Address virtualized Web application security firewall method, device and system

• Main Authors: FU LIHUA, LI DEQING, ZHOU XINGXIN, QIN XIAOHUA, ZHENG DONGDONG, SHI KAINING
• Format: Patent
• Language: Chinese; English
• Published: 12.04.2019
• Subjects: ELECTRIC COMMUNICATION TECHNIQUE; ELECTRICITY; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

The invention discloses an address virtualized Web application security firewall method, device and system. The method comprises steps of: receiving a first Web request initiated by a user terminal toa first URL; sending the request to a Web server; receiving first response information of the Web server; encrypting a second URL associated with the first URL in the information so as to obtain a third URL, and generating, based on the URL, second response information; and sending the second response information to the user terminal, so as to display a page corresponding to the first URL, wherein the page comprises a link of the third URL. The method can virtualize an address and intercept direct access to the server, thereby preventing an attacker from directly detecting a fixed URL addressand attacking repeatedly; the method improves malicious use difficulty of vulnerability, is particularly effective in protection of 0day vulnerability, and solves a problem that a traditional Web application security firewall