| 发明名称 | Validating visitor internet-based security threats | ||
| 摘要 | A validating server receives from a client device a first request that does not include a cookie for a validating domain that resolves to the validating sever. The first request is received at the validating server as a result of a proxy server redirecting the client device to the validating domain upon a determination that a visitor belonging to the client device is a potential threat based on an IP (Internet Protocol) address assigned to the client device used for a second request to perform an action on an identified resource hosted on an origin server for an origin domain. The validating server sets a cookie for the client device, determines a set of characteristics associated with the first client device, and transmits the cookie and a block page to the client device that has been customized based on the set of characteristics, the block page indicating that the second request has been blocked. | ||
| 申请公布号 | US8850580(B2) | 申请公布日期 | 2014.09.30 |
| 申请号 | US201113078900 | 申请日期 | 2011.04.01 |
| 申请人 | Cloudflare, Inc. | 发明人 | Prince Matthew Browning;Holloway Lee Hahn;Pye Ian Gerald |
| 分类号 | G06F11/00;H04L29/06;H04L29/14;H04L29/08;H04L29/12 | 主分类号 | G06F11/00 |
| 代理机构 | Blakely, Sokoloff, Taylor & Zafman LLP | 代理人 | Blakely, Sokoloff, Taylor & Zafman LLP |
| 主权项 | 1. A method in a validating server for validating visitor Internet-based security threats, comprising: receiving from a first client device a first request that does not include a cookie for a validating domain that resolves to the validating server, wherein the first request is received as a result of a proxy server redirecting a second request from the first client device to the validating domain upon a determination that a visitor belonging to the first client device is a potential threat based on an IP (Internet Protocol) address assigned to the first client device used in the second request to perform an action on a first identified resource hosted on an origin server for an origin domain; setting a first cookie for the first client device; determining a set of one or more characteristics associated with the first client device; and transmitting a block page to the first client device that has been customized based on one or more of the set of characteristics including explanatory text that explains that the second request has been blocked and a reason why the second request has been blocked, wherein the block page includes a mechanism to dismiss the block page, and wherein the block page is not the first identified resource; and upon a successful dismissal of the block page, indicating in the first cookie a successful dismissal of the block page and transmitting the first cookie to the first client device. | ||
| 地址 | San Francisco CA US | ||