Method and device for controlling hyper text transport protocol (HTTP) traffic
A control method and flow technology, applied in the field of network security, can solve the problems of unsatisfactory application effect, inability to distinguish normal web service access HTTP traffic and abnormal HTTP traffic, etc., and achieve better defense effect
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Example Embodiment
[0049] Embodiment 1, a method for controlling HTTP traffic, which can be used on a web security gateway but is not limited to, including:
[0050] According to the HTTP traffic sent by the web client to the web server, determine that the web client is an automatic tool or manual browsing;
[0051] Only HTTP traffic generated by web clients determined to be manual browsing is allowed to enter the web server.
[0052] That is to say, for the HTTP traffic generated by the web client determined as an automatic tool, prevent it from entering the web server, such as directly discarding the HTTP request, or not processing it until it is overwritten by a new HTTP request; if the determination result is If uncertain, the leaky bucket algorithm known in the field of network service quality can be used to send the HTTP request to the Web server at a pre-agreed forwarding rate, and it can also be prevented from entering the Web server in practical application.
[0053] In this embodiment...
Example Embodiment
[0090] Embodiment 2, a control device for HTTP traffic, which can be used on a security gateway, such as image 3 shown, including:
[0091] Web client determination module: used to determine that the Web client is an automatic tool or manual browsing according to the HTTP traffic sent by the Web client to the Web server;
[0092] The HTTP current limiting module is configured to allow only the HTTP traffic generated by the Web client determined as manual browsing to enter the Web server.
[0093] In this embodiment, the determination results of the Web client determination module can be divided into three types: A) the Web client is an automatic tool; B) the Web client is manual browsing; C) the current behavior is unknown; the HTTP current limiting module is based on The judgment result of the Web client judgment module determines the next step for the HTTP request: if the judgment result of the Web client that sends the HTTP request is an automatic tool, it can but is not ...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap