CN104252584B - The method and apparatus of guarding website content - Google Patents

The method and apparatus of guarding website content Download PDF

Info

Publication number
CN104252584B
CN104252584B CN201310268038.2A CN201310268038A CN104252584B CN 104252584 B CN104252584 B CN 104252584B CN 201310268038 A CN201310268038 A CN 201310268038A CN 104252584 B CN104252584 B CN 104252584B
Authority
CN
China
Prior art keywords
port
user
web site
opened
site contents
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201310268038.2A
Other languages
Chinese (zh)
Other versions
CN104252584A (en
Inventor
云朋
石功
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Digital Technologies Suzhou Co Ltd
Original Assignee
Huawei Digital Technologies Suzhou Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Digital Technologies Suzhou Co Ltd filed Critical Huawei Digital Technologies Suzhou Co Ltd
Priority to CN201310268038.2A priority Critical patent/CN104252584B/en
Publication of CN104252584A publication Critical patent/CN104252584A/en
Application granted granted Critical
Publication of CN104252584B publication Critical patent/CN104252584B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the present invention provides a kind of method and apparatus of guarding website content; analyzed by the data flow treated by port transmission; obtain the character string of data flow; if above-mentioned character string belongs to the character string of web site contents; then block the transmission of data flow; the transmission for the data flow for belonging to web site contents has been blocked, so as to realize the protection to web site contents, has improved the reliability to web site contents protection.

Description

The method and apparatus of guarding website content
Technical field
The present embodiments relate to computer technology, more particularly to a kind of method and apparatus of guarding website content.
Background technology
With the rapid development of computer technology, web site contents safety problem causes the attention of people.
Web site contents refer to that network can not be passed through(web)The content that the page directly downloads, web site contents are the source generation of website Code file or database file, for guarding website content, prior art by web site contents being encrypted to realize, Specifically, when there are web site contents to be stored on website, web site contents are encrypted using encryption key, storage adds Web site contents after close processing, and by used encryption key be stored in access cipher key list in, when need obtain website in Rong Shi, obtained according to user right and access cipher key list, the encryption key of above-mentioned web site contents is obtained from access cipher key list, Processing is decrypted to the web site contents after encryption using above-mentioned encryption key, to obtain in the website after decryption processing Hold.
However, using the method for prior art, for the encryption key that web site contents are encrypted is easy to by Invasion person obtains, and therefore, the reliability that the method for prior art is protected to web site contents is not high.
The content of the invention
The embodiment of the present invention provides a kind of method and apparatus of guarding website content, with improve to web site contents protection can By property.
First aspect of the embodiment of the present invention provides a kind of method of guarding website content, including:
Treat and analyzed by the data flow of port transmission, obtain the character string of the data flow;
If the character string belongs to the character string of web site contents, the transmission of the data flow is blocked.
With reference in a first aspect, in the first possible implementation, described treat is flowed into by the data of port transmission Before row analysis, in addition to:
Judge to have opened whether port is the port opened by system command;
If the port for judging to have opened port to open by system command, perform described in treat by port transmission Data flow is analyzed;
If judging to have opened port not as the port opened by system command, the port is closed.
With reference to the first possible implementation, in second of possible implementation, if judging to have opened port not For after the port opened by system command, in addition to:
Judge opened port whether be by pre-set user input instruction unpack port, wherein, the default use Family is the user for having legal opening port authority;
If judging to have opened port as the port of the instruction unpack inputted by pre-set user, wait to pass through end described in execution The data flow of port transmission is analyzed;
If judging to have opened port not as the port of the instruction unpack inputted by pre-set user, the closing institute is performed State port.
With reference in a first aspect, or first aspect the first possible implementation or second of possible implementation, In the third possible implementation, it is described treat analyzed by the data flow of port transmission before, in addition to:
The file attribute of web site contents is set, and the file attribute is blacklist or white list, and file attribute is blacklist Web site contents do not allow user to make any modification operation to it, file attribute does not allow user couple for the web site contents of white list It makes the modification operation of preset kind, and the modification operation of the preset kind includes following any operations:By running non-system The application program of system to web site contents encode the operation of modification;The script write by running user is carried out to web site contents The operation of modification;The operation that web site contents are modified by non-network server webserver;
Whether the file attribute for judging the web site contents of user's operation is blacklist;
If judging, the file attribute of the web site contents of user's operation for blacklist, prevents the user from operating;
If judging the file attribute of the web site contents of user's operation not for blacklist, judge whether user's operation belongs to Operated in the modification of the preset kind;
If judging, user's operation belongs to the modification operation of the preset kind, prevents the user from operating.
With reference to second of possible implementation, in the 4th kind of possible implementation, port has been opened in the judgement Whether it is to be included by the port of the instruction unpack of pre-set user input:
Pre-set user list is set;
Judge opened port whether be in pre-set user list user input instruction unpack port.
Second aspect of the embodiment of the present invention provides a kind of device of guarding website content, including:
Acquisition module, the data flow for treating by port transmission are analyzed, and obtain the character string of the data flow;
Processing module, if belonging to the character string of web site contents for the character string, block the transmission of the data flow.
With reference to second aspect, in the first possible implementation, the processing module, which is additionally operable to treat, passes through port Before the data flow of transmission is analyzed, judge to have opened whether port is the port opened by system command;If judge It is the port opened by system command to open port, then the data by port transmission are treated described in the acquisition module execution Stream is analyzed;If judging to have opened port not as the port opened by system command, the port is closed.
With reference to the first possible implementation, in second of possible implementation, the processing module, it is additionally operable to If judge to have opened port not as after the port opened by system command, judgement has opened whether port is to be used by default The port of the instruction unpack of family input, wherein, the pre-set user is the user for having legal opening port authority;If judge The port that port is the instruction unpack inputted by pre-set user is opened, then treats to flow into by the data of port transmission described in execution Row analysis;If judging to have opened port not as the port of the instruction unpack inputted by pre-set user, the closing institute is performed State port.
With reference to the possible implementation of the first of second aspect or second aspect or second of possible implementation, In the third possible implementation, the processing module, it is additionally operable to treat the data flow by port transmission in acquisition module Before being analyzed, the file attribute of web site contents is set, the file attribute is blacklist or white list, and file attribute is black The web site contents of list do not allow user to make any modification operation to it, and file attribute does not allow to use for the web site contents of white list The modification operation of preset kind is made at family to it, and the modification operation of the preset kind includes following any operations:Pass through operation The application program of nonsystematic to web site contents encode the operation of modification;By running script that user writes to web site contents The operation modified;The operation that web site contents are modified by non-network server webserver;Judge that user operates The file attributes of web site contents whether be blacklist;If judging the file attribute of the web site contents of user's operation for blacklist, The user is then prevented to operate;If judging, the file attribute of the web site contents of user's operation not for blacklist, judges the use Whether family operation belongs to the modification operation of the preset kind;If judging, user's operation belongs to the modification of the preset kind Operation, then the user is prevented to operate.
With reference to second of possible implementation, in the 4th kind of possible implementation, the processing module is specifically used In judge opened port whether be by pre-set user input instruction unpack port before, set pre-set user list; Judge opened port whether be in pre-set user list user input instruction unpack port.
The method and apparatus of guarding website content provided in an embodiment of the present invention, by treating the data by port transmission Stream is analyzed, and obtains the character string of data flow, if above-mentioned character string belongs to the character string of web site contents, blocks data flow Transmission, that is, blocked the transmission for the data flow for belonging to web site contents, so as to realize the protection to web site contents, improved in website Hold the reliability of protection.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are this hairs Some bright embodiments, for those of ordinary skill in the art, without having to pay creative labor, can be with Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of the embodiment of the method one of guarding website content of the present invention;
Fig. 2 is the schematic flow sheet of the embodiment of the method two of guarding website content of the present invention;
Fig. 3 is the schematic flow sheet of the embodiment of the method three of guarding website content of the present invention;
Fig. 4 is the schematic flow sheet of the embodiment of the method four of guarding website content of the present invention;
Fig. 5 is the structural representation of the device embodiment one of guarding website content of the present invention.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is Part of the embodiment of the present invention, rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art The every other embodiment obtained under the premise of creative work is not made, belongs to the scope of protection of the invention.
With the rapid development of computer technology, the phenomenon that hacker attacks web server steals web site contents causes extensively General concern, the process that hacker steals web site contents include getting net inside invasion web server and from web server internals After content of standing and it is transferred to outside web server, the present invention is mainly got in website in hacker inside web server After appearance and it is transferred in web server external procedure the web site contents of transmission is blocked, so as to realizes to web site contents Protection, improve to web site contents protection reliability.
Technical scheme is described in detail with several specific embodiments below.
Fig. 1 be guarding website content of the present invention embodiment of the method one schematic flow sheet, the executive agent of the present embodiment It is the device of guarding website content, the device can be arranged between web server and fire wall, as shown in figure 1, the present embodiment Method include:
S101:Treat and analyzed by the data flow of port transmission, obtain the character string of data flow.
S102:If above-mentioned character string belongs to the character string of web site contents, the transmission of data flow is blocked.
The web site contents that any need is transferred to outside web server are required for including a lot by port transmission, port Kind, for example, 80 ports for browsing web service, for FTP(File Transfer Protocol, below Referred to as:FTP)21 ports of service, for Simple Mail Transfer protocol(Simple Mail Transfer Protocol, below Referred to as:SMTP)25 ports etc., on the premise of being opened in port, invader can be transmitted web site contents by above-mentioned port To outside web server, in order to prevent the generation of above-mentioned behavior, the present embodiment is treated to be divided by the data flow of port transmission Analysis, that is, above-mentioned data flow is analyzed before data flow is by port transmission to web server outside, obtain data The character string of stream, and judge whether above-mentioned character string belongs to the character string of web site contents, web site contents are literary for the source code of website Part or database file;If so, then explanation treats that by the data flow of port transmission be web site contents, then the biography of data flow is blocked It is defeated, so as to realize the protection to web site contents.
In the present embodiment, analyzed by the data flow treated by port transmission, obtain the character string of data flow, if Above-mentioned character string belongs to the character string of web site contents, then blocks the transmission of data flow, that is, blocked the data for belonging to web site contents The transmission of stream, so as to realize the protection to web site contents, improve the reliability to web site contents protection.
Fig. 2 be guarding website content of the present invention embodiment of the method two schematic flow sheet, the executive agent of the present embodiment It is guarding website content device, the device can be arranged between web server and fire wall.Except some special ports Default conditions are that the default conditions of remaining port are closed mode outside open mode, such as browsing 80 ends of web service Mouth default conditions are open mode, and the default conditions for being used for 21 ports, 25 ports for SMTP etc. of FTP services are pass Closed state, when hacker is to by port transmission data flow that default conditions are closed mode, then first input instruction is needed to open The port, then data stream transmitting could be carried out by the port, the present embodiment is judged by ported instruction of fighting each other, By by the port shutdown of nonsystematic instruction unpack, so as to prevent hacker by web page contents from the end that default conditions are closed mode Oral instructions export network, as shown in Fig. 2 the method for the present embodiment includes:
S201:Judge to have opened whether port is the port opened by system command, if it is not, S202 is performed, if so, Perform S203.
It is, the port opened by system command just allows to carry out data stream transmitting by the port.Pass through other The port of instruction unpack, it is believed that the user for opening the port is hacker, then does not allow to spread transmission by port progress data. Therefore, if it is not the port opened by system command to have opened port, S202 is performed.If port has been opened to pass through The port that system command is opened, then perform S203.
S202:Above-mentioned port is closed, terminates flow.
Hacker is prevented by above-mentioned port transmission data flow by closing above-mentioned port, it is above-mentioned so as to prevent hacker to pass through Port transmission web site contents.
S203:Treat and analyzed by the data flow of port transmission, obtain the character string of data flow.
S204:If above-mentioned character string belongs to the character string of web site contents, the transmission of data flow is blocked.
Step S203 and step S204 be user in the port transmission data flow opened by system command, pass through logarithm According to the analysis of stream, the character string of data flow is obtained, the data flow that there is identical character string with web site contents is blocked, so as to realize Protection to web site contents.
In the present embodiment, by judging to have opened whether port is by the port of system command opening, if judging to have beaten Ported is not the port opened by system command, then closes above-mentioned port, block hacker to pass through nonsystematic instruction unpack end Mouthful and transmitting data stream carry out stealing web site contents behavior, if the port for judging to have opened port to open by system command, Then treat and analyzed by the data flow of port transmission, obtain the character string of data flow, if above-mentioned character string belongs in website The character string of appearance, then the transmission of data flow is blocked, i.e., hacker couple has been blocked by the analysis of the data flow to transmission content itself Belong to the behavior of the data stream transmitting of web site contents, so as to realize the protection to web site contents, improve to web site contents protection Reliability.
Fig. 3 be guarding website content of the present invention embodiment of the method three schematic flow sheet, the executive agent of the present embodiment It is guarding website content device, the device can be arranged between web server and fire wall, and Fig. 3 and embodiment illustrated in fig. 2 are not With only allowing the port transmission data flow opened by system command, and embodiment illustrated in fig. 3 in embodiment illustrated in fig. 2 Allow the port transmission data flow of instruction unpack inputted by system command or pre-set user, as shown in figure 3, the present embodiment Method include:
S301:Judge to have opened whether port is the port opened by system command, if so, S302 is performed, if it is not, holding Row S304.
S302:Treat and analyzed by the data flow of port transmission, obtain the character string of data flow.
S303:If above-mentioned character string belongs to the character string of web site contents, the transmission of data flow is blocked.
Step S302 is similar with the step S102 shown in Fig. 1 and step S103 with step S303, will not be repeated here.
S304:Judge to have opened whether port is the port of the instruction unpack inputted by pre-set user, if so, performing S302, if it is not, performing S305.
Wherein, the pre-set user is the user for having legal opening port authority.
Alternatively, before step S304 is performed, in addition to pre-set user list is set, then step S304 is specially and sentenced It is disconnected opened port whether be user's input in pre-set user list instruction unpack port.
S305:Above-mentioned port is closed, terminates flow.
In the present embodiment, by judging to have opened whether port is by the port of system command opening, if judging to have beaten Ported is the port opened by system command, then treats and analyzed by the data flow of port transmission, obtains data flow Character string, if above-mentioned character string belongs to the character string of web site contents, block the transmission of data flow.
It is, the port opened by system command just allows by the port transmission data flow, then further to pass through Treat and analyzed by the data flow of port transmission, obtain the character string of data flow, if above-mentioned character string belongs to web site contents Character string, then block the transmission of data flow, i.e., hacker blocked to category by the analysis of the data flow to transmission content itself In the behavior of the data stream transmitting of web site contents, so as to realize the protection to web site contents.
If judging to have opened port not as the port opened by system command, determine whether opened port For the port of the instruction unpack inputted by pre-set user, if judging, opened port beats as the instruction inputted by pre-set user The port opened, then treat and analyzed by the data flow of port transmission, obtain the character string of data flow, if above-mentioned character string category In the character string of web site contents, then the transmission of data flow is blocked.If judge to have opened port not to be inputted by pre-set user The port of instruction unpack, then above-mentioned port is closed, terminate flow.
It is, the port of the instruction unpack inputted by pre-set user allows by the port transmission data flow, then to enter One step is analyzed by the data flow treated by port transmission, obtains the character string of data flow, if above-mentioned character string belongs to The character string of web site contents, then the transmission of data flow is blocked, i.e., is blocked by the analysis of the data flow to transmission content itself Hacker is to belonging to the behavior of the data stream transmitting of web site contents.If it is not by system command nor defeated by pre-set user The port of the instruction unpack entered, then above-mentioned port is closed, block port transmission data flow of the hacker by nonsystematic instruction unpack Carry out stealing web site contents behavior, so as to realize the protection to web site contents.
In the present embodiment, by closing the port opened by nonsystematic instruction or non-pre-set user input instruction, resistance Hacker of having broken steals the behavior of web site contents by above-mentioned port, so as to realize the protection to web site contents, improves in website Hold the reliability of protection.
It is understood that in the embodiment shown in fig. 3, it can also first judge to have opened whether port is to use by default The port of the instruction unpack of family input, if judging to have opened port as the port of the instruction unpack inputted by pre-set user, Treat and analyzed by the data flow of port transmission, obtain the character string of data flow.If judge to have opened port not to pass through The port of the instruction unpack of pre-set user input, then further judge to have opened whether port is to open by system command Port, if judging to have opened whether port is the port opened by system command, treat the data flow by port transmission Analyzed, obtain the character string of data flow.If judge to have opened port not as the instruction unpack that is inputted by pre-set user Port, then above-mentioned port is closed, terminate flow.It realizes that philosophy and technique effect is similar with embodiment illustrated in fig. 3, herein no longer Repeat.
Fig. 4 be guarding website content of the present invention embodiment of the method four schematic flow sheet, the executive agent of the present embodiment It is guarding website content device, the device can be arranged between web server and fire wall, and the present embodiment is in Fig. 1-Fig. 3 On the basis of any embodiment, before first step of each embodiment is performed, it can also comprise the following steps, such as Fig. 4 institutes Show:
S401:The file attribute of web site contents is set.
Wherein, the file attribute of web site contents is blacklist or white list, file attribute for blacklist web site contents not User is allowed to make any modification operation to it, file attribute does not allow user to do preset kind to it for the web site contents of white list Modification operation, the preset kind modification operation include following any operations:
Application program by running nonsystematic to web site contents encode the operation of modification;
The operation that the script write by running user is modified to web site contents;
For example, by web site contents of packing, web site contents are modified.
Pass through non-network server(webserver)The operation that web site contents are modified;
The operation by not being the progress of web services program is specifically referred to, web services program is to be specifically used to provide web clothes Program is used in business.
S402:Whether the file attribute for judging the web site contents of user's operation is blacklist, if so, S403 is performed, if It is no, perform S404.
S403:The user is prevented to operate.
S404:Judge whether user's operation belongs to the modification operation of above-mentioned preset kind, if so, S403 is then performed, If so, then perform S405.
S405:The step of performing Fig. 1 any to Fig. 3 diagrams.
In the present embodiment, by the way that web site contents are set with the file attribute of blacklist and white list, want in user by right Web site contents modify operation when stealing web site contents, by judging the file attribute of web site contents, prevent user to text Part attribute is that the web site contents of blacklist carry out any modification operation, prevents web site contents of the user to file attribute for white list The modification operation of preset kind is carried out, in conjunction with the technical scheme of Fig. 1-Fig. 3 any embodiments, realizes the guarantor to web site contents Shield, improve the reliability to web site contents protection.
Fig. 5 is the structural representation of the device embodiment one of guarding website content of the present invention, as shown in figure 5, the present embodiment Device include acquisition module 51 and processing module 52, wherein, acquisition module 51 is used to treat data flow by port transmission Analyzed, obtain the character string of data flow;If processing module 52 is used for the character string that character string belongs to web site contents, block The transmission of data flow.
The device of the present embodiment can be used for the technical scheme for performing embodiment of the method shown in Fig. 1, its realization principle and technology Effect is similar, and here is omitted.
In the above-described embodiments, processing module 52 is additionally operable to treat analyzed by the data flow of port transmission before, Judge to have opened whether port is the port opened by system command;If judge to have opened port to open by system command Port, then acquisition module perform and treat and is analyzed by the data flow of port transmission;If judging, it is not logical to have opened port The port of system command opening is crossed, then close port.
The device of the present embodiment can be used for the technical scheme for performing embodiment of the method shown in Fig. 2, its realization principle and technology Effect is similar, and here is omitted.
In the above-described embodiments, if processing module 52 is additionally operable to judge to have opened port not to be opened by system command After port, judge opened port whether be by pre-set user input instruction unpack port, wherein, pre-set user is User with legal opening port authority;If judge to have opened port as the end of the instruction unpack inputted by pre-set user Mouthful, then perform and treat to be analyzed by the data flow of port transmission;If judge to have opened port not to be inputted by pre-set user Instruction unpack port, then perform close port.
The device of the present embodiment can be used for the technical scheme for performing embodiment of the method shown in Fig. 3, its realization principle and technology Effect is similar, and here is omitted.
In the above-described embodiments, processing module 52 is additionally operable to treat in acquisition module and carried out by the data flow of port transmission Before analysis, the file attribute of web site contents is set, file attribute is blacklist or white list, and file attribute is the net of blacklist Content of standing does not allow user to make any modification operation to it, and file attribute does not allow user to do it for the web site contents of white list The modification operation of preset kind, the modification operation of preset kind include following any operations:By the application for running nonsystematic Program to web site contents encode the operation of modification;The behaviour that the script write by running user is modified to web site contents Make;The operation that web site contents are modified by non-network server webserver;Judge the web site contents of user's operation Whether file attribute is blacklist;If judging, the file attribute of the web site contents of user's operation for blacklist, prevents user from grasping Make;If judging, the file attribute of the web site contents of user's operation not for blacklist, judges whether user's operation belongs to default class The modification operation of type;If judging, user's operation belongs to the modification operation of preset kind, prevents user from operating.
In the above-described embodiments, processing module 52 is specifically used for judging to have opened whether port is to input by pre-set user Instruction unpack port before, set pre-set user list;Judge to have opened whether port is use in pre-set user list The port of the instruction unpack of family input.
The device of the present embodiment can be used for the technical scheme for performing embodiment of the method shown in Fig. 4, its realization principle and technology Effect is similar, and here is omitted.
One of ordinary skill in the art will appreciate that:Realizing all or part of step of above-mentioned each method embodiment can lead to The related hardware of programmed instruction is crossed to complete.Foregoing program can be stored in a computer read/write memory medium.The journey Sequence upon execution, execution the step of including above-mentioned each method embodiment;And foregoing storage medium includes:ROM, RAM, magnetic disc or Person's CD etc. is various can be with the medium of store program codes.
Finally it should be noted that:Various embodiments above is merely illustrative of the technical solution of the present invention, rather than its limitations;To the greatest extent The present invention is described in detail with reference to foregoing embodiments for pipe, it will be understood by those within the art that:Its according to The technical scheme described in foregoing embodiments can so be modified, either which part or all technical characteristic are entered Row equivalent substitution;And these modifications or replacement, the essence of appropriate technical solution is departed from various embodiments of the present invention technology The scope of scheme.

Claims (10)

  1. A kind of 1. method of guarding website content, it is characterised in that including:
    Treat and analyzed by port to the data flow transmitted outside web server, obtain the character string of the data flow, institute State the port that port is the web server;
    If the character string belongs to the character string of web site contents, the transmission of the data flow is blocked, the web site contents are net The source code file or database file stood.
  2. 2. according to the method for claim 1, it is characterised in that described to treat by port to transmitting outside web server Data flow analyzed before, in addition to:
    Judge to have opened whether port is the port opened by system command;
    If the port for judging to have opened port to open by system command, perform described in treat data by port transmission Stream is analyzed;
    If judging to have opened port not as the port opened by system command, the port is closed.
  3. 3. according to the method for claim 2, it is characterised in that if judging to have opened port not to be opened by system command Port after, in addition to:
    Judge opened port whether be by pre-set user input instruction unpack port, wherein, the pre-set user is User with legal opening port authority;
    If judging to have opened port as the port of the instruction unpack inputted by pre-set user, treated described in execution and pass through port The data flow of transmission is analyzed;
    If judging to have opened port not as the port of the instruction unpack inputted by pre-set user, the closing end is performed Mouthful.
  4. 4. according to the method described in claim any one of 1-3, it is characterised in that described to treat by port to web server Before the data flow of outside transmission is analyzed, in addition to:
    The file attribute of web site contents is set, and the file attribute is blacklist or white list, and file attribute is the net of blacklist Content of standing does not allow user to make any modification operation to it, and file attribute does not allow user to do it for the web site contents of white list The modification operation of preset kind, the modification operation of the preset kind include following any operations:By running nonsystematic Application program to web site contents encode the operation of modification;The script write by running user is modified to web site contents Operation;The operation that web site contents are modified by non-network server webserver;
    Whether the file attribute for judging the web site contents of user's operation is blacklist;
    If judging, the file attribute of the web site contents of user's operation for blacklist, prevents the user from operating;
    If judging the file attribute of the web site contents of user's operation not for blacklist, judge whether user's operation belongs to institute State the modification operation of preset kind;
    If judging, user's operation belongs to the modification operation of the preset kind, prevents the user from operating.
  5. 5. according to the method for claim 3, it is characterised in that the judgement has opened whether port is to pass through pre-set user The port of the instruction unpack of input includes:
    Pre-set user list is set;
    Judge opened port whether be in pre-set user list user input instruction unpack port.
  6. A kind of 6. device of guarding website content, it is characterised in that including:
    Acquisition module, analyzed for treating by port to the data flow transmitted outside web server, obtain the data The character string of stream, the port are the port of the web server;
    Processing module, if belonging to the character string of web site contents for the character string, the transmission of the data flow is blocked, it is described Web site contents are the source code file or database file of website.
  7. 7. device according to claim 6, it is characterised in that the processing module is additionally operable to treat by port to web Before the data flow of transmission is analyzed outside server, judge to have opened whether port is the end opened by system command Mouthful;If the port for judging to have opened port to open by system command, the acquisition module perform described in treat and pass through end The data flow of port transmission is analyzed;If judging to have opened port not as the port opened by system command, close described in Port.
  8. 8. device according to claim 7, it is characterised in that the processing module, if being additionally operable to judge to have opened port It is not after the port opened by system command, judges to have opened whether port is the instruction unpack inputted by pre-set user Port, wherein, the pre-set user be have it is legal opening port authority user;If judge to have opened port as by pre- If the port of the instruction unpack of user's input, then treat described in execution and analyzed by the data flow of port transmission;If judge The port that port is not the instruction unpack inputted by pre-set user has been opened, then has performed the closing port.
  9. 9. according to the device described in claim any one of 6-8, it is characterised in that the processing module, be additionally operable to obtaining mould Block is treated analyzed by port to the data flow transmitted outside web server before, the file attributes of web site contents is set, The file attribute is blacklist or white list, and file attribute does not allow user to do any repair to it for the web site contents of blacklist Change operation, file attribute does not allow user to make the modification operation of preset kind to it for the web site contents of white list, described default The modification operation of type includes following any operations:Application program by running nonsystematic carries out coding to web site contents and repaiied The operation changed;The operation that the script write by running user is modified to web site contents;Pass through non-network server The operation that webserver modifies to web site contents;Whether the file attribute for judging the web site contents of user's operation is black name It is single;If judging, the file attribute of the web site contents of user's operation for blacklist, prevents the user from operating;If judging, user grasps The file attribute of the web site contents of work is not blacklist, then judges whether user's operation belongs to the modification of the preset kind Operation;If judging, user's operation belongs to the modification operation of the preset kind, prevents the user from operating.
  10. 10. device according to claim 8, it is characterised in that the processing module is specifically used for judging to have opened port Whether be by pre-set user input instruction unpack port before, set pre-set user list;Port has been opened in judgement is The port of the no instruction unpack for being user's input in pre-set user list.
CN201310268038.2A 2013-06-28 2013-06-28 The method and apparatus of guarding website content Expired - Fee Related CN104252584B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310268038.2A CN104252584B (en) 2013-06-28 2013-06-28 The method and apparatus of guarding website content

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310268038.2A CN104252584B (en) 2013-06-28 2013-06-28 The method and apparatus of guarding website content

Publications (2)

Publication Number Publication Date
CN104252584A CN104252584A (en) 2014-12-31
CN104252584B true CN104252584B (en) 2018-03-09

Family

ID=52187472

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310268038.2A Expired - Fee Related CN104252584B (en) 2013-06-28 2013-06-28 The method and apparatus of guarding website content

Country Status (1)

Country Link
CN (1) CN104252584B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107483277A (en) * 2017-09-28 2017-12-15 北京小米移动软件有限公司 Port management method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1725709A (en) * 2005-06-30 2006-01-25 杭州华为三康技术有限公司 Method of linking network equipment and invading detection system
EP2007066A2 (en) * 2006-04-06 2008-12-24 Huawei Technologies Co., Ltd. A policy enforcement point and a linkage method and system for intrude detection system
CN201298918Y (en) * 2008-12-04 2009-08-26 中国移动通信集团广西有限公司 Network access control system and device
CN102857486A (en) * 2012-04-01 2013-01-02 深信服网络科技(深圳)有限公司 Next-generation application firewall system and defense method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN202652270U (en) * 2012-06-15 2013-01-02 上海理工大学 Database audit system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1725709A (en) * 2005-06-30 2006-01-25 杭州华为三康技术有限公司 Method of linking network equipment and invading detection system
EP2007066A2 (en) * 2006-04-06 2008-12-24 Huawei Technologies Co., Ltd. A policy enforcement point and a linkage method and system for intrude detection system
CN201298918Y (en) * 2008-12-04 2009-08-26 中国移动通信集团广西有限公司 Network access control system and device
CN102857486A (en) * 2012-04-01 2013-01-02 深信服网络科技(深圳)有限公司 Next-generation application firewall system and defense method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Web网站安全防御系统的研究与应用;郑继胜;《中国优秀硕士学位论文全文数据库 信息科技辑》;20090715(第07期);I139-174 *

Also Published As

Publication number Publication date
CN104252584A (en) 2014-12-31

Similar Documents

Publication Publication Date Title
CN108595989B (en) Mobile APP safety protection system and method under iOS
Hendre et al. A semantic approach to cloud security and compliance
CN104572263B (en) A kind of page data exchange method, relevant apparatus and system
Bortolozzo et al. Attacking and fixing PKCS# 11 security tokens
CN103002445A (en) Safe mobile electronic equipment for providing application services
CN109586963B (en) Cloud simulation platform security guarantee system, server, terminal and method
CN107609418A (en) Desensitization method, device, storage device and the computer equipment of text data
CN104331329B (en) The mobile office security system and method for support region management
CN110046494B (en) Big data processing method and system based on terminal
CN106506462B (en) A kind of web portal security guard method and device based on list scramble
CN104834835A (en) Universal digital rights protection method under Windows platform
CN104683477B (en) A kind of shared file operation filter method based on SMB agreements
CN109033824A (en) Cloud disk safety access method based on virtual isolation mech isolation test
WO2023053101A1 (en) Systems and methods for malicious code neutralization in execution environments
CN108566643A (en) APP access control methods, system, terminal device and storage medium
CN106203130B (en) A kind of transparent encipher-decipher method based on Intelligent Dynamic driving layer
CN106326733A (en) Method and apparatus for managing applications in mobile terminal
Akbarzadeh et al. Dependency-based security risk assessment for cyber-physical systems
CN108416224A (en) A kind of data encryption/decryption method and device
CN104252584B (en) The method and apparatus of guarding website content
CN109697366A (en) A kind of Android file transparent encipher-decipher method based on hook
CN107562514A (en) A kind of physical memory access control and partition method
CN107066888A (en) Expansible trusted users interface, method and electronic equipment
CN107967430B (en) A kind of document protection method, equipment and system
CN113626149B (en) Business secret protection method and system based on terminal virtualization

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180309

Termination date: 20190628