CN117375880A - Webpage tamper-proof system and method - Google Patents
Webpage tamper-proof system and method Download PDFInfo
- Publication number
- CN117375880A CN117375880A CN202311148704.9A CN202311148704A CN117375880A CN 117375880 A CN117375880 A CN 117375880A CN 202311148704 A CN202311148704 A CN 202311148704A CN 117375880 A CN117375880 A CN 117375880A
- Authority
- CN
- China
- Prior art keywords
- webpage
- file
- monitoring
- module
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 10
- 238000012544 monitoring process Methods 0.000 claims abstract description 47
- 238000011084 recovery Methods 0.000 claims abstract description 21
- 230000003068 static effect Effects 0.000 claims abstract description 4
- 238000012217 deletion Methods 0.000 claims description 11
- 230000037430 deletion Effects 0.000 claims description 11
- 238000012545 processing Methods 0.000 claims description 10
- 230000004048 modification Effects 0.000 claims description 8
- 238000012986 modification Methods 0.000 claims description 8
- 230000008439 repair process Effects 0.000 abstract description 4
- 238000005516 engineering process Methods 0.000 description 10
- 238000001514 detection method Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000001914 filtration Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000002411 adverse Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
- H04L2209/608—Watermarking
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a webpage tamper-proof system and method; the backup file management module is used for providing a backup center for the static webpage to be protected, the backed-up webpage file is a certificate during webpage recovery, and the file uploaded to the backup center generates a unique watermark value to carry out file identification on the unique watermark value so as to ensure that the webpage recovery cannot be in error; the monitoring management module is used for locking the webpage to be monitored by configuring some parameters, and providing a basis for realizing the real-time monitoring of the webpage; the alarm and recovery module is used for monitoring the webpage in real time; the user management module is used for carrying out unified management on personnel using the system. The invention can realize the omnibearing protection of the webpage efficiently, conveniently and quickly, can position the tampered position at the first time when the event of tampering the webpage occurs, repairs the tampered webpage, maintains the image of the website entitlement, is not affected, and ensures the stability, reliability and expandability of the system.
Description
Technical Field
The invention belongs to the technical field of network security, and particularly relates to a webpage tamper-proof system and method.
Background
Webpage tampering refers to that an attacker invades a target website by using a specific means or method and modifies the attack mode of partial content or source codes of the website; if the web page is tampered and cannot be recovered in time, the interests of website owners will be damaged, and adverse effects will be caused to society, especially on authoritative websites, news websites and the like, which will cause immeasurable negative effects.
The basic requirements for webpage tamper resistance are as follows: timely discovering and processing the uploaded Trojan horse and the tampered normal file, and the existing protective measures comprise: strengthening server security settings, including prohibiting remote operation of a registry, disabling CMD commands, starting a firewall and the like, and preventing by installing tamper-proof commercial software such as a cloud shield and the like; the webpage tamper-proof system aims to effectively reduce malicious influence after the webpage is tampered, and under the conditions of interception in advance and double management after restoration, the webpage is immediately restored when interception fails, so that user experience can be improved, the image of a corresponding main body of a website can be maintained, and negative influence is prevented.
The scheme for realizing webpage tamper resistance in the prior art comprises a time polling technology, an event triggering and core embedded technology and a file filtering and event triggering technology; the time polling is specifically to continuously poll and detect the web pages through a program, and the detection is carried out once every other time period, wherein the detection is mainly to detect each web page file in the monitoring files, and the detection is carried out by comparing with the backed-up web page files to judge whether the change occurs or not; because the technology is interval detection, a monitoring blank period exists, and if web page tampering occurs in the blank period, web pages are not easy to check and recover; the event triggering and core embedded technology specifically adopts an asymmetric encryption algorithm, all webpages are encrypted by adopting the asymmetric encryption algorithm, when the webpages are accessed, a server performs secret verification, and only after the verification is passed, the backup file is called for decryption, and the webpages are distributed; according to the technical scheme, before the web page is released, the complete attribute check is required to be carried out on each accessed page, and a great load is brought to a server; the file filtering and event triggering technology relies on a file bottom driving technology, real-time monitoring is carried out on the target webpage file in a time triggering mode, the file filtering technology needs to detect file attributes in real time, once the file attributes are changed, corresponding backup files are copied to the position where the change is detected and covered, the file attribute change can be easily obtained through the file driving technology, excessive resources are not occupied, and file coverage Guo Hengkuai is rapid and efficient; therefore, the technical scheme provides a new system for solving the webpage security problem in the technical scheme so as to improve the webpage tamper resistance and response speed.
Disclosure of Invention
The invention provides a webpage tamper-proof system and method, which comprise functions of webpage real-time monitoring, event alarm processing, webpage recovery and the like, can realize the omnibearing protection of the webpage efficiently, conveniently and quickly, can position a tampered position at the first time when a tampered webpage event occurs, repairs the tampered webpage, maintains the image of a website entitlement person, is not damaged, ensures the stability, reliability and expandability of the system, and solves the problems in the background technology.
In order to solve the technical problems, the invention is realized by the following technical scheme:
the invention discloses a webpage tamper-proof system, which comprises a backup file management module, a monitoring management module, an alarm and recovery module and a user management module;
the backup file management module is used for providing a backup center for a static webpage to be protected, the backed-up webpage file is a certificate during webpage recovery, and the file uploaded to the backup center generates a unique watermark value to carry out file identification on the file so as to ensure that the webpage recovery cannot be in error;
the monitoring management module is used for locking the webpage to be monitored by configuring some parameters, providing a basis for realizing the real-time monitoring of the webpage, and is divided into a monitoring station sub-module and a monitoring catalog sub-module; the monitoring station submodule distinguishes different servers through different IP addresses of each station according to the characteristics of service layout of an operator, and locks the corresponding servers through a station selecting mode;
the alarm and recovery module is used for monitoring the webpage in real time, carrying out alarm processing at the first time once a tampering event occurs, and immediately recovering the original webpage without affecting the normal use of the webpage;
the user management module is used for carrying out unified management on personnel using the system, so that the system is convenient to use with high efficiency.
Further, the backup file management module comprises the functions of backup file inquiry, backup file addition, backup file deletion and file watermark generation.
Further, the monitoring site submodule comprises functions of adding a site, adding and modifying the site, adding and inquiring the site and deleting the site.
Further, the monitoring catalog submodule comprises catalog inquiry, catalog addition, catalog deletion, monitoring stopping and monitoring starting functions.
Further, the alarm and recovery module comprises functions of generating an alarm, inquiring the alarm, deleting the alarm and recovering the webpage.
Further, the user management module comprises a user management sub-module and a right control sub-module; the user management submodule is used for carrying out a series of management on users of the system, including functions of user addition, user inquiry, user modification and user deletion; the permission control sub-module is used for carrying out functions of user permission modification, permission distribution, permission deletion and permission query on the permissions of each user.
A webpage tamper-proof method comprises the following steps:
s1, after a user account number and a secret are correctly input, a webpage tamper-proof system is successfully logged in, and after login is successful, a management page is entered;
s2, uploading the webpage files to be monitored to a backup file management module in the system, and generating unique backup file watermark values through a watermark algorithm after the files are successfully uploaded;
s3, completing configuration of website information of the webpage, determining an IP address of a server where the webpage to be monitored is located, and configuring program catalog information after the website information is configured, so that the website information of the program catalog is consistent with the website information just configured;
s4, selecting a file to be monitored, after determining site information and program catalog information to be configured, locking the corresponding information, wherein the webpage file is in a monitored state, namely, monitoring is started, and the webpage file is always in monitoring except for external factors after the monitoring is started;
if the file changes, namely an event occurs, immediately calculating an event watermark value, and comparing the event watermark value with a watermark value of a backup file in a database to judge whether the file changes or not;
if the event watermark value is different from the watermark value of the backup file in the database, a tamper event is generated immediately, an alarm record is automatically restored, and the alarm record is updated after the restoration is completed;
otherwise, if the event watermark value is the same as the watermark value of the backup file, the web page is judged to be normally updated without any processing.
Compared with the prior art, the invention has the following beneficial effects:
the invention comprises the functions of real-time monitoring of the web page, event alarm processing, web page recovery and the like, can realize the omnibearing protection of the web page efficiently, conveniently and quickly, can position the tampered position at the first time when the event of tampering the web page occurs, repairs the tampered web page, maintains the image of the website rights, is not affected, and ensures the stability, reliability and expandability of the system.
Of course, it is not necessary for any one product to practice the invention to achieve all of the advantages set forth above at the same time.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a functional block diagram of a web page tamper-proof system according to the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1, the web page tamper-proof system of the present invention includes a backup file management module, a monitoring management module, an alarm and recovery module, and a user management module;
the backup file management module is used for providing a backup center for the static webpage to be protected, the backed-up webpage file is a certificate during webpage recovery, and the file uploaded to the backup center generates a unique watermark value to carry out file identification on the file so as to ensure that the webpage recovery cannot be in error; the backup file management module comprises the functions of backup file inquiry, backup file addition, backup file deletion and file watermark generation;
the monitoring management module is used for locking the webpage to be monitored by configuring some parameters, and provides a basis for realizing the real-time monitoring of the webpage, and is divided into a monitoring station sub-module and a monitoring catalog sub-module; the monitoring station submodule distinguishes different servers through different IP addresses of each station according to the characteristics of service layout of an operator, and locks the corresponding servers through a station selecting mode; the monitoring site submodule comprises functions of adding a site, adding and modifying, adding and inquiring and deleting the site; the monitoring catalog submodule comprises catalog inquiry, catalog addition, catalog deletion, monitoring stopping and monitoring starting functions;
the alarm and recovery module is used for monitoring the webpage in real time, carrying out alarm processing at the first time once a tampering event occurs, and immediately recovering the original webpage without affecting the normal use of the webpage; the alarm and recovery module comprises functions of generating an alarm, inquiring the alarm, deleting the alarm and recovering a webpage;
the user management module is used for carrying out unified management on personnel using the system, so that the system is convenient to use with high efficiency; the user management module comprises a user management sub-module and a right control sub-module; the user management submodule is used for carrying out a series of management on users of the system, including functions of user addition, user inquiry, user modification and user deletion; the permission control submodule is used for carrying out functions of user permission modification, permission distribution, permission deletion and permission query on the permissions of each user.
A webpage tamper-proof method comprises the following steps:
s1, after a user account number and a secret are correctly input, a webpage tamper-proof system is successfully logged in, and after login is successful, a management page is entered;
s2, uploading the webpage files to be monitored to a backup file management module in the system, and generating unique backup file watermark values through a watermark algorithm after the files are successfully uploaded;
s3, completing configuration of website information of the webpage, determining an IP address of a server where the webpage to be monitored is located, and configuring program catalog information after the website information is configured, so that the website information of the program catalog is consistent with the website information just configured;
s4, selecting a file to be monitored, after determining site information and program catalog information to be configured, locking the corresponding information, wherein the webpage file is in a monitored state, namely, monitoring is started, and the webpage file is always in monitoring except for external factors after the monitoring is started;
if the file changes, namely an event occurs, immediately calculating an event watermark value, and comparing the event watermark value with a watermark value of a backup file in a database to judge whether the file changes or not;
if the event watermark value is different from the watermark value of the backup file in the database, a tamper event is generated immediately, an alarm record is automatically restored, and the alarm record is updated after the restoration is completed;
otherwise, if the event watermark value is the same as the watermark value of the backup file, the web page is judged to be normally updated without any processing.
The invention comprises the functions of real-time monitoring of the web page, event alarm processing, web page recovery and the like, can realize the omnibearing protection of the web page efficiently, conveniently and quickly, can position the tampered position at the first time when the event of tampering the web page occurs, repairs the tampered web page, maintains the image of the website rights, is not affected, and ensures the stability, reliability and expandability of the system.
The preferred embodiments of the invention disclosed above are intended only to assist in the explanation of the invention. The preferred embodiments are not exhaustive or to limit the invention to the precise form disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best understand and utilize the invention. The invention is limited only by the claims and the full scope and equivalents thereof.
Claims (7)
1. The webpage tamper-proof system is characterized by comprising a backup file management module, a monitoring management module, an alarm and recovery module and a user management module;
the backup file management module is used for providing a backup center for a static webpage to be protected, the backed-up webpage file is a certificate during webpage recovery, and the file uploaded to the backup center generates a unique watermark value to carry out file identification on the file so as to ensure that the webpage recovery cannot be in error;
the monitoring management module is used for locking the webpage to be monitored by configuring some parameters, providing a basis for realizing the real-time monitoring of the webpage, and is divided into a monitoring station sub-module and a monitoring catalog sub-module; the monitoring station submodule distinguishes different servers through different IP addresses of each station according to the characteristics of service layout of an operator, and locks the corresponding servers through a station selecting mode;
the alarm and recovery module is used for monitoring the webpage in real time, carrying out alarm processing at the first time once a tampering event occurs, and immediately recovering the original webpage without affecting the normal use of the webpage;
the user management module is used for carrying out unified management on personnel using the system, so that the system is convenient to use with high efficiency.
2. The system of claim 1, wherein the backup file management module includes backup file querying, backup file adding, backup file deleting, and file watermark generating functions.
3. The web page tamper resistant system of claim 1, wherein said monitor site sub-module comprises functionality for adding sites, adding modifications, adding queries, and deleting sites.
4. The web page tamper resistant system of claim 1, wherein said monitor catalog submodule includes catalog inquiry, catalog addition, catalog deletion, monitor stop and monitor start functions.
5. The web page tamper resistant system of claim 1, wherein said alert and recovery module includes functions for generating an alert, querying an alert, deleting an alert, and recovering a web page.
6. The web page tamper resistant system of claim 1, wherein said user management module comprises a user management sub-module and a permission control sub-module; the user management submodule is used for carrying out a series of management on users of the system, including functions of user addition, user inquiry, user modification and user deletion; the permission control sub-module is used for carrying out functions of user permission modification, permission distribution, permission deletion and permission query on the permissions of each user.
7. A web page tamper-resistant method, characterized in that the method is implemented by adopting a web page tamper-resistant system as claimed in any one of claims 1 to 6, and comprises the following steps:
s1, after a user account number and a secret are correctly input, a webpage tamper-proof system is successfully logged in, and after login is successful, a management page is entered;
s2, uploading the webpage files to be monitored to a backup file management module in the system, and generating unique backup file watermark values through a watermark algorithm after the files are successfully uploaded;
s3, completing configuration of website information of the webpage, determining an IP address of a server where the webpage to be monitored is located, and configuring program catalog information after the website information is configured, so that the website information of the program catalog is consistent with the website information just configured;
s4, selecting a file to be monitored, after determining site information and program catalog information to be configured, locking the corresponding information, wherein the webpage file is in a monitored state, namely, monitoring is started, and the webpage file is always in monitoring except for external factors after the monitoring is started;
if the file changes, namely an event occurs, immediately calculating an event watermark value, and comparing the event watermark value with a watermark value of a backup file in a database to judge whether the file changes or not;
if the event watermark value is different from the watermark value of the backup file in the database, a tamper event is generated immediately, an alarm record is automatically restored, and the alarm record is updated after the restoration is completed;
otherwise, if the event watermark value is the same as the watermark value of the backup file, the web page is judged to be normally updated without any processing.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311148704.9A CN117375880A (en) | 2023-09-07 | 2023-09-07 | Webpage tamper-proof system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311148704.9A CN117375880A (en) | 2023-09-07 | 2023-09-07 | Webpage tamper-proof system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117375880A true CN117375880A (en) | 2024-01-09 |
Family
ID=89399148
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311148704.9A Pending CN117375880A (en) | 2023-09-07 | 2023-09-07 | Webpage tamper-proof system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117375880A (en) |
-
2023
- 2023-09-07 CN CN202311148704.9A patent/CN117375880A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103391216B (en) | A kind of illegal external connection is reported to the police and blocking-up method | |
| CN101482887B (en) | Anti-tamper verification method for key data in database | |
| CN110889130B (en) | Database-based fine-grained data encryption method, system and device | |
| JP5430747B2 (en) | Network contents tampering prevention equipment, method and system | |
| CN103632080A (en) | Mobile data application safety protection system and mobile data application safety protection method based on USBKey | |
| CN103294950A (en) | High-power secret information stealing malicious code detection method and system based on backward tracing | |
| CN101877039A (en) | Fault detection technology of server operating system | |
| CN111885210A (en) | Cloud computing network monitoring system based on end user environment | |
| CN110138731B (en) | Network anti-attack method based on big data | |
| CN110008392A (en) | A kind of webpage tamper detection method based on web crawlers technology | |
| CN104573530A (en) | Server safety reinforcing system | |
| GB2592132A (en) | Enterprise network threat detection | |
| CN116527299A (en) | Network-based safety protection method and dynamic defense system | |
| CN108900505B (en) | Cluster audit management and control method based on block chain technology | |
| JP6768965B2 (en) | Website monitoring system and monitoring method | |
| CN112422527B (en) | Threat assessment system, method and device for substation power monitoring system | |
| CN112187699B (en) | Method and system for sensing file theft | |
| US8433798B2 (en) | Altering software behavior based on internet connectivity | |
| CN110086812B (en) | Safe and controllable internal network safety patrol system and method | |
| CN113114676B (en) | Web safety protection and monitoring system | |
| CN117375880A (en) | Webpage tamper-proof system and method | |
| CN112187787B (en) | Digital marketing advertisement page tamper-proof method, device and equipment based on knowledge graph | |
| CN115834205A (en) | Monitoring system illegal external connection alarm system | |
| KR102182397B1 (en) | Web Service Protection and Automatic Recovery Method and System Thereof | |
| CN109583204B (en) | Method for monitoring static object tampering in mixed environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |