CN109800376A - A kind of general method for auditing webpage - Google Patents
A kind of general method for auditing webpage Download PDFInfo
- Publication number
- CN109800376A CN109800376A CN201811569163.6A CN201811569163A CN109800376A CN 109800376 A CN109800376 A CN 109800376A CN 201811569163 A CN201811569163 A CN 201811569163A CN 109800376 A CN109800376 A CN 109800376A
- Authority
- CN
- China
- Prior art keywords
- application program
- server
- terminal computer
- violation keyword
- keyword list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007429 general method Methods 0.000 title claims abstract description 12
- 238000004458 analytical method Methods 0.000 claims abstract description 14
- 238000010835 comparative analysis Methods 0.000 claims description 8
- 238000007726 management method Methods 0.000 abstract description 7
- 238000000034 method Methods 0.000 abstract description 6
- 230000004044 response Effects 0.000 abstract description 2
- 238000012550 audit Methods 0.000 abstract 4
- 238000005516 engineering process Methods 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000003542 behavioural effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000002354 daily effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 238000010606 normalization Methods 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of general method for auditing webpage, violation Keyword List is configured including server-side, server-side issues violation Keyword List to terminal computer, terminal computer issues web access requests by application program, the web access requests of Internet Server response terminal computer, and corresponding resource will be requested to reply to application program, application program compares and analyzes the resource analysis that Internet Server is replied at after text file with violation Keyword List, request content could be showed terminal user by determination, comparison result is sent to server-side by application program, server-side generates Audit data.This method is not in the case where adjusting any configuration of browser, the web page access behavior issued to terminal computer is comprehensively analyzed, and record complete Audit data, solving the problems, such as most of system can not audit the website visiting behavior of ciphertext, the integrality and reliability of access audit are improved, and is provided a great convenience for the daily O&M and management of administrator.
Description
Technical field
Invention belongs to field of computer technology, more particularly to a kind of general method for auditing webpage.
Background technique
With the fast development of information age, so that user is obtained message context from internet very convenient, but also gives
Office Network brings pressure, while also bringing higher Dangerous Internet.
Currently, when the user accesses a web page, only record user logs in, exits, accessing the major issues such as content, not in access
Whether appearance, which closes the specifying informations such as rule, is recorded, also can not be complete simultaneously for the ciphertext transferring content started with HTTPS agreement
Acquisition specifically access content, Office Network administrator can only know sometime point some logged webpage of user, but nothing
Method obtains detailed access information, brings very big difficulty for the efficient management of Office Network, also gives the general safety of Office Network
Very big security risk is brought, once going wrong quickly can not timely navigate to problem.
Therefore, it is necessary to a kind of general method for auditing webpage to solve the above problems, no matter user pass through it is in plain text or close
Any information of text access Office Network can intercept one by one, and provide response results after comparing analysis according to violation list, simultaneously
Whole process is completely recorded, administrator is facilitated quickly timely to position to problem.
Summary of the invention
The main purpose of the present invention is to provide a kind of general method for auditing webpage, fundamentally facilitate routine office work net
The O&M of network and management not only promote O&M efficiency, moreover it is possible to ensure that the operation in office network all meets the requirements.
In order to achieve the above object, the technical solution adopted in the present invention is as follows:
A kind of general method for auditing webpage comprising the steps of:
A. server-side configures violation Keyword List;
The violation Keyword List includes violation keyword;
B. violation Keyword List is handed down to terminal computer by server-side;
C. violation Keyword List is saved in application program by terminal computer, and forbids other browsings other than application program
Device operation;
D. terminal computer issues web access requests by application program;
E. Internet Server receives the web access requests of terminal computer sending, by terminal computer web access requests
It is parsed into corresponding resource, and the resource parsed is replied into application program;
The resource includes html file, CSS file, JavaScript file, picture, video, audio;
F. application program will receive resource analysis and compare and analyze at after text file with violation Keyword List, if literary
It include the violation keyword in violation Keyword List in this document, then application program is refused to terminal computer displayed web page
Information in access request;If not comprising the violation keyword in violation Keyword List, application program in text file
Information into terminal computer displayed web page access request;
G. the comparative analysis result of text file and violation Keyword List is sent to server-side by application program;
The analysis result includes request time, request account, IP address, request number of times, request results, webpage title;
H. server-side receives comparative analysis result and backs up.
The beneficial effects of the present invention are:
The present invention provides a kind of general method for auditing webpage, only need to conveniently be configured by server-side and be handed down to end
End subscriber by the detailed analysis of application program and can provide later whenever any web access requests of terminal user's sending
Analysis is as a result, ensure that the normalization of safety, the end-user access operation of data in net, so that realization accesses behaviour to user
The safety management and monitoring of work, while being convenient for the accurate positionin and inquiry of everyday problem, convenience is provided for administrator.
Detailed description of the invention
Fig. 1 is the implementation flow chart of the general method for auditing webpage of one kind of the invention.
Specific embodiment
With reference to the accompanying drawings and examples, the method for auditing webpage general to one kind of the invention is done further retouches in detail
It states.
The technical solution of the general method for auditing webpage of one kind of the invention is to configure violation Keyword List in server-side,
And violation Keyword List is handed down to terminal computer, terminal computer by violation Keyword List be saved in application program it
Afterwards, forbid running the browser other than application program on terminal computer, when terminal computer issues web access requests, first
It is received by Internet Server and replys resource to application program, then application program is by resource analysis at after text file and separated
Rule Keyword List compare and analyze, when analyze in text file include violation keyword when, refuse to terminal calculate
Machine shows the specifying information requested access to;It include violation keyword as do not analyzed in text file, then to terminal computer
It shows the specifying information requested access to, and complete access record is sent to server-side, backed up by server-side, facilitate pipe
Reason person quickly consults and positioning problems, improves network O&M efficiency, improves internet security.
For example, have 100 terminal computers in a local area network, and terminal computer PC1, PC2 ..., PC100, terminal meter
The corresponding IP address of calculation machine PC1, PC2 ..., PC100 be 192.168.0.1,192.168.0.2 ..., 192.168.0.100, one
Platform server computer (SERVER) carries out the configuration of violation Keyword List to this 100 terminal computers and issues to it
Web access requests be monitored and manage, general method for auditing webpage of the invention specifically comprises the following steps:
A. server-side configures violation Keyword List;
Violation keyword in the violation Keyword List of server computer configuration is baidu, tianya, discussion bar, qq;
The violation Keyword List includes violation keyword;
B. violation Keyword List is handed down to terminal user by server-side;
Violation Keyword List configured with baidu, tianya, discussion bar, qq violation keyword is handed down to by server computer
100 terminal computers in netting;
C. violation Keyword List is saved in application program by terminal computer, and forbids other browsings other than application program
Device operation 103;
100 terminal computers save the violation Keyword List configured with baidu, tianya, discussion bar, qq violation keyword
Into the application program of the machine, this 100 terminal computers will be unable to other browsers other than operation application program later;
D. terminal computer issues web access requests by application program;
Terminal computer PC2 issues web access requests by the application program of the machine in 2018/12/6 10:30, requests access to
Web page address be https: //qzone.qq.com/index.html;
E. Internet Server receives the web access requests of terminal computer sending, is asked according to terminal computer web page access
It asks and finds out corresponding resource, and the resource is replied into application program 105;
Internet Server receives the https: //qzone.qq.com/index.html webpage of terminal computer PC2 sending
After access request, according to the web page address https requested access to: //qzone.qq.com/index.html finds out corresponding
Resource, and the resource is replied into application program;
F. application program will receive resource analysis and compare and analyze at after text file with violation Keyword List, if literary
It include the violation keyword in violation Keyword List in this document, then application program is refused to terminal computer displayed web page
Information in access request;If not comprising the violation keyword in violation Keyword List, application program in text file
Information into terminal computer displayed web page access request;
Application program compares point according to the violation keyword in the character information and violation Keyword List in text file
Analysis is violation access request due to including violation keyword qq in character information, and application program is refused to calculate to terminal
Machine PC2 shows https: the content of //qzone.qq.com/index.html webpage;
G. the comparative analysis result of text file and violation Keyword List is sent to server-side by application program;
It is request time: 2018/12/6 10:30 that application program, which will analyze result, requests account: PC2, IP address:
192.168.0.2, request number of times: 1, request results: refusal, webpage title: https: //qzone.qq.com/index.html
Complete information be sent to server-side;
The analysis result includes request time, request account, IP address, request number of times, request results, webpage title;
H. server-side receives comparative analysis result and backs up;
After server-side receives the analysis result of application program transmission, by request time: 2018/12/6 10:30 requests account:
PC2, IP address: 192.168.0.2, request number of times: 1, request results: refusal, webpage title: https: //
The complete information of qzone.qq.com/index.html backs up in server database.
Method of the invention disposably configures violation Keyword List and is handed down to all terminals in net and calculates in server-side
Machine is disposed convenient and efficient;When netting interior terminal computer has web access requests, application program passes through Internet Server is anti-
The resource analysis of feedback uses terminal in netting at the mode for whether closing rule after text file out with the comparative analysis of violation Keyword List
The web page access behavior at family carries out unified monitoring and management, makes the web page access behavioural norm for netting interior terminal user;Prison every time
The analysis result of control and management is all sent completely to server-side backup, it is ensured that the integrality and network of access behavior record in net
Safety, while being provided a great convenience to the daily O&M and management work of administrative staff.
The foregoing is only a preferred embodiment of the present invention, but scope of protection of the present invention is not limited thereto,
Within the technical scope disclosed by the invention, any changes or substitutions that can be easily thought of by any people for being familiar with the technology, should all cover
Within protection scope of the present invention.Therefore, protection scope of the present invention should be subject to the protection scope in claims.
Claims (1)
1. a kind of general method for auditing webpage comprising the steps of:
A. server-side configures violation Keyword List;
The violation Keyword List includes violation keyword;
B. violation Keyword List is handed down to terminal computer by server-side;
C. violation Keyword List is saved in application program by terminal computer, and forbids other browsings other than application program
Device operation;
D. terminal computer issues web access requests by application program;
E. Internet Server receives the web access requests of terminal computer sending, by terminal computer web access requests
It is parsed into corresponding resource, and the resource parsed is replied into application program;
The resource includes html file, CSS file, JavaScript file, picture, video, audio;
F. application program will receive resource analysis and compare and analyze at after text file with violation Keyword List, if literary
It include the violation keyword in violation Keyword List in this document, then application program is refused to terminal computer displayed web page
Information in access request;If not comprising the violation keyword in violation Keyword List, application program in text file
Information into terminal computer displayed web page access request;
G. the comparative analysis result of text file and violation Keyword List is sent to server-side by application program;
The comparative analysis result includes request time, request account, IP address, request number of times, request results, webpage title;
H. server-side receives comparative analysis result and backs up.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811569163.6A CN109800376A (en) | 2018-12-21 | 2018-12-21 | A kind of general method for auditing webpage |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811569163.6A CN109800376A (en) | 2018-12-21 | 2018-12-21 | A kind of general method for auditing webpage |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109800376A true CN109800376A (en) | 2019-05-24 |
Family
ID=66557205
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811569163.6A Pending CN109800376A (en) | 2018-12-21 | 2018-12-21 | A kind of general method for auditing webpage |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109800376A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113347217A (en) * | 2020-02-18 | 2021-09-03 | 北京沃东天骏信息技术有限公司 | Network request auditing method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101656710A (en) * | 2008-08-21 | 2010-02-24 | 中联绿盟信息技术(北京)有限公司 | Proactive audit system and method |
| US20120167231A1 (en) * | 2010-12-23 | 2012-06-28 | Fermin Otniel Garcia | Client-side access control of electronic content |
| WO2017008543A1 (en) * | 2015-07-15 | 2017-01-19 | 广州市动景计算机科技有限公司 | Network attack judgement method, secure network data transmission method and corresponding device |
| CN108924106A (en) * | 2018-06-21 | 2018-11-30 | 上海鹏越惊虹信息技术发展有限公司 | A kind of terminal online auditing method and system based on network interface card packet capturing |
-
2018
- 2018-12-21 CN CN201811569163.6A patent/CN109800376A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101656710A (en) * | 2008-08-21 | 2010-02-24 | 中联绿盟信息技术(北京)有限公司 | Proactive audit system and method |
| US20120167231A1 (en) * | 2010-12-23 | 2012-06-28 | Fermin Otniel Garcia | Client-side access control of electronic content |
| WO2017008543A1 (en) * | 2015-07-15 | 2017-01-19 | 广州市动景计算机科技有限公司 | Network attack judgement method, secure network data transmission method and corresponding device |
| CN108924106A (en) * | 2018-06-21 | 2018-11-30 | 上海鹏越惊虹信息技术发展有限公司 | A kind of terminal online auditing method and system based on network interface card packet capturing |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113347217A (en) * | 2020-02-18 | 2021-09-03 | 北京沃东天骏信息技术有限公司 | Network request auditing method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11070557B2 (en) | Delayed serving of protected content | |
| US9923900B2 (en) | Online privacy management system with enhanced automatic information detection | |
| CN103023710B (en) | A kind of safety test system and method | |
| US8301653B2 (en) | System and method for capturing and reporting online sessions | |
| US9106709B2 (en) | Server side mobile audience intelligence creation | |
| US10158670B1 (en) | Automatic privilege determination | |
| US8365241B1 (en) | Method and apparatus for archiving web content based on a policy | |
| CN102065147A (en) | Method and device for obtaining user login information based on enterprise application system | |
| KR100870714B1 (en) | Real-time harmful site blocking method by object property access engine | |
| CN102868738A (en) | Hyper text transfer protocol (HTTP)/hypertext transfer protocol secure (HTTPS) behavior management and control auditing method based on Web proxy | |
| CN104219080A (en) | Method for recording logs of error pages of websites | |
| US20160012074A1 (en) | System and method for providing contextual analytics data | |
| US20180349983A9 (en) | A system for periodically updating backings for resource requests | |
| CN103546470A (en) | Safe access method, system and device | |
| EP2973192B1 (en) | Online privacy management | |
| CN114244564A (en) | Attack defense method, device, equipment and readable storage medium | |
| CN106411819A (en) | Method and apparatus for recognizing proxy Internet protocol address | |
| CN111352676B (en) | Help information pushing method, help system and readable storage medium | |
| CN109800376A (en) | A kind of general method for auditing webpage | |
| JP4400787B2 (en) | Web access monitoring system and administrator client computer | |
| US9723017B1 (en) | Method, apparatus and computer program product for detecting risky communications | |
| CN114357403B (en) | User login request processing method, device and equipment based on device credibility | |
| XinXin et al. | Research and design of network behavior management system based on B/S architecture | |
| KR20090027917A (en) | Database Security Method and Device for Web-based 3-Tier Environment | |
| KR19990018591U (en) | Internet harmful site access restriction device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210715 Address after: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Applicant after: Beijing Hongteng Intelligent Technology Co.,Ltd. Address before: 110179 building 21, jinpenglong high tech park, 19 Wenhui street, Hunnan New District, Shenyang City, Liaoning Province Applicant before: SHENYANG GENERALSOFT Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| CB02 | Change of applicant information |
Address after: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Applicant after: Sanliu0 Digital Security Technology Group Co.,Ltd. Address before: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Applicant before: Beijing Hongteng Intelligent Technology Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190524 |
|
| RJ01 | Rejection of invention patent application after publication |