CN113489778A - Access request processing method and device, electronic equipment and storage medium - Google Patents

Access request processing method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN113489778A
CN113489778A CN202110749126.9A CN202110749126A CN113489778A CN 113489778 A CN113489778 A CN 113489778A CN 202110749126 A CN202110749126 A CN 202110749126A CN 113489778 A CN113489778 A CN 113489778A
Authority
CN
China
Prior art keywords
address
access
target system
access request
access address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110749126.9A
Other languages
Chinese (zh)
Other versions
CN113489778B (en
Inventor
刘晓凯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Construction Bank Corp
Original Assignee
China Construction Bank Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp filed Critical China Construction Bank Corp
Priority to CN202110749126.9A priority Critical patent/CN113489778B/en
Publication of CN113489778A publication Critical patent/CN113489778A/en
Application granted granted Critical
Publication of CN113489778B publication Critical patent/CN113489778B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
    • H04L67/63Routing a service request depending on the request content or context
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0207Discounts or incentives, e.g. coupons or rebates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Abstract

The application discloses a processing method and device of an access request, electronic equipment and a storage medium, wherein the method comprises the following steps: acquiring an access request sent by a user to a target system; wherein the access request comprises at least an IP address and an access address; judging whether the access address is the latest access address of the current target system; wherein, the access address of the target system is updated at least once when the access is started; if the access address is judged not to be the latest access address of the current target system, the IP address is forbidden; and responding to the access request if the access address is judged to be the latest access address of the current target system. Therefore, after the access address is updated, the fact that the access request is sent by the robbery tool is identified based on the access address, the IP address of the access request is forbidden, the access request sent by the robbery tool is prevented, and the situation that a user carries out robbery through the robbery tool is effectively avoided.

Description

Access request processing method and device, electronic equipment and storage medium
Technical Field
The present application relates to the field of request interception technologies, and in particular, to a method and an apparatus for processing an access request, an electronic device, and a storage medium.
Background
At present, many commodities, tickets, and many events are reserved and purchased online through corresponding systems, for example, the bank currently carries out commemorative coins on the system to reserve and purchase online events. The time from starting access of the target system for carrying out the emergency purchase activities to finishing the emergency purchase activities is usually short, and the speed of accessing the target system to participate in the emergency purchase activities through manual operation is relatively slow, so the success rate of the emergency purchase activities is low. Therefore, part of users can write the robbery tools in advance according to the flow of the robbery, and when the target system starts to access, the addresses of the target system are automatically and quickly accessed through the robbery tools, thereby greatly increasing the probability of successful robbery,
but the rushing to buy through the rushing to buy tools obviously violates the fairness of the activity. Therefore, in order to prevent the user from performing the emergency purchase through the emergency purchase tool, the existing main mode is to perform verification in a mode of a graphic verification code or a short message verification code and the like when accessing the system, and since the emergency purchase tool may not automatically complete the verification, or even if the verification can be automatically completed, the consumed time of the verification is similar to the time required by manual emergency purchase, the user can be prevented from performing the emergency purchase through the emergency purchase tool.
However, nowadays, some users write a robbery tool to start trying to bypass the step of information verification and directly access the system to perform a robbery. Therefore, the user cannot be well prevented from carrying out the article robbery through the robbery tool by the user authentication method.
Disclosure of Invention
Based on the defects of the prior art, the application provides a processing method and device of an access request, an electronic device and a storage medium, so as to solve the problem that the prior art cannot effectively prevent a user from carrying out commodity robbery through a robbery tool.
In order to achieve the above object, the present application provides the following technical solutions:
a first aspect of the present application provides a method for processing an access request, including:
acquiring an access request sent by a user to a target system; wherein the access request comprises at least an IP address and an access address;
judging whether the access address is the latest access address of the current target system; wherein, the access address of the target system is updated at least once when the access is started;
if the access address is judged not to be the latest access address of the current target system, the IP address is forbidden;
and responding to the access request if the access address is judged to be the latest access address of the current target system.
Optionally, in the foregoing method, the determining whether the access address is before a latest access address of the current target system further includes:
identifying whether the IP address belongs to a blocked IP address; if the IP address is identified not to belong to the forbidden IP address, executing the judgment to determine whether the access address is the latest access address of the current target system;
and if the IP address is identified to belong to the blocked IP address, intercepting the access request.
Optionally, in the foregoing method, the blocking the IP address includes:
forwarding the access request to a first application server so as to acquire the IP address from the access request through the first application server and synchronize the IP address to a blocker;
and carrying out blocking management on the IP address through the blocking device, and synchronizing the IP address to a firewall of the target system.
Optionally, in the foregoing method, the responding to the access request includes:
forwarding the access request to a second application server to respond to the access request through the second application server.
Optionally, in the foregoing method, the method for updating the access address of the target system includes:
when the target system starts access, generating a new access address of the target system according to a random algorithm, and issuing the new access address of the target system for effectiveness;
and generating a new access address of the target system according to a random algorithm every preset time interval, and issuing the latest access address of the target system for effectiveness.
Optionally, in the foregoing method, after the blocking the IP address, the method further includes:
and timing the seal-forbidden time of the IP address, and removing the seal-forbidden time of the IP address when the seal-forbidden time of the IP address reaches the set time length corresponding to the IP address.
A second aspect of the present application provides an apparatus for processing an access request, including:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring an access request sent by a user to a target system; wherein the access request comprises at least an IP address and an access address;
the judging unit is used for judging whether the access address is the latest access address of the current target system; wherein, the access address of the target system is updated at least once when the access is started;
a blocking unit, configured to block the IP address when the determining unit determines that the access address is not the latest access address of the current target system;
and the response unit is used for responding to the access request when the judging unit judges that the access address is the latest access address of the current target system.
Optionally, in the above apparatus, the identifying unit is configured to identify whether the IP address belongs to a disabled IP address; when the identification unit identifies that the IP address does not belong to a forbidden IP address, the judgment unit judges whether the access address is the latest access address of the current target system;
and the intercepting unit is used for intercepting the access request when the identifying unit identifies that the IP address belongs to the blocked IP address.
Optionally, in the above apparatus, the blocking unit includes:
the extraction unit is used for forwarding the access request to a first application server so as to acquire the IP address from the access request through the first application server and synchronize the IP address to a blocker;
and the seal sub-unit is used for carrying out seal management on the IP address through the seal device and synchronizing the IP address to the firewall of the target system.
Optionally, in the above apparatus, the response unit includes:
and the response subunit is used for forwarding the access request to the second application server so as to respond to the access request through the second application server.
Optionally, in the above apparatus, further comprising:
the first updating unit is used for generating a new access address of the target system according to a random algorithm when the target system starts access, and issuing the new access address of the target system for effectiveness;
and the second updating unit is used for generating a new access address of the target system according to a random algorithm at each preset time interval, and issuing the latest access address of the target system for effectiveness.
Optionally, in the above apparatus, further comprising:
and the releasing unit is used for timing the forbidden time of the IP address and releasing the forbidden time of the IP address when the forbidden time of the IP address reaches the set time length corresponding to the IP address.
A third aspect of the present application provides an electronic device comprising:
a memory and a processor;
wherein the memory is used for storing programs;
the processor is configured to execute the program, and when the program is executed, the program is specifically configured to implement the method for processing an access request according to any one of the above items.
A fourth aspect of the present application provides a computer storage medium for storing a computer program which, when executed, is configured to implement the method of processing an access request according to any one of the preceding claims.
The application provides a processing method of an access request, which is used for acquiring the sent access request to a target system, and updating an access address of the target system at least once when the access is started. Wherein the access request comprises at least an IP address and an access address. And then judging whether the access address is the latest access address of the current target system. Since the access address in the preemption tool is pre-compiled, the target system's previous access address is used for access. Therefore, if the access address is judged not to be the latest access address of the current target system, the access request is sent by the user using the robbery tool, and the IP address can be forbidden, so that the user is prevented from accessing the target system through the robbery tool. And if the accessed address is judged to be the latest accessed address of the current target system, responding to the access request. Moreover, even if the user updates the access address compiled in advance in the robbery tool in time, the target system may not allow access when the user finishes updating the access address because the time for starting the access of the target system is short, so that the operation that the user accesses the target system through the robbery tool is effectively prevented.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a system according to an embodiment of the present disclosure;
fig. 2 is a flowchart of a processing method for an access request according to another embodiment of the present application;
fig. 3 is a flowchart of a method for updating an access address of a target system according to another embodiment of the present application;
fig. 4 is a flowchart of another processing method for an access request according to another embodiment of the present application;
fig. 5 is a schematic structural diagram of an access request processing apparatus according to another embodiment of the present application;
fig. 6 is a schematic structural diagram of a seal disabling unit according to another embodiment of the present disclosure;
fig. 7 is a schematic structural diagram of an electronic device according to another embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In this application, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The application provides a processing method of an access request, which aims to solve the problem that in the prior art, a user cannot effectively prevent goods from being purchased through a purchasing tool.
First, it should be noted that the systems and methods provided in the embodiments of the present application are mainly described with respect to application scenarios of a shopping mall, but are not limited to be used in the application scenarios of the shopping mall.
Optionally, in order to implement the method for processing an access request provided by the present application, an embodiment of the present application provides a system, as shown in fig. 1, specifically including:
the system comprises a Web server, a first application server, a second application server, a blocker and an access address converter.
It should be noted that the access address referred to in this application refers to a Uniform Resource Locator (URL).
The Web server is mainly used for receiving an access request of a user to the system, and the access request is distributed to the Web server no matter whether the user accesses a newly generated access address of the system or a previously generated access address. But when the access request enters the Web server, the firewall of the Web server intercepts the access request sent by the blocked IP address.
After the access request enters the Web server, if the access request is not accessed by using the URL newly generated by the system, the Web server will forward the access request to the first application server. If the access request is accessed by using the URL generated by the system latest, the Web server forwards the access request to the second application server.
The first application service is mainly used for extracting the IP address from the received access request and synchronizing the obtained IP to the blocker, so that the trapping of the IP address is realized. Specifically, the IP address of the access request may be actively obtained from the first application server by the banger.
Optionally, the first application server may also include a plurality of servers.
And the disabler is used for carrying out corresponding disablement management on the obtained IP address according to the established strategy and synchronizing the obtained IP address to the access of the Web server.
The second application server is mainly used for normally responding to the access request so as to improve the service of the system. For example, for a preemption activity, the second application server is then used to implement a preemption service.
Optionally, since most of the access requests belong to normally sent access requests, a plurality of second application servers are required to be provided, and timely processing of the access requests must be ensured.
And the access address converter is used for generating a new access address for the system according to a preset strategy and synchronizing the new access address to the Web server for issuing and taking effect.
Based on the system provided above, an embodiment of the present application provides a method for processing an access request, as shown in fig. 2, including the following steps:
s201, acquiring an access request sent by a user to a target system, wherein the access request at least comprises an IP address and an access address.
It should be noted that, the user may send an access request to the target system by operating on the shopping page. Of course, the user may also send an access clear to the specified access address through the first-time purchase tool, and when the specified access address is the address of the target system, the access request is sent to the target system.
Wherein, aiming at the emergency purchase activity, the access request is a request for participating in the emergency purchase activity.
S202, judging whether the access address is the latest access address of the current target system.
Wherein the access address of the target system is updated at least once when the access is opened. Because the access address needs to be compiled in the code in advance by the robbery tool, the access address can be automatically accessed through the robbery tool, and the rapid robbery is realized. Therefore, when the emergency purchase starts, namely when the target system starts to access, the access address of the target system is updated once.
Alternatively, updating the access address may be accomplished by changing a parameter in the address, such as a parameter of the suffix.
In this way, after the start of the robbery, when the person accesses the terminal by clicking operation, the access request is generated according to the updated access address, that is, the access address in the access request is the updated access address. However, since the access address in the robbery tool is compiled in advance, and the robbery activity is often finished in a short time, and the access address is updated when the target system starts access, the access address in the robbery tool cannot be updated in time and then participates in the robbery, the robbery tool is used for accessing, and the access address before updating is used for accessing, so that the access request can be distinguished by the access address whether the access request is sent by manual operation or by the robbery tool.
If the access address is determined not to be the latest access address of the current target system, it means that the current access request is sent by the robbery tool, so step S203 is executed at this time. If the access address is determined to be the latest access address of the current target system, it indicates that the current access request is triggered by manual operation, so step S204 is executed at this time.
Optionally, in this embodiment of the present application, the method for updating the access address of the target system, as shown in fig. 3, may specifically include the following steps:
s301, when the target system starts access, generating a new access address of the target system according to a random algorithm, and issuing the new access address of the target system for effectiveness.
It should be noted that, after the access address is updated, if the access address in the preemption tool is to be updated, the updated access address needs to be determined first, and then the address in the preemption tool is replaced with the updated address, which takes a long time, and the preemption activity is often finished within a short time.
And S302, generating a new access address of the target system according to a random algorithm at intervals of a preset time length, and issuing the latest access address of the target system for effectiveness.
In order to avoid that the duration of the robbery activity is long, the user has enough time to update the access address in the robbery tool and carry out the robbery through the robbery tool. Therefore, in the embodiment of the present application, the access address of the target system is updated once every preset time interval. In this way, the access address of the target system is updated again after the user just updates the access address in the first-time purchase tool, so that the first-time purchase tool is not updated by using the latest access address.
And S203, the IP address of the current access request is forbidden.
Specifically, when the access address is determined not to be the latest access address of the current target system, it is determined that the current access request is sent by the robbery tool, so that the IP address of the current access request is blocked, the access request of the IP address is not responded, and the current access request cannot participate in the robbery.
Optionally, the IP address of the current access request may be disabled from the blacklist and sent to the firewall of the Web server, so as to intercept the IP address when the IP address is accessed again. Because the robbery tools always access the target system continuously, the IP address is forbidden, so that the robbery through the robbery tools can be avoided, and the frequent processing of access requests of the robbery tools is also avoided.
And S204, responding to the current access request.
Since the current access request is not sent through the shopping instrument, a normal response needs to be performed on the access list to realize the shopping of the goods by the user.
The embodiment of the application provides a processing method of an access request, which is used for acquiring the sent access request to a target system. Wherein the access request comprises at least an IP address and an access address. And then judging whether the access address is the latest access address of the current target system. Since the access address of the target system is updated at least once when the access is opened, and the access address in the robbery tool is pre-compiled, the previous access address of the target system is used for access. Therefore, if the access address is judged not to be the latest access address of the current target system, the access request is sent by using the robbery tool, and therefore the IP address is forbidden, and the user is prevented from carrying out the robbery through the robbery tool. And if the accessed address is judged to be the latest accessed address of the current target system, responding to the access request and ensuring the normal development of the robbery activity. Moreover, even if the user updates the access address compiled in advance in the robbery tool in time, the robbery time is short, so that when the user finishes updating the access address, the robbery activity may be ended, or most of the commodities are robbed, and the success rate of using the robbery tool for carrying out the robbery is low, so that the user can be effectively prevented from carrying out the robbery through the robbery tool.
Based on the system provided above, another embodiment of the present invention provides another method for processing an access request, as shown in fig. 4, including the following steps:
s401, an access request sent by a user to a target system is obtained, wherein the access request at least comprises an IP address and an access address.
It should be noted that, the specific implementation of step S401 may refer to the specific implementation of step S201, and is not described herein again.
S402, whether the IP address belongs to the forbidden IP address is identified.
It should be noted that, the preemption tool usually accesses the target system continuously, that is, sends an access request to the target system to try to preempt continuously, so as to avoid the need to continuously execute subsequent steps on the access request sent by the forbidden IP address, in the embodiment of the present application, it is first identified whether the IP address of the current request belongs to the forbidden IP address, and if so, the current access request can be intercepted directly, so that the current access request does not need to be processed, and a large amount of unnecessary work is reduced.
Alternatively, it may be identified whether the IP address sending the current access request belongs to a blocked IP address through a firewall of a Web server of the target system. Specifically, the IP address of the current access request may be compared with the stored IP addresses that have been blocked, and if there is a match between the stored IP addresses that have been blocked and the IP address of the current access request, it is determined that the IP address belongs to the blocked IP address, and therefore the target system cannot be accessed, so step S407 is executed at this time.
If it is recognized that the IP address does not belong to the IP address that has been blocked, it indicates that the IP address of the current access request is allowed to access the target system, and step S403 is executed.
And S403, judging whether the access address is the latest access address of the current target system.
Wherein the access address of the target system is updated at least once when the access is opened.
It should be noted that, in the embodiment of the present application, different application servers are respectively designed to process an access request that employs a latest access address, and issue an access request that does not employ the latest access address for access. Therefore, if it is determined that the access address is not the latest access address of the current target system, step S404 is executed. If the access address is determined to be the latest access address of the current target system, step S406.
S404, the access request is forwarded to the first application server, so that the IP address is obtained from the access request through the first application server, and the IP address is synchronized to the blocker.
S405, carrying out blocking management on the IP address through a blocking device, and synchronizing the IP address to a firewall of the target system.
Specifically, in the embodiment of the present application, by performing block association on the IP address, the block association may specifically include a start of block, an end of block, and the like. Wherein, when the blocking starts, the IP address is synchronized to the firewall of the target system so as to intercept the access request sent by the IP address.
It should be noted that, since the preemption activity can be ended in a short time and the subsequent other preemption activities may no longer send an access request through the preemption tool, the IP address does not need to be blocked all the time. Therefore, the preset time length for blocking the IP address may be set by the blocker, and after performing step S405, the method may further include: and timing the forbidden time of the IP address, and when the forbidden time of the IP address reaches the set time length corresponding to the IP address, removing the forbidden time of the IP address.
S406, the access request is forwarded to the second application server so as to respond to the access request through the second application server.
The second application server is used for providing the preemption service, so when the access address of the access request is the latest access address, the access request is not sent by the preemption tool, and the access request is responded by the second application server.
S407, intercepting the current access request.
Another embodiment of the present application provides an apparatus for processing an access request, as shown in fig. 5, including the following units:
an obtaining unit 501, configured to obtain an access request sent by a user to a target system.
Wherein the access request comprises at least an IP address and an access address.
A determining unit 502, configured to determine whether the access address is the latest access address of the current target system.
And updating the access address of the target system at least once when the access is started.
A blocking unit 503, configured to block the IP address when the determining unit 502 determines that the access address is not the latest access address of the current target system.
A responding unit 504, configured to respond to the access request when the determining unit 502 determines that the access address is the latest access address of the current target system.
Optionally, in an access request processing apparatus provided in another embodiment of the present application, further including:
and the identification unit is used for identifying whether the IP address belongs to the forbidden IP address or not.
When the identification unit identifies that the IP address does not belong to the forbidden IP address, the judgment unit judges whether the access address is the latest access address of the current target system.
And the intercepting unit is used for intercepting the access request when the identifying unit identifies that the IP address belongs to the blocked IP address.
Optionally, in an access request processing apparatus provided in another embodiment of the present application, as shown in fig. 6, the blocking unit includes:
an extracting unit 601, configured to forward the access request to a first application server, so as to obtain the IP address from the access request through the first application server, and synchronize the IP address to a blocker.
A block subunit 602, configured to perform block management on the IP address through the block unit, and synchronize the IP address to a firewall of the target system.
Optionally, in an access request processing apparatus provided in another embodiment of the present application, a response unit includes:
and the response subunit is used for forwarding the access request to the second application server so as to respond to the access request through the second application server.
Optionally, in an access request processing apparatus provided in another embodiment of the present application, further including:
and the first updating unit is used for generating a new access address of the target system according to a random algorithm when the target system starts access, and issuing the new access address of the target system for effectiveness.
And the second updating unit is used for generating a new access address of the target system according to a random algorithm at each preset time interval, and issuing and validating the new access address of the target system.
Optionally, in an access request processing apparatus provided in another embodiment of the present application, further including:
and the releasing unit is used for timing the forbidden time of the IP address and releasing the forbidden time of the IP address when the forbidden time of the IP address reaches the set time length corresponding to the IP address.
It should be noted that, each unit provided in the foregoing embodiment of the present application may specifically be a unit in each component in the system shown in fig. 1, and a specific working process of each unit may correspondingly refer to a corresponding step in the foregoing method embodiment, which is not described herein again.
Another embodiment of the present application provides an electronic device, as shown in fig. 7, including:
a memory 701 and a processor 702.
The memory 701 is used for storing programs, and the processor 702 is used for executing the programs stored in the memory 701, and when the programs are executed, the processing method of the access request provided by any of the above embodiments is specifically implemented.
Another embodiment of the present application provides a computer storage medium for storing a computer program, which when executed, is used to implement the processing method of the access request as described in any one of the above.
Computer storage media, including permanent and non-permanent, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A method for processing an access request, comprising:
acquiring an access request sent by a user to a target system; wherein the access request comprises at least an IP address and an access address;
judging whether the access address is the latest access address of the current target system; wherein, the access address of the target system is updated at least once when the access is started;
if the access address is judged not to be the latest access address of the current target system, the IP address is forbidden;
and responding to the access request if the access address is judged to be the latest access address of the current target system.
2. The method of claim 1, wherein the determining whether the access address is before a latest access address of the current target system further comprises:
identifying whether the IP address belongs to a blocked IP address; if the IP address is identified not to belong to the forbidden IP address, executing the judgment to determine whether the access address is the latest access address of the current target system;
and if the IP address is identified to belong to the blocked IP address, intercepting the access request.
3. The method of claim 1, wherein the blocking the IP address comprises:
forwarding the access request to a first application server so as to acquire the IP address from the access request through the first application server and synchronize the IP address to a blocker;
and carrying out blocking management on the IP address through the blocking device, and synchronizing the IP address to a firewall of the target system.
4. The method of claim 1, wherein said responding to said access request comprises:
forwarding the access request to a second application server to respond to the access request through the second application server.
5. The method of claim 1, wherein the updating of the access address of the target system comprises:
when the target system starts access, generating a new access address of the target system according to a random algorithm, and issuing the new access address of the target system for effectiveness;
and generating a new access address of the target system according to a random algorithm every preset time interval, and issuing the latest access address of the target system for effectiveness.
6. The method of claim 1, wherein after said blocking the IP address, further comprising:
and timing the seal-forbidden time of the IP address, and removing the seal-forbidden time of the IP address when the seal-forbidden time of the IP address reaches the set time length corresponding to the IP address.
7. An apparatus for processing an access request, comprising:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring an access request sent by a user to a target system; wherein the access request comprises at least an IP address and an access address;
the judging unit is used for judging whether the access address is the latest access address of the current target system; wherein, the access address of the target system is updated at least once when the access is started;
a blocking unit, configured to block the IP address when the determining unit determines that the access address is not the latest access address of the current target system;
and the response unit is used for responding to the access request when the judging unit judges that the access address is the latest access address of the current target system.
8. The apparatus of claim 7, further comprising:
the identification unit is used for identifying whether the IP address belongs to a forbidden IP address or not; when the identification unit identifies that the IP address does not belong to a forbidden IP address, the judgment unit judges whether the access address is the latest access address of the current target system;
and the intercepting unit is used for intercepting the access request when the identifying unit identifies that the IP address belongs to the blocked IP address.
9. An electronic device, comprising:
a memory and a processor;
wherein the memory is used for storing programs;
the processor is configured to execute the program, which when executed is specifically configured to implement the method of processing an access request according to any one of claims 1 to 6.
10. A computer storage medium storing a computer program which, when executed, implements a method of processing an access request according to any one of claims 1 to 6.
CN202110749126.9A 2021-07-01 2021-07-01 Access request processing method and device, electronic equipment and storage medium Active CN113489778B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110749126.9A CN113489778B (en) 2021-07-01 2021-07-01 Access request processing method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110749126.9A CN113489778B (en) 2021-07-01 2021-07-01 Access request processing method and device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113489778A true CN113489778A (en) 2021-10-08
CN113489778B CN113489778B (en) 2022-12-13

Family

ID=77940263

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110749126.9A Active CN113489778B (en) 2021-07-01 2021-07-01 Access request processing method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113489778B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103856437A (en) * 2012-11-28 2014-06-11 深圳市金蝶中间件有限公司 Site security detection method and system
US20170237704A1 (en) * 2016-02-16 2017-08-17 Le Holdings (Beijing) Co., Ltd. Addressing communication method and electronic device based on media access control address
CN109922030A (en) * 2017-12-13 2019-06-21 南京领创信息科技有限公司 Global network access control system and method based on Android device
CN112035810A (en) * 2020-08-19 2020-12-04 绿盟科技集团股份有限公司 Access control method, device, medium and equipment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103856437A (en) * 2012-11-28 2014-06-11 深圳市金蝶中间件有限公司 Site security detection method and system
US20170237704A1 (en) * 2016-02-16 2017-08-17 Le Holdings (Beijing) Co., Ltd. Addressing communication method and electronic device based on media access control address
CN109922030A (en) * 2017-12-13 2019-06-21 南京领创信息科技有限公司 Global network access control system and method based on Android device
CN112035810A (en) * 2020-08-19 2020-12-04 绿盟科技集团股份有限公司 Access control method, device, medium and equipment

Also Published As

Publication number Publication date
CN113489778B (en) 2022-12-13

Similar Documents

Publication Publication Date Title
JP6882474B2 (en) Systems and methods for detecting replay attacks
CN113840012B (en) Block chain-based screen recording evidence obtaining method and system and electronic equipment
CN110855666B (en) Gateway equipment activation method, device, equipment and medium based on end cloud cooperation
CN109698809B (en) Method and device for identifying abnormal login of account
TW201828645A (en) Network authentication method and apparatus
CN114006771B (en) Flow detection method and device
WO2020107446A1 (en) Method and apparatus for obtaining attacker information, device, and storage medium
CN114090975A (en) Cloud database resource processing method and device, electronic equipment and storage medium
CN107797859B (en) Scheduling method of timing task and scheduling server
CN110795395A (en) File deployment system and file deployment method
CN113676549A (en) Application request distribution method, application gateway, electronic device and storage medium
CN113489778B (en) Access request processing method and device, electronic equipment and storage medium
KR102495724B1 (en) Method and apparatus for providing location information of origin of request for abnormal transaction
CN111314241B (en) Task scheduling method and scheduling system
CN112804222A (en) Data transmission method, device, equipment and storage medium based on cloud deployment
CN110830459A (en) Stealth security agent access method, gateway terminal, client and equipment
CN110619023A (en) Water source detection data chaining method and device of Internet of things by combining block chains
CN110633326A (en) Method and system for uplink of weather data of Internet of things on block chain
CN101729569B (en) Distributed Denial of Service (DDOS) attack protection method, device and system
CN111163084B (en) Safe storage method based on dynamic election and consensus mechanism
US10320784B1 (en) Methods for utilizing fingerprinting to manage network security and devices thereof
CN110677403A (en) Sound detection data chaining method and device of Internet of things applying block chains
CN111698197A (en) Method, system, service system and storage medium for collecting information of named Web applications
CN114363264B (en) Service reservation method
CN110365628B (en) Data request processing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant