Web application firewall rule updating method, device and system

An update method and web application technology, applied in the Internet field, can solve problems such as poor real-time performance

Inactive Publication Date: 2017-07-21
BEIJING QIYI CENTURY SCI & TECH CO LTD
View PDF5 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the firewall rules can be successfully updated by applying the above method, artificial copying of new firewall rules usually has a lag, that is, the real-time performance of the above firewall rule update method is poor, especially when the attack methods are diverse and changeable. The disadvantage of poor real-time performance of updating firewall rules is more prominent

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web application firewall rule updating method, device and system
  • Web application firewall rule updating method, device and system
  • Web application firewall rule updating method, device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0058] refer to figure 1 , figure 1 The first schematic diagram of a method for updating rules of a Web application firewall provided by an embodiment of the present invention, the method is applied to a Web server in a Web application defense system, and the Web application defense system includes: a Web server and a rule management server, wherein the rule The management server is used to store the firewall rules corresponding to each business; such as figure 1 As shown, the method includes the following steps:

[0059] S110. Send a rule synchronization request for the target service to the rule management server, where the rule synchronization request includes: a target version number, so that the rule management server verifies whether the target version number is consistent with the latest version number, wherein , the target version number is: the version number of the first firewall rule, the first firewall rule is: the firewall rule corresponding to the target servic...

Embodiment 2

[0073] refer to figure 2 , figure 2 A second schematic diagram of a method for updating rules of a web application firewall provided by an embodiment of the present invention, the method is applied to a rule management server in a web application defense system, and the web application defense system includes: a web server and a rule management server, wherein, The rule management server is used to store firewall rules corresponding to various services; figure 2 As shown, the method includes the following steps:

[0074] S210. Receive a rule synchronization request for the target service sent by the web server, wherein the rule synchronization request carries: a target version number, and the target version number is: a version number of a first firewall rule, and the first firewall rule The rule is: a firewall rule corresponding to the target service stored locally by the Web server.

[0075] S220. Verify whether the target version number is consistent with the latest v...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a Web application firewall rule updating method, device and system. The method disclosed by the embodiment of the invention comprises the following steps: firstly, a Web server sends a rule synchronization request for a target service to a rule management server; and then, the rule management server verifies whether a target version number in the rule synchronization request is consistent with the latest version number, wherein the target version number is the version number, which is locally stored by the Web server, of a first firewall rule corresponding to the target server; and the latest version number is the version number, which is stored in a local hard disk of the rule management server, of the latest firewall rule corresponding to the target service; if the target version number and the latest version number are inconsistent, a second firewall rule is sent to the Web server; the Web server receives the second firewall rule sent by the rule management server; and the first firewall rule is updated as the second firewall rule. By use of the technical scheme provided by the embodiment of the invention, the updating of the firewall rule can be realized in real time.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a method, device and system for updating rules of a Web application firewall. Background technique [0002] At present, the Web application firewall technology is mainly implemented through a Web Application Firewall (WAF), and WAF represents a new type of information security technology to solve the security problems of Web applications. [0003] In the prior art, the WAF running in the web server mainly uses pre-established firewall rules to filter external requests to achieve defense protection, and the pre-established firewall rules are mostly stored locally on the web server in the form of files. When there is a firewall rule update, it is necessary to manually copy the new firewall rule to the local Web server, so as to realize the update of the firewall rule locally stored in the Web server. Although the firewall rules can be successfully updated by applying the abov...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/02H04L63/20H04L67/1095H04L67/60
Inventor 周凯
Owner BEIJING QIYI CENTURY SCI & TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap