The invention relates to a WEB backdoor detection method and system based on a relevance tree. The WEB backdoor detection system comprises a link relevance tree generation module and an attack real-time detection module. The detection system does not depend on antivirus software or file feature detection software, instead, initiative crawling and access record collecting are conducted on WEB links first, a link set of all URLs of a WEB is established through analysis and process, and the link and skip relation of the URLs is marked in a computerized algorithm in a tree mode, so that a link relevance tree is formed. If a backdoor URL request does not exist in the link relevance tree, a security monitoring module of the system gives an alarm, and the attack request is stopped. By means of the detection method, the safety of WEB application is improved, the problem of WEB backdoor attack which can not be detected and prevented by security products such as the antivirus software and a firewall is solved, the university is good, there is no need to mount software programs on a WEB server, and the type of the WEB server, WEB programming languages, customer usage and the like are all made to be transparent.