Security Threat and Protection of Web Application System

In this paper,the Web application security threat is analyzed,and the corresponding Web security protection measures are proposed.Security ensuring solutions at this stage,without exception,focus on the network layer,resulting in conditions when the application-layer is attacked(e.g.SQL injection attacks,cross-site scripting attacks,malicious code,etc.),the traditional network-layer security devices,such as Firewall,IDS / IPS and other non-existent,are incapable of doing this for a number of reasons.We focus on analysis of the case of combined effects of many factors,which make the potential risks Web applications easily exposed to the Internet under greater risks.For server and client respectively the security protection is described.