CN107800689A - A kind of Website Usability ensures processing method and processing device - Google Patents
A kind of Website Usability ensures processing method and processing device Download PDFInfo
- Publication number
- CN107800689A CN107800689A CN201710897220.2A CN201710897220A CN107800689A CN 107800689 A CN107800689 A CN 107800689A CN 201710897220 A CN201710897220 A CN 201710897220A CN 107800689 A CN107800689 A CN 107800689A
- Authority
- CN
- China
- Prior art keywords
- access request
- target data
- website
- mirror image
- protection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012545 processing Methods 0.000 title claims abstract description 44
- 238000003672 processing method Methods 0.000 title claims abstract description 9
- 238000000034 method Methods 0.000 claims abstract description 51
- 238000007781 pre-processing Methods 0.000 claims abstract description 40
- 230000006870 function Effects 0.000 claims description 12
- 238000004590 computer program Methods 0.000 claims description 9
- 238000004140 cleaning Methods 0.000 claims description 8
- 238000004891 communication Methods 0.000 abstract description 6
- 238000010586 diagram Methods 0.000 description 8
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/951—Indexing; Web crawling techniques
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Information Transfer Between Computers (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The embodiment of the invention discloses a kind of Website Usability to ensure processing method and processing device, and method includes:The access request for the access website that user terminal is sent is received, access request is pre-processed, and target data is searched in the local cache of protection server according to pretreated access request;If not finding target data in the local cache of protection server, pretreated access request is sent to mirror image server, so that mirror image server finds target data according to pretreated access request, and target data is back to user terminal.The embodiment of the present invention to access request by pre-processing, the user terminal is back to after finding target data by mirror image server, realize that data return based on mirror image server, user terminal not with website direct communication, when source station goes wrong, remain able to provide normal service, ensure the availability of website;Target data is returned to by mirror image server simultaneously, can speed up website service.
Description
Technical Field
The embodiment of the invention relates to the technical field of network security, in particular to a method and a device for guaranteeing and processing website availability.
Background
With the development of computer technology and network technology, and the popularization and application of networks, websites such as blogs, forums, online stores, content management and the like are in endless, and communication, transaction and display between people increasingly depend on networks. The network brings convenience to people and has various risks, such as trojan horse of various websites, damage of malicious websites, information leakage and the like.
In the process of implementing the embodiment of the invention, the inventor finds that the existing website service strategy is mainly implemented based on an application layer and a network layer and based on rule matching of a blacklist, and can provide good service under the condition that the source station has normal functions, but once the source station has problems, normal service cannot be provided, namely, the availability of the website cannot be ensured.
Disclosure of Invention
Because the existing method has the problems, the embodiment of the invention provides a method and a device for guaranteeing and processing website availability.
In a first aspect, an embodiment of the present invention provides a method for guaranteeing website availability, including:
receiving an access request for accessing a website, sent by a user terminal, preprocessing the access request, and searching target data in a local cache of a protection server according to the preprocessed access request;
if the target data is not found in the local cache of the protection server, sending the preprocessed access request to a mirror image server, so that the mirror image server finds the target data according to the preprocessed access request, and returning the target data to the user terminal, thereby ensuring the usability of the website.
Optionally, before receiving an access request for accessing a website sent by a user terminal, the method further includes:
receiving protection configuration parameters sent by a configuration platform;
the protection configuration parameters comprise crawler time, re-protection time, crawler levels and mirror black and white lists.
Optionally, the method further comprises:
and generating a crawler task according to the protection configuration parameters, and mirroring the data of the target website to the mirroring server according to the crawler task.
Optionally, the method further comprises:
and if the target data is found in the local cache of the protection server, returning the target data to the user terminal.
Optionally, the receiving an access request for accessing a website sent by a user terminal, preprocessing the access request, and searching for target data in a local cache of a protection server according to the preprocessed access request specifically includes:
receiving an access request for accessing a website, which is sent by a user terminal, and preprocessing the access request;
if the fact that the website starts the re-protection function is judged and known, target data are searched in a local cache of a protection server according to the preprocessed access request; otherwise, sending the preprocessed access request to the website, and returning the 404 page or the jump page to the user terminal.
Optionally, the preprocessing the access request specifically includes:
and performing flow cleaning processing and Web application protection system protection processing on the access request.
In a second aspect, an embodiment of the present invention further provides a method for guaranteeing website availability, including:
receiving a preprocessed access request sent by a protection server, and searching target data in an index snapshot ES distributed cluster according to the preprocessed access request;
if the target data is found, acquiring the target data;
if the target data is not found, acquiring the target data in the website corresponding to the preprocessed access request;
and returning the target data to the user terminal to ensure the usability of the website.
Optionally, the apparatus further comprises:
receiving mirror image configuration parameters sent by a configuration platform, and sending a mirror image state to the configuration platform;
the mirror image configuration parameters comprise a mirror image creating cache parameter, a mirror image updating cache parameter and a mirror image deleting cache parameter.
In a third aspect, an embodiment of the present invention further provides a website availability guarantee processing apparatus, including:
the system comprises a request preprocessing module, a protection server and a data processing module, wherein the request preprocessing module is used for receiving an access request for accessing a website sent by a user terminal, preprocessing the access request and searching target data in a local cache of the protection server according to the preprocessed access request;
and the first data returning module is used for sending the preprocessed access request to a mirror image server if the target data is not found in the local cache of the protection server, so that the mirror image server finds the target data according to the preprocessed access request, and returns the target data to the user terminal, thereby ensuring the usability of the website.
Optionally, the apparatus further comprises:
the first configuration parameter receiving module is used for receiving protection configuration parameters sent by the configuration platform;
the protection configuration parameters comprise crawler time, re-protection time, crawler levels and mirror black and white lists.
Optionally, the apparatus further comprises:
and the mirror image module is used for generating a crawler task according to the protection configuration parameters and mirroring the data of the target website to the mirror image server according to the crawler task.
Optionally, the apparatus further comprises:
and the local searching module is used for returning the target data to the user terminal if the target data is searched in the local cache of the protection server.
Optionally, the request preprocessing module specifically includes:
the system comprises a preprocessing unit, a data processing unit and a data processing unit, wherein the preprocessing unit is used for receiving an access request for accessing a website sent by a user terminal and preprocessing the access request;
the request processing unit is used for searching target data in a local cache of a protection server according to the preprocessed access request if judging that the website starts the re-protection function; otherwise, sending the preprocessed access request to the website, and returning the 404 page or the jump page to the user terminal.
Optionally, the request preprocessing module is specifically configured to perform traffic cleansing processing and Web application protection system protection processing on the access request.
In a fourth aspect, an embodiment of the present invention further provides a website availability assurance processing apparatus, including:
the data searching module is used for receiving the preprocessed access request sent by the protection server and searching target data in the index snapshot ES distributed cluster according to the preprocessed access request;
the first data acquisition module is used for acquiring the target data if the target data is found;
the second data acquisition module is used for acquiring the target data in the website corresponding to the preprocessed access request if the target data is not found;
and the second data returning module is used for returning the target data to the user terminal so as to ensure the usability of the website.
Optionally, the apparatus further comprises:
the second configuration parameter receiving module is used for receiving the mirror image configuration parameters sent by the configuration platform and sending the mirror image state to the configuration platform;
the mirror image configuration parameters comprise a mirror image creating cache parameter, a mirror image updating cache parameter and a mirror image deleting cache parameter.
In a fifth aspect, an embodiment of the present invention further provides an electronic device, including:
at least one processor; and
at least one memory communicatively coupled to the processor, wherein:
the memory stores program instructions executable by the processor, which when called by the processor are capable of performing the above-described methods.
In a sixth aspect, an embodiment of the present invention further provides a non-transitory computer-readable storage medium storing a computer program, which causes the computer to execute the above method.
According to the technical scheme, the access request is preprocessed, the mirror image server finds the target data and returns the target data to the user terminal, the data return is realized based on the mirror image server, the user terminal is not in direct communication with the website, when the source station has a problem, normal service can still be provided, and the usability of the website is ensured; meanwhile, target data are returned through the mirror image server, and website service can be accelerated.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a schematic flowchart of a website availability assurance processing method according to an embodiment of the present invention;
fig. 2 is a schematic operation diagram of a website availability assurance processing system according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating a website availability assurance processing method according to another embodiment of the present invention;
fig. 4 is a schematic structural diagram of a website availability assurance processing apparatus according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a website availability assurance processing apparatus according to another embodiment of the present invention;
FIG. 6 is a logic block diagram of an electronic device according to an embodiment of the invention;
fig. 7 is a logic block diagram of an electronic device according to another embodiment of the present invention.
Detailed Description
The following further describes embodiments of the present invention with reference to the accompanying drawings. The following examples are only for illustrating the technical solutions of the present invention more clearly, and the protection scope of the present invention is not limited thereby.
Fig. 1 shows a flowchart of a website availability assurance processing method provided in this embodiment, which includes:
s101, receiving an access request for accessing a website sent by a user terminal, preprocessing the access request, and searching target data in a local cache of a protection server according to the preprocessed access request.
The access request is a request which is initiated by a user terminal and needs to access a certain specific website.
The preprocessing is to perform processing such as flow cleaning or data protection on the access request, and preliminarily determine whether the access request is safe.
The protection server is a server for receiving the access request, preprocessing the access request and searching target data in a local cache.
The target data is the data actually requested by the user terminal corresponding to the access request. For example, if the user terminal requests a file a, the target data is the file a; and the user terminal requests the B power supply, and the target data is the B power supply.
S102, if the target data is not found in the local cache of the protection server, sending the preprocessed access request to a mirror image server, so that the mirror image server finds the target data according to the preprocessed access request, and returning the target data to the user terminal, so as to ensure the usability of the website.
The local cache is data which is locally pre-stored in the protection server.
The mirror image server is a server for copying and searching data of each website.
Specifically, by mirroring the data of each website to the mirror image server, when the user terminal requests the target data and finds the target data in the mirror image server, the mirror image server directly returns the target data to the user terminal, so that direct communication between the user terminal and the source website is avoided, when the source station has a problem, normal service can still be provided, and the usability of the website is ensured; meanwhile, target data are returned through the mirror image server, and website service can be accelerated.
In the embodiment, the access request is preprocessed, the mirror image server finds the target data and returns the target data to the user terminal, the data return is realized based on the mirror image server, the user terminal does not directly communicate with the website, when the source station has a problem, normal service can still be provided, and the usability of the website is ensured; meanwhile, target data are returned through the mirror image server, and website service can be accelerated.
Further, on the basis of the above method embodiment, before receiving an access request for accessing a website sent by a user terminal, the method further includes:
s100, receiving protection configuration parameters sent by a configuration platform;
the protection configuration parameters comprise crawler time, re-protection time, crawler levels and mirror black and white lists.
The configuration platform is used for configuring protection configuration parameters of the protection server and the mirror image server.
The crawler time is the running time of the crawler program.
The re-protection time is the time for protection.
The crawler hierarchy is the type of a crawler program;
the mirror image black and white list is a black list and a white list in the mirror image server.
The configuration platform is used for carrying out parameter configuration on the protection server and the mirror image server, so that parameters of a plurality of servers can be uniformly set, and effective protection of a website is facilitated.
Further, on the basis of the above embodiment of the method, the method further comprises:
s103, generating a crawler task according to the protection configuration parameters, and mirroring data of the target website to the mirroring server according to the crawler task.
The crawler task is to crawl data from various websites according to specific rules and mirror the data to a mirror image server so as to directly return the data to the user terminal when the user terminal requests the data.
The data are automatically crawled through the crawler task, so that the data in the mirror image server are frequently updated, the target data return rate of the user terminal is improved, and illegal access is further effectively prevented.
Further, on the basis of the above embodiment of the method, the method further comprises:
s104, if the target data is found in the local cache of the protection server, returning the target data to the user terminal.
By caching the data locally in the protection server, when the target data is cached locally in the protection server, the data return speed can be increased, and meanwhile, the website completeness is improved.
Further, on the basis of the above method embodiment, S101 specifically includes:
s1011, receiving an access request for accessing a website sent by a user terminal, and preprocessing the access request;
s1012, if the fact that the website starts the re-protection function is judged and known, searching target data in a local cache of a protection server according to the preprocessed access request; otherwise, sending the preprocessed access request to the website, and returning the 404 page or the jump page to the user terminal.
The target data is directly returned to the user terminal through the local cache of the protection server or the mirror image server, and the illegal access can be greatly reduced without passing through a source website (source station) corresponding to the target data.
Through setting up the function switch of reassurance, can confirm whether open the reassurance function according to the protection requirement of difference.
Further, on the basis of the above method embodiment, the preprocessing the access request in S101 specifically includes:
and performing flow cleaning processing and Web application protection system protection processing on the access request.
The flow cleaning process is to monitor the data flow entering the client IDC in real time and find abnormal flow including DOS attack in time. And on the premise of not influencing normal business, abnormal flow is cleaned. The requirement of a client on the operation continuity of the IDC can be effectively met.
Specifically, an operation schematic diagram of the website availability assurance processing system provided in this embodiment is shown in fig. 2, and the system includes a source station 201, a protection server 202, a mirror image server 203, and a configuration platform 204, where the protection server 202 includes an LVS (Linux virtual server), a WAF (Web application protection system), and a CACHE (local CACHE), after the LVS performs traffic cleaning on access data, an HTTP request is generated and sent to the WAF, and the WAF performs security protection processing, and determines whether the protection server starts the CACHE, and if not, directly accesses the source station 201; if the cache is started, judging whether the target data exists in the local cache or not, and if the target data exists, directly returning to the user terminal; if the target data does not exist in the local cache of the protection server, judging whether a re-protection function is started, and if the re-protection function is not started, directly accessing the source station 201; if the re-protection function is started, the request is sent to the mirror image server 203, the mirror image server 203 searches through the ES distributed cluster, if the target data is found, the target data is returned to the user terminal, otherwise, the source station 201 is directly accessed.
Before or during the operation of the website availability guarantee processing system, configuration parameters of the protection server and the mirror server can be configured, and the configuration parameters comprise protection configuration, re-protection time configuration, cache configuration, creation, update or deletion of a mirror cache and the like.
In a specific operation process of the website availability assurance processing system, the method may include the following steps:
a1, a user accesses a website, performs LVS DDOS flow cleaning, then performs WAF protection through an application layer, and if the website is judged to be restarted, the website enters A2;
a2, WAF transmits all the flow to CACHE CACHE (the CACHE content before the first access needs to be restored is emptied) node, if the CACHE is hit, the response content is returned, otherwise, the A3 is entered;
a3, if CACHE CACHE is not hit, forwarding the request to the ES cluster, inquiring whether the request has storage content in the ES, if yes, responding to the inquired content, otherwise, entering A4;
a4, if the mirror content is not hit, according to the selection of the user, the source is taken, the page is returned 404 or the page is jumped.
By the method provided by the embodiment, normal and effective access of the website can be ensured during the national important meeting, the failure rate of the website is reduced, and the usability of the website is improved.
Fig. 3 shows a flowchart of a website availability assurance processing method provided in this embodiment, including:
s301, receiving a preprocessed access request sent by a protection server, and searching target data in an index snapshot ES distributed cluster according to the preprocessed access request.
The access request is a request which is initiated by a user terminal and needs to access a certain specific website.
The preprocessing is to perform processing such as flow cleaning or data protection on the access request, and preliminarily determine whether the access request is safe.
The protection server is a server for receiving the access request, preprocessing the access request and searching target data in a local cache.
The target data is the data actually requested by the user terminal corresponding to the access request. For example, if the user terminal requests a file a, the target data is the file a; and the user terminal requests the B power supply, and the target data is the B power supply.
S302, if the target data is found, the target data is obtained.
S303, if the target data is not found, acquiring the target data in the website corresponding to the preprocessed access request.
S304, returning the target data to the user terminal to guarantee the usability of the website.
Specifically, a mirror image server receives a preprocessed access request sent by a protection server, and searches target data in an index snapshot ES distributed cluster according to the preprocessed access request; if the target data is found, acquiring the target data; if the target data is not found, acquiring the target data in the website corresponding to the preprocessed access request; and returning the target data to the user terminal.
By mirroring the data of each website to the mirror image server, when the user terminal requests the target data and finds the target data in the mirror image server, the mirror image server directly returns the target data to the user terminal, so that direct communication between the user terminal and the source website is avoided, and various illegal accesses are effectively prevented.
In the embodiment, the access request is preprocessed, the mirror image server finds the target data and returns the target data to the user terminal, the data return is realized based on the mirror image server, the user terminal does not directly communicate with the website, when the source station has a problem, normal service can still be provided, and the usability of the website is ensured; meanwhile, target data are returned through the mirror image server, and website service can be accelerated.
Further, on the basis of the above method embodiment, the apparatus further includes:
receiving mirror image configuration parameters sent by a configuration platform, and sending a mirror image state to the configuration platform;
the mirror image configuration parameters comprise a mirror image creating cache parameter, a mirror image updating cache parameter and a mirror image deleting cache parameter.
The configuration platform is used for configuring protection configuration parameters of the protection server and the mirror image server.
The mirror image cache creating parameter is a parameter related to mirror image cache creation; the updated mirror image cache parameter is a parameter related to the updated mirror image cache; and the mirror image cache deleting parameter is a parameter related to the mirror image cache deleting.
The configuration platform is used for carrying out parameter configuration on the protection server and the mirror image server, so that parameters of a plurality of servers can be uniformly set, and effective protection of a website is facilitated.
Fig. 4 is a schematic structural diagram illustrating a website availability assurance processing apparatus provided in this embodiment, where the apparatus includes: a request preprocessing module 401 and a first data returning module 402, wherein:
the request preprocessing module 401 is configured to receive an access request for accessing a website sent by a user terminal, preprocess the access request, and search for target data in a local cache of a protection server according to the preprocessed access request;
the first data returning module 402 is configured to send the preprocessed access request to a mirror server if the target data is not found in the local cache of the protection server, so that the mirror server finds the target data according to the preprocessed access request, and returns the target data to the user terminal, so as to ensure availability of the website.
Specifically, the request preprocessing module 401 receives an access request for accessing a website, which is sent by a user terminal, preprocesses the access request, and searches for target data in a local cache of a protection server according to the preprocessed access request; if the target data is not found in the local cache of the protection server, the first data returning module 402 sends the preprocessed access request to a mirror server, so that the mirror server finds the target data according to the preprocessed access request, and returns the target data to the user terminal.
In the embodiment, the access request is preprocessed, the mirror image server finds the target data and returns the target data to the user terminal, the data return is realized based on the mirror image server, the user terminal does not directly communicate with the website, when the source station has a problem, normal service can still be provided, and the usability of the website is ensured; meanwhile, target data are returned through the mirror image server, and website service can be accelerated.
Further, on the basis of the above embodiment of the apparatus, the apparatus further comprises:
the first configuration parameter receiving module is used for receiving protection configuration parameters sent by the configuration platform;
the protection configuration parameters comprise crawler time, re-protection time, crawler levels and mirror black and white lists.
Further, on the basis of the above embodiment of the apparatus, the apparatus further comprises:
and the mirror image module is used for generating a crawler task according to the protection configuration parameters and mirroring the data of the target website to the mirror image server according to the crawler task.
Further, on the basis of the above embodiment of the apparatus, the apparatus further comprises:
and the local searching module is used for returning the target data to the user terminal if the target data is searched in the local cache of the protection server.
Further, on the basis of the above device embodiment, the request preprocessing module 401 specifically includes:
the system comprises a preprocessing unit, a data processing unit and a data processing unit, wherein the preprocessing unit is used for receiving an access request for accessing a website sent by a user terminal and preprocessing the access request;
the request processing unit is used for searching target data in a local cache of a protection server according to the preprocessed access request if judging that the website starts the re-protection function; otherwise, sending the preprocessed access request to the website, and returning the 404 page or the jump page to the user terminal.
Further, on the basis of the above apparatus embodiment, the request preprocessing module 401 is specifically configured to perform traffic cleansing processing and Web application protection system protection processing on the access request.
The website availability assurance processing apparatus described in this embodiment may be configured to execute the corresponding method embodiments, and the principle and technical effect are similar, which are not described herein again.
Fig. 5 is a schematic structural diagram illustrating a website availability assurance processing apparatus provided in this embodiment, where the apparatus includes: a data search module 501, a first data acquisition module 502, a second data acquisition module 503, and a second data return module 504, wherein:
the data search module 501 is configured to receive a preprocessed access request sent by a protection server, and search for target data in an ES distributed cluster of index snapshots according to the preprocessed access request;
the first data obtaining module 502 is configured to obtain the target data if the target data is found;
the second data obtaining module 503 is configured to obtain the target data in the website corresponding to the preprocessed access request if the target data is not found;
the second data returning module 504 is configured to return the target data to the user terminal, so as to guarantee availability of the website.
Specifically, the data search module 501 receives a preprocessed access request sent by a protection server, and searches for target data in an ES distributed cluster of index snapshots according to the preprocessed access request; if the target data is found, the first data obtaining module 502 obtains the target data; if the target data is not found by the second data obtaining module 503, obtaining the target data in the website corresponding to the preprocessed access request; the second data returning module 504 returns the target data to the user terminal.
In the embodiment, the access request is preprocessed, the mirror image server finds the target data and returns the target data to the user terminal, the data return is realized based on the mirror image server, the user terminal does not directly communicate with the website, when the source station has a problem, normal service can still be provided, and the usability of the website is ensured; meanwhile, target data are returned through the mirror image server, and website service can be accelerated.
Further, on the basis of the above embodiment of the apparatus, the apparatus further comprises:
the second configuration parameter receiving module is used for receiving the mirror image configuration parameters sent by the configuration platform and sending the mirror image state to the configuration platform;
the mirror image configuration parameters comprise a mirror image creating cache parameter, a mirror image updating cache parameter and a mirror image deleting cache parameter.
The website availability assurance processing apparatus described in this embodiment may be configured to execute the corresponding method embodiments, and the principle and technical effect are similar, which are not described herein again.
Referring to fig. 6, the electronic device includes: a first processor (processor)601, a first memory (memory)602, and a first bus 603;
wherein,
the first processor 601 and the first memory 602 communicate with each other via the first bus 603;
the first processor 601 is used for calling program instructions in the first memory 602 to execute the methods provided by the above-mentioned method embodiments.
The present embodiment discloses a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a computer, enable the computer to perform the method provided by the corresponding method embodiments described above.
The present embodiments provide a non-transitory computer-readable storage medium storing computer instructions that cause the computer to perform the methods provided by the corresponding method embodiments described above.
Referring to fig. 7, the electronic device includes: a second processor (processor)701, a second memory (memory)702, and a second bus 703;
wherein,
the second processor 701 and the second memory 702 complete communication with each other through the second bus 703;
the second processor 701 is configured to call program instructions in the second memory 702 to perform the methods provided by the above-mentioned method embodiments.
The present embodiment discloses a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a computer, enable the computer to perform the method provided by the corresponding method embodiments described above.
The present embodiments provide a non-transitory computer-readable storage medium storing computer instructions that cause the computer to perform the methods provided by the corresponding method embodiments described above.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
It should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (20)
1. A website availability guarantee processing method is characterized by comprising the following steps:
receiving an access request for accessing a website, sent by a user terminal, preprocessing the access request, and searching target data in a local cache of a protection server according to the preprocessed access request;
if the target data is not found in the local cache of the protection server, sending the preprocessed access request to a mirror image server, so that the mirror image server finds the target data according to the preprocessed access request, and returning the target data to the user terminal, thereby ensuring the usability of the website.
2. The method according to claim 1, wherein before receiving the access request for accessing the website sent by the user terminal, the method further comprises:
receiving protection configuration parameters sent by a configuration platform;
the protection configuration parameters comprise crawler time, re-protection time, crawler levels and mirror black and white lists.
3. The method of claim 2, further comprising:
and generating a crawler task according to the protection configuration parameters, and mirroring the data of the target website to the mirroring server according to the crawler task.
4. The method of claim 1, further comprising:
and if the target data is found in the local cache of the protection server, returning the target data to the user terminal.
5. The method according to claim 1, wherein the receiving an access request for accessing a website sent by a user terminal, preprocessing the access request, and searching for target data in a local cache of a protection server according to the preprocessed access request specifically comprises:
receiving an access request for accessing a website, which is sent by a user terminal, and preprocessing the access request;
if the fact that the website starts the re-protection function is judged and known, target data are searched in a local cache of a protection server according to the preprocessed access request; otherwise, sending the preprocessed access request to the website, and returning the 404 page or the jump page to the user terminal.
6. The method according to claim 1, wherein the preprocessing the access request specifically includes:
and performing flow cleaning processing and Web application protection system protection processing on the access request.
7. A website availability guarantee processing method is characterized by comprising the following steps:
receiving a preprocessed access request sent by a protection server, and searching target data in an index snapshot ES distributed cluster according to the preprocessed access request;
if the target data is found, acquiring the target data;
if the target data is not found, acquiring the target data in the website corresponding to the preprocessed access request;
and returning the target data to the user terminal to ensure the usability of the website.
8. The method of claim 7, further comprising:
receiving mirror image configuration parameters sent by a configuration platform, and sending a mirror image state to the configuration platform;
the mirror image configuration parameters comprise a mirror image creating cache parameter, a mirror image updating cache parameter and a mirror image deleting cache parameter.
9. A website availability assurance processing apparatus, comprising:
the system comprises a request preprocessing module, a protection server and a data processing module, wherein the request preprocessing module is used for receiving an access request for accessing a website sent by a user terminal, preprocessing the access request and searching target data in a local cache of the protection server according to the preprocessed access request;
and the first data returning module is used for sending the preprocessed access request to a mirror image server if the target data is not found in the local cache of the protection server, so that the mirror image server finds the target data according to the preprocessed access request, and returns the target data to the user terminal, thereby ensuring the usability of the website.
10. The apparatus of claim 9, further comprising:
the first configuration parameter receiving module is used for receiving protection configuration parameters sent by the configuration platform;
the protection configuration parameters comprise crawler time, re-protection time, crawler levels and mirror black and white lists.
11. The apparatus of claim 10, further comprising:
and the mirror image module is used for generating a crawler task according to the protection configuration parameters and mirroring the data of the target website to the mirror image server according to the crawler task.
12. The apparatus of claim 9, further comprising:
and the local searching module is used for returning the target data to the user terminal if the target data is searched in the local cache of the protection server.
13. The apparatus according to claim 9, wherein the request preprocessing module specifically includes:
the system comprises a preprocessing unit, a data processing unit and a data processing unit, wherein the preprocessing unit is used for receiving an access request for accessing a website sent by a user terminal and preprocessing the access request;
the request processing unit is used for searching target data in a local cache of a protection server according to the preprocessed access request if judging that the website starts the re-protection function; otherwise, sending the preprocessed access request to the website, and returning the 404 page or the jump page to the user terminal.
14. The apparatus according to claim 9, wherein the request preprocessing module is specifically configured to perform traffic cleansing processing and Web application protection system protection processing on the access request.
15. A website availability assurance processing apparatus, comprising:
the data searching module is used for receiving the preprocessed access request sent by the protection server and searching target data in the index snapshot ES distributed cluster according to the preprocessed access request;
the first data acquisition module is used for acquiring the target data if the target data is found;
the second data acquisition module is used for acquiring the target data in the website corresponding to the preprocessed access request if the target data is not found;
and the second data returning module is used for returning the target data to the user terminal so as to ensure the usability of the website.
16. The apparatus of claim 15, further comprising:
the second configuration parameter receiving module is used for receiving the mirror image configuration parameters sent by the configuration platform and sending the mirror image state to the configuration platform;
the mirror image configuration parameters comprise a mirror image creating cache parameter, a mirror image updating cache parameter and a mirror image deleting cache parameter.
17. An electronic device, comprising:
at least one processor; and
at least one memory communicatively coupled to the processor, wherein:
the memory stores program instructions executable by the processor, the processor invoking the program instructions to perform the method of any of claims 1 to 6.
18. A non-transitory computer-readable storage medium storing a computer program that causes a computer to perform the method according to any one of claims 1 to 6.
19. An electronic device, comprising:
at least one processor; and
at least one memory communicatively coupled to the processor, wherein:
the memory stores program instructions executable by the processor, the processor invoking the program instructions to perform the method of any of claims 7 to 8.
20. A non-transitory computer-readable storage medium storing a computer program that causes a computer to perform the method according to any one of claims 7 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710897220.2A CN107800689A (en) | 2017-09-28 | 2017-09-28 | A kind of Website Usability ensures processing method and processing device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710897220.2A CN107800689A (en) | 2017-09-28 | 2017-09-28 | A kind of Website Usability ensures processing method and processing device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107800689A true CN107800689A (en) | 2018-03-13 |
Family
ID=61532757
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710897220.2A Pending CN107800689A (en) | 2017-09-28 | 2017-09-28 | A kind of Website Usability ensures processing method and processing device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107800689A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111124993A (en) * | 2018-10-31 | 2020-05-08 | 伊姆西Ip控股有限责任公司 | Method, apparatus and program product for reducing cache data mirroring latency during I/O processing |
| CN112087459A (en) * | 2020-09-11 | 2020-12-15 | 杭州安恒信息技术股份有限公司 | Access request detection method, device, equipment and readable storage medium |
| CN112347167A (en) * | 2020-09-30 | 2021-02-09 | 长沙市到家悠享网络科技有限公司 | Data processing method and device, electronic equipment and storage medium |
| CN113886099A (en) * | 2021-08-27 | 2022-01-04 | 北京房江湖科技有限公司 | Interface access request processing method and storage medium |
| CN113949579A (en) * | 2021-10-20 | 2022-01-18 | 安天科技集团股份有限公司 | Website attack defense method and device, computer equipment and storage medium |
| CN115543747A (en) * | 2022-10-20 | 2022-12-30 | 舟谱数据技术南京有限公司 | Method for automatically inspecting front-end webpage performance |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103414639A (en) * | 2013-07-16 | 2013-11-27 | 广东工业大学 | Routing request method |
| CN104168300A (en) * | 2013-05-17 | 2014-11-26 | 中国电信股份有限公司 | Content acceleration method and system |
| CN104462570A (en) * | 2014-12-26 | 2015-03-25 | 小米科技有限责任公司 | Webpage content obtaining method and device |
| CN106302512A (en) * | 2016-09-05 | 2017-01-04 | 上海云盾信息技术有限公司 | A kind of for controlling method, equipment and the system accessed |
-
2017
- 2017-09-28 CN CN201710897220.2A patent/CN107800689A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104168300A (en) * | 2013-05-17 | 2014-11-26 | 中国电信股份有限公司 | Content acceleration method and system |
| CN103414639A (en) * | 2013-07-16 | 2013-11-27 | 广东工业大学 | Routing request method |
| CN104462570A (en) * | 2014-12-26 | 2015-03-25 | 小米科技有限责任公司 | Webpage content obtaining method and device |
| CN106302512A (en) * | 2016-09-05 | 2017-01-04 | 上海云盾信息技术有限公司 | A kind of for controlling method, equipment and the system accessed |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111124993A (en) * | 2018-10-31 | 2020-05-08 | 伊姆西Ip控股有限责任公司 | Method, apparatus and program product for reducing cache data mirroring latency during I/O processing |
| CN111124993B (en) * | 2018-10-31 | 2023-09-01 | 伊姆西Ip控股有限责任公司 | Method, apparatus and program product for reducing cache data mirror latency in I/O processing |
| CN112087459A (en) * | 2020-09-11 | 2020-12-15 | 杭州安恒信息技术股份有限公司 | Access request detection method, device, equipment and readable storage medium |
| CN112347167A (en) * | 2020-09-30 | 2021-02-09 | 长沙市到家悠享网络科技有限公司 | Data processing method and device, electronic equipment and storage medium |
| CN113886099A (en) * | 2021-08-27 | 2022-01-04 | 北京房江湖科技有限公司 | Interface access request processing method and storage medium |
| CN113949579A (en) * | 2021-10-20 | 2022-01-18 | 安天科技集团股份有限公司 | Website attack defense method and device, computer equipment and storage medium |
| CN113949579B (en) * | 2021-10-20 | 2024-04-30 | 安天科技集团股份有限公司 | Website attack defense method and device, computer equipment and storage medium |
| CN115543747A (en) * | 2022-10-20 | 2022-12-30 | 舟谱数据技术南京有限公司 | Method for automatically inspecting front-end webpage performance |
| CN115543747B (en) * | 2022-10-20 | 2024-04-02 | 舟谱数据技术南京有限公司 | Method for automatically inspecting front-end webpage performance |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107800689A (en) | A kind of Website Usability ensures processing method and processing device | |
| US9325731B2 (en) | Identification of and countermeasures against forged websites | |
| CN106936793B (en) | Information interception processing method and terminal | |
| RU2615057C2 (en) | Method and device for access to web-page and router | |
| CN102932370B (en) | A kind of security sweep method, equipment and system | |
| EP2755157B1 (en) | Detecting undesirable content | |
| US9147067B2 (en) | Security method and apparatus | |
| CN103716295B (en) | A kind of network system | |
| CN112261172B (en) | Service addressing access method, device, system, equipment and medium | |
| WO2014143012A1 (en) | Remote malware remediation | |
| JP2014142960A (en) | Method and system of preventing browser-based fraud | |
| EP3449406B1 (en) | Ip address access based on security level and access history | |
| CN109522501B (en) | Page content management method and device | |
| US20190379694A1 (en) | System and method for detection of malicious interactions in a computer network | |
| CN106385455A (en) | CDN (Content Delivery Network) mirror-based whole site lock setting method | |
| WO2020073374A1 (en) | Advertisement anti-shielding method and device | |
| CN110795663B (en) | Webpage loading method and equipment | |
| US20220012070A1 (en) | Client side browser-based caching for monitored resources | |
| CN110290196B (en) | Content distribution method and device | |
| JP2010537281A (en) | Method and system for tracking and optimizing advertisements on distributed networks | |
| US20210099465A1 (en) | Secure Restore | |
| US20140208385A1 (en) | Method, apparatus and system for webpage access control | |
| CN113536168B (en) | Component processing method and device | |
| CN110727934A (en) | Anti-crawler method and device | |
| CN114513468A (en) | Method, device, equipment, storage medium and product for protecting flow in Sentinel |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180313 |