stream, and judge whether above-mentioned character string belongs to the character string of web site contents, web site contents are literary for the source code of website
Part or database file;If so, then explanation treats that by the data flow of port transmission be web site contents, then the biography of data flow is blocked
It is defeated, so as to realize the protection to web site contents.
In the present embodiment, analyzed by the data flow treated by port transmission, obtain the character string of data flow, if
Above-mentioned character string belongs to the character string of web site contents, then blocks the transmission of data flow, that is, blocked the data for belonging to web site contents
The transmission of stream, so as to realize the protection to web site contents, improve the reliability to web site contents protection.
Fig. 2 be guarding website content of the present invention embodiment of the method two schematic flow sheet, the executive agent of the present embodiment
It is guarding website content device, the device can be arranged between web server and fire wall.Except some special ports
Default conditions are that the default conditions of remaining port are closed mode outside open mode, such as browsing 80 ends of web service
Mouth default conditions are open mode, and the default conditions for being used for 21 ports, 25 ports for SMTP etc. of FTP services are pass
Closed state, when hacker is to by port transmission data flow that default conditions are closed mode, then first input instruction is needed to open
The port, then data stream transmitting could be carried out by the port, the present embodiment is judged by ported instruction of fighting each other,
By by the port shutdown of nonsystematic instruction unpack, so as to prevent hacker by web page contents from the end that default conditions are closed mode
Oral instructions export network, as shown in Fig. 2 the method for the present embodiment includes:
S201:Judge to have opened whether port is the port opened by system command, if it is not, S202 is performed, if so,
Perform S203.
It is, the port opened by system command just allows to carry out data stream transmitting by the port.Pass through other
The port of instruction unpack, it is believed that the user for opening the port is hacker, then does not allow to spread transmission by port progress data.
Therefore, if it is not the port opened by system command to have opened port, S202 is performed.If port has been opened to pass through
The port that system command is opened, then perform S203.
S202:Above-mentioned port is closed, terminates flow.
Hacker is prevented by above-mentioned port transmission data flow by closing above-mentioned port, it is above-mentioned so as to prevent hacker to pass through
Port transmission web site contents.
S203:Treat and analyzed by the data flow of port transmission, obtain the character string of data flow.
S204:If above-mentioned character string belongs to the character string of web site contents, the transmission of data flow is blocked.
Step S203 and step S204 be user in the port transmission data flow opened by system command, pass through logarithm
According to the analysis of stream, the character string of data flow is obtained, the data flow that there is identical character string with web site contents is blocked, so as to realize
Protection to web site contents.
In the present embodiment, by judging to have opened whether port is by the port of system command opening, if judging to have beaten
Ported is not the port opened by system command, then closes above-mentioned port, block hacker to pass through nonsystematic instruction unpack end
Mouthful and transmitting data stream carry out stealing web site contents behavior, if the port for judging to have opened port to open by system command,
Then treat and analyzed by the data flow of port transmission, obtain the character string of data flow, if above-mentioned character string belongs in website
The character string of appearance, then the transmission of data flow is blocked, i.e., hacker couple has been blocked by the analysis of the data flow to transmission content itself
Belong to the behavior of the data stream transmitting of web site contents, so as to realize the protection to web site contents, improve to web site contents protection
Reliability.
Fig. 3 be guarding website content of the present invention embodiment of the method three schematic flow sheet, the executive agent of the present embodiment
It is guarding website content device, the device can be arranged between web server and fire wall, and Fig. 3 and embodiment illustrated in fig. 2 are not
With only allowing the port transmission data flow opened by system command, and embodiment illustrated in fig. 3 in embodiment illustrated in fig. 2
Allow the port transmission data flow of instruction unpack inputted by system command or pre-set user, as shown in figure 3, the present embodiment
Method include:
S301:Judge to have opened whether port is the port opened by system command, if so, S302 is performed, if it is not, holding
Row S304.
S302:Treat and analyzed by the data flow of port transmission, obtain the character string of data flow.
S303:If above-mentioned character string belongs to the character string of web site contents, the transmission of data flow is blocked.
Step S302 is similar with the step S102 shown in Fig. 1 and step S103 with step S303, will not be repeated here.
S304:Judge to have opened whether port is the port of the instruction unpack inputted by pre-set user, if so, performing
S302, if it is not, performing S305.
Wherein, the pre-set user is the user for having legal opening port authority.
Alternatively, before step S304 is performed, in addition to pre-set user list is set, then step S304 is specially and sentenced
It is disconnected opened port whether be user's input in pre-set user list instruction unpack port.
S305:Above-mentioned port is closed, terminates flow.
In the present embodiment, by judging to have opened whether port is by the port of system command opening, if judging to have beaten
Ported is the port opened by system command, then treats and analyzed by the data flow of port transmission, obtains data flow
Character string, if above-mentioned character string belongs to the character string of web site contents, block the transmission of data flow.
It is, the port opened by system command just allows by the port transmission data flow, then further to pass through
Treat and analyzed by the data flow of port transmission, obtain the character string of data flow, if above-mentioned character string belongs to web site contents
Character string, then block the transmission of data flow, i.e., hacker blocked to category by the analysis of the data flow to transmission content itself
In the behavior of the data stream transmitting of web site contents, so as to realize the protection to web site contents.
If judging to have opened port not as the port opened by system command, determine whether opened port
For the port of the instruction unpack inputted by pre-set user, if judging, opened port beats as the instruction inputted by pre-set user
The port opened, then treat and analyzed by the data flow of port transmission, obtain the character string of data flow, if above-mentioned character string category
In the character string of web site contents, then the transmission of data flow is blocked.If judge to have opened port not to be inputted by pre-set user
The port of instruction unpack, then above-mentioned port is closed, terminate flow.
It is, the port of the instruction unpack inputted by pre-set user allows by the port transmission data flow, then to enter
One step is analyzed by the data flow treated by port transmission, obtains the character string of data flow, if above-mentioned character string belongs to
The character string of web site contents, then the transmission of data flow is blocked, i.e., is blocked by the analysis of the data flow to transmission content itself
Hacker is to belonging to the behavior of the data stream transmitting of web site contents.If it is not by system command nor defeated by pre-set user
The port of the instruction unpack entered, then above-mentioned port is closed, block port transmission data flow of the hacker by nonsystematic instruction unpack
Carry out stealing web site contents behavior, so as to realize the protection to web site contents.
In the present embodiment, by closing the port opened by nonsystematic instruction or non-pre-set user input instruction, resistance
Hacker of having broken steals the behavior of web site contents by above-mentioned port, so as to realize the protection to web site contents, improves in website
Hold the reliability of protection.
It is understood that in the embodiment shown in fig. 3, it can also first judge to have opened whether port is to use by default
The port of the instruction unpack of family input, if judging to have opened port as the port of the instruction unpack inputted by pre-set user,
Treat and analyzed by the data flow of port transmission, obtain the character string of data flow.If judge to have opened port not to pass through
The port of the instruction unpack of pre-set user input, then further judge to have opened whether port is to open by system command
Port, if judging to have opened whether port is the port opened by system command, treat the data flow by port transmission
Analyzed, obtain the character string of data flow.If judge to have opened port not as the instruction unpack that is inputted by pre-set user
Port, then above-mentioned port is closed, terminate flow.It realizes that philosophy and technique effect is similar with embodiment illustrated in fig. 3, herein no longer
Repeat.
Fig. 4 be guarding website content of the present invention embodiment of the method four schematic flow sheet, the executive agent of the present embodiment
It is guarding website content device, the device can be arranged between web server and fire wall, and the present embodiment is in Fig. 1-Fig. 3
On the basis of any embodiment, before first step of each embodiment is performed, it can also comprise the following steps, such as Fig. 4 institutes
Show:
S401:The file attribute of web site contents is set.
Wherein, the file attribute of web site contents is blacklist or white list, file attribute for blacklist web site contents not
User is allowed to make any modification operation to it, file attribute does not allow user to do preset kind to it for the web site contents of white list
Modification operation, the preset kind modification operation include following any operations:
Application program by running nonsystematic to web site contents encode the operation of modification;
The operation that the script write by running user is modified to web site contents;
For example, by web site contents of packing, web site contents are modified.
Pass through non-network server(webserver)The operation that web site contents are modified;
The operation by not being the progress of web services program is specifically referred to, web services program is to be specifically used to provide web clothes
Program is used in business.
S402:Whether the file attribute for judging the web site contents of user's operation is blacklist, if so, S403 is performed, if
It is no, perform S404.
S403:The user is prevented to operate.
S404:Judge whether user's operation belongs to the modification operation of above-mentioned preset kind, if so, S403 is then performed,
If so, then perform S405.
S405:The step of performing Fig. 1 any to Fig. 3 diagrams.
In the present embodiment, by the way that web site contents are set with the file attribute of blacklist and white list, want in user by right
Web site contents modify operation when stealing web site contents, by judging the file attribute of web site contents, prevent user to text
Part attribute is that the web site contents of blacklist carry out any modification operation, prevents web site contents of the user to file attribute for white list
The modification operation of preset kind is carried out, in conjunction with the technical scheme of Fig. 1-Fig. 3 any embodiments, realizes the guarantor to web site contents
Shield, improve the reliability to web site contents protection.
Fig. 5 is the structural representation of the device embodiment one of guarding website content of the present invention, as shown in figure 5, the present embodiment
Device include acquisition module 51 and processing module 52, wherein, acquisition module 51 is used to treat data flow by port transmission
Analyzed, obtain the character string of data flow;If processing module 52 is used for the character string that character string belongs to web site contents, block
The transmission of data flow.
The device of the present embodiment can be used for the technical scheme for performing embodiment of the method shown in Fig. 1, its realization principle and technology
Effect is similar, and here is omitted.
In the above-described embodiments, processing module 52 is additionally operable to treat analyzed by the data flow of port transmission before,
Judge to have opened whether port is the port opened by system command;If judge to have opened port to open by system command
Port, then acquisition module perform and treat and is analyzed by the data flow of port transmission;If judging, it is not logical to have opened port
The port of system command opening is crossed, then close port.
The device of the present embodiment can be used for the technical scheme for performing embodiment of the method shown in Fig. 2, its realization principle and technology
Effect is similar, and here is omitted.
In the above-described embodiments, if processing module 52 is additionally operable to judge to have opened port not to be opened by system command
After port, judge opened port whether be by pre-set user input instruction unpack port, wherein, pre-set user is
User with legal opening port authority;If judge to have opened port as the end of the instruction unpack inputted by pre-set user
Mouthful, then perform and treat to be analyzed by the data flow of port transmission;If judge to have opened port not to be inputted by pre-set user
Instruction unpack port, then perform close port.
The device of the present embodiment can be used for the technical scheme for performing embodiment of the method shown in Fig. 3, its realization principle and technology
Effect is similar, and here is omitted.
In the above-described embodiments, processing module 52 is additionally operable to treat in acquisition module and carried out by the data flow of port transmission
Before analysis, the file attribute of web site contents is set, file attribute is blacklist or white list, and file attribute is the net of blacklist
Content of standing does not allow user to make any modification operation to it, and file attribute does not allow user to do it for the web site contents of white list
The modification operation of preset kind, the modification operation of preset kind include following any operations:By the application for running nonsystematic
Program to web site contents encode the operation of modification;The behaviour that the script write by running user is modified to web site contents
Make;The operation that web site contents are modified by non-network server webserver;Judge the web site contents of user's operation
Whether file attribute is blacklist;If judging, the file attribute of the web site contents of user's operation for blacklist, prevents user from grasping
Make;If judging, the file attribute of the web site contents of user's operation not for blacklist, judges whether user's operation belongs to default class
The modification operation of type;If judging, user's operation belongs to the modification operation of preset kind, prevents user from operating.
In the above-described embodiments, processing module 52 is specifically used for judging to have opened whether port is to input by pre-set user
Instruction unpack port before, set pre-set user list;Judge to have opened whether port is use in pre-set user list
The port of the instruction unpack of family input.
The device of the present embodiment can be used for the technical scheme for performing embodiment of the method shown in Fig. 4, its realization principle and technology
Effect is similar, and here is omitted.
One of ordinary skill in the art will appreciate that:Realizing all or part of step of above-mentioned each method embodiment can lead to
The related hardware of programmed instruction is crossed to complete.Foregoing program can be stored in a computer read/write memory medium.The journey
Sequence upon execution, execution the step of including above-mentioned each method embodiment;And foregoing storage medium includes:ROM, RAM, magnetic disc or
Person's CD etc. is various can be with the medium of store program codes.
Finally it should be noted that:Various embodiments above is merely illustrative of the technical solution of the present invention, rather than its limitations;To the greatest extent
The present invention is described in detail with reference to foregoing embodiments for pipe, it will be understood by those within the art that:Its according to
The technical scheme described in foregoing embodiments can so be modified, either which part or all technical characteristic are entered
Row equivalent substitution;And these modifications or replacement, the essence of appropriate technical solution is departed from various embodiments of the present invention technology
The scope of scheme.
Claims (10)
- A kind of 1. method of guarding website content, it is characterised in that including:Treat and analyzed by port to the data flow transmitted outside web server, obtain the character string of the data flow, institute State the port that port is the web server;If the character string belongs to the character string of web site contents, the transmission of the data flow is blocked, the web site contents are net The source code file or database file stood.
- 2. according to the method for claim 1, it is characterised in that described to treat by port to transmitting outside web server Data flow analyzed before, in addition to:Judge to have opened whether port is the port opened by system command;If the port for judging to have opened port to open by system command, perform described in treat data by port transmission Stream is analyzed;If judging to have opened port not as the port opened by system command, the port is closed.
- 3. according to the method for claim 2, it is characterised in that if judging to have opened port not to be opened by system command Port after, in addition to:Judge opened port whether be by pre-set user input instruction unpack port, wherein, the pre-set user is User with legal opening port authority;If judging to have opened port as the port of the instruction unpack inputted by pre-set user, treated described in execution and pass through port The data flow of transmission is analyzed;If judging to have opened port not as the port of the instruction unpack inputted by pre-set user, the closing end is performed Mouthful.
- 4. according to the method described in claim any one of 1-3, it is characterised in that described to treat by port to web server Before the data flow of outside transmission is analyzed, in addition to:The file attribute of web site contents is set, and the file attribute is blacklist or white list, and file attribute is the net of blacklist Content of standing does not allow user to make any modification operation to it, and file attribute does not allow user to do it for the web site contents of white list The modification operation of preset kind, the modification operation of the preset kind include following any operations:By running nonsystematic Application program to web site contents encode the operation of modification;The script write by running user is modified to web site contents Operation;The operation that web site contents are modified by non-network server webserver;Whether the file attribute for judging the web site contents of user's operation is blacklist;If judging, the file attribute of the web site contents of user's operation for blacklist, prevents the user from operating;If judging the file attribute of the web site contents of user's operation not for blacklist, judge whether user's operation belongs to institute State the modification operation of preset kind;If judging, user's operation belongs to the modification operation of the preset kind, prevents the user from operating.
- 5. according to the method for claim 3, it is characterised in that the judgement has opened whether port is to pass through pre-set user The port of the instruction unpack of input includes:Pre-set user list is set;Judge opened port whether be in pre-set user list user input instruction unpack port.
- A kind of 6. device of guarding website content, it is characterised in that including:Acquisition module, analyzed for treating by port to the data flow transmitted outside web server, obtain the data The character string of stream, the port are the port of the web server;Processing module, if belonging to the character string of web site contents for the character string, the transmission of the data flow is blocked, it is described Web site contents are the source code file or database file of website.
- 7. device according to claim 6, it is characterised in that the processing module is additionally operable to treat by port to web Before the data flow of transmission is analyzed outside server, judge to have opened whether port is the end opened by system command Mouthful;If the port for judging to have opened port to open by system command, the acquisition module perform described in treat and pass through end The data flow of port transmission is analyzed;If judging to have opened port not as the port opened by system command, close described in Port.
- 8. device according to claim 7, it is characterised in that the processing module, if being additionally operable to judge to have opened port It is not after the port opened by system command, judges to have opened whether port is the instruction unpack inputted by pre-set user Port, wherein, the pre-set user be have it is legal opening port authority user;If judge to have opened port as by pre- If the port of the instruction unpack of user's input, then treat described in execution and analyzed by the data flow of port transmission;If judge The port that port is not the instruction unpack inputted by pre-set user has been opened, then has performed the closing port.
- 9. according to the device described in claim any one of 6-8, it is characterised in that the processing module, be additionally operable to obtaining mould Block is treated analyzed by port to the data flow transmitted outside web server before, the file attributes of web site contents is set, The file attribute is blacklist or white list, and file attribute does not allow user to do any repair to it for the web site contents of blacklist Change operation, file attribute does not allow user to make the modification operation of preset kind to it for the web site contents of white list, described default The modification operation of type includes following any operations:Application program by running nonsystematic carries out coding to web site contents and repaiied The operation changed;The operation that the script write by running user is modified to web site contents;Pass through non-network server The operation that webserver modifies to web site contents;Whether the file attribute for judging the web site contents of user's operation is black name It is single;If judging, the file attribute of the web site contents of user's operation for blacklist, prevents the user from operating;If judging, user grasps The file attribute of the web site contents of work is not blacklist, then judges whether user's operation belongs to the modification of the preset kind Operation;If judging, user's operation belongs to the modification operation of the preset kind, prevents the user from operating.
- 10. device according to claim 8, it is characterised in that the processing module is specifically used for judging to have opened port Whether be by pre-set user input instruction unpack port before, set pre-set user list;Port has been opened in judgement is The port of the no instruction unpack for being user's input in pre-set user list.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310268038.2A CN104252584B (en) | 2013-06-28 | 2013-06-28 | The method and apparatus of guarding website content |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310268038.2A CN104252584B (en) | 2013-06-28 | 2013-06-28 | The method and apparatus of guarding website content |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104252584A CN104252584A (en) | 2014-12-31 |
CN104252584B true CN104252584B (en) | 2018-03-09 |
Family
ID=52187472
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310268038.2A Expired - Fee Related CN104252584B (en) | 2013-06-28 | 2013-06-28 | The method and apparatus of guarding website content |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104252584B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107483277A (en) * | 2017-09-28 | 2017-12-15 | 北京小米移动软件有限公司 | Port management method and device |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1725709A (en) * | 2005-06-30 | 2006-01-25 | 杭州华为三康技术有限公司 | Method of linking network equipment and invading detection system |
EP2007066A2 (en) * | 2006-04-06 | 2008-12-24 | Huawei Technologies Co., Ltd. | A policy enforcement point and a linkage method and system for intrude detection system |
CN201298918Y (en) * | 2008-12-04 | 2009-08-26 | 中国移动通信集团广西有限公司 | Network access control system and device |
CN102857486A (en) * | 2012-04-01 | 2013-01-02 | 深信服网络科技(深圳)有限公司 | Next-generation application firewall system and defense method |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN202652270U (en) * | 2012-06-15 | 2013-01-02 | 上海理工大学 | Database audit system |
-
2013
- 2013-06-28 CN CN201310268038.2A patent/CN104252584B/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1725709A (en) * | 2005-06-30 | 2006-01-25 | 杭州华为三康技术有限公司 | Method of linking network equipment and invading detection system |
EP2007066A2 (en) * | 2006-04-06 | 2008-12-24 | Huawei Technologies Co., Ltd. | A policy enforcement point and a linkage method and system for intrude detection system |
CN201298918Y (en) * | 2008-12-04 | 2009-08-26 | 中国移动通信集团广西有限公司 | Network access control system and device |
CN102857486A (en) * | 2012-04-01 | 2013-01-02 | 深信服网络科技(深圳)有限公司 | Next-generation application firewall system and defense method |
Non-Patent Citations (1)
Title |
---|
Web网站安全防御系统的研究与应用;郑继胜;《中国优秀硕士学位论文全文数据库 信息科技辑》;20090715(第07期);I139-174 * |
Also Published As
Publication number | Publication date |
---|---|
CN104252584A (en) | 2014-12-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108595989B (en) | Mobile APP safety protection system and method under iOS | |
Hendre et al. | A semantic approach to cloud security and compliance | |
CN104572263B (en) | A kind of page data exchange method, relevant apparatus and system | |
Bortolozzo et al. | Attacking and fixing PKCS# 11 security tokens | |
CN103002445A (en) | Safe mobile electronic equipment for providing application services | |
CN109586963B (en) | Cloud simulation platform security guarantee system, server, terminal and method | |
CN107609418A (en) | Desensitization method, device, storage device and the computer equipment of text data | |
CN104331329B (en) | The mobile office security system and method for support region management | |
CN110046494B (en) | Big data processing method and system based on terminal | |
CN106506462B (en) | A kind of web portal security guard method and device based on list scramble | |
CN104834835A (en) | Universal digital rights protection method under Windows platform | |
CN104683477B (en) | A kind of shared file operation filter method based on SMB agreements | |
CN109033824A (en) | Cloud disk safety access method based on virtual isolation mech isolation test | |
WO2023053101A1 (en) | Systems and methods for malicious code neutralization in execution environments | |
CN108566643A (en) | APP access control methods, system, terminal device and storage medium | |
CN106203130B (en) | A kind of transparent encipher-decipher method based on Intelligent Dynamic driving layer | |
CN106326733A (en) | Method and apparatus for managing applications in mobile terminal | |
Akbarzadeh et al. | Dependency-based security risk assessment for cyber-physical systems | |
CN108416224A (en) | A kind of data encryption/decryption method and device | |
CN104252584B (en) | The method and apparatus of guarding website content | |
CN109697366A (en) | A kind of Android file transparent encipher-decipher method based on hook | |
CN107562514A (en) | A kind of physical memory access control and partition method | |
CN107066888A (en) | Expansible trusted users interface, method and electronic equipment | |
CN107967430B (en) | A kind of document protection method, equipment and system | |
CN113626149B (en) | Business secret protection method and system based on terminal virtualization |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180309 Termination date: 20190628 |