Website security defense method

Abstract

The invention discloses a website security defense method. The method comprises the following steps: obtaining the number of website access requests in a preset time period corresponding to each region; comparing the website access request with a set website access request threshold value in a standard area, and determining an overvalue rate of the website access request; extracting an IP addresscorresponding to logging in the website in an area of which the overvalue rate is greater than a set standard overvalue rate; obtaining an access threshold of the website IP address; judging whether the real-time access frequency of each IP address in the area of which the overbalance rate is greater than the set standard overbalance rate is greater than the access threshold of the website IP address or not; and carrying out flow limiting processing on the IP address of which the actual access frequency is greater than the access threshold of the website IP address, otherwise, counting the access time and the access number of the IP address in the prediction time period, and recording and storing the access time and the access number. The access frequency of the IP address is limited, theaccess threshold value is reduced, the access frequency of the IP address is reduced, the website is prevented from being attacked, and the defense capability of the website is improved.

Description

technical field [0001] The invention belongs to the technical field of website defense, and relates to a website security defense method. Background technique [0002] Some malicious attackers often use the server to generate legitimate requests for relevant websites, thereby continuously visiting the website to consume the performance of the website server, so as to attack the website, causing the website server to be paralyzed, and normal users cannot use the website server. [0003] Since the access request initiated by the attacker to the website is the same as that of a normal user, when the website server receives the access request sent by the attacker, it cannot distinguish whether the access request of the attacker is the access request of a normal user, and cannot respond to the attacker's request. In order to improve the anti-attack ability of the website and improve the use effect of normal users, a website security defense method is designed, which greatly impro...

AI Technical Summary

Problems solved by technology

[0002] Some malicious attackers often use the server to generate legitimate requests for relevant websites, so as to continuously visit the website to consume the performance of the website server, so as to attack the website, causing the website server to be paralyzed, and normal users cannot use the website server

[0003] Since the access request initiated by the attacker to the website is the same as that of a normal user, when the website server receives the access request sent by the attacker, it cannot distinguish whether the access request of the attacker is the access request of a normal user, and cannot respond to the attacker's request. In order to improve the anti-attack ability of the website and improve the use effect of normal users, a website security defense method is designed, which greatly improves the security and defense ability of the website

Images