Method, device and system for preventing malicious requests for server

The invention relates to a method, device and system for preventing malicious requests for a server. The method includes the following steps that: first verification is performed on a received first network request, and verification results of the first verification and a generated session token are returned to the cookie of a user end which transmits the first network request; and second verification is performed on the verification results, the session token and the like which are carried by a received second first network request, if verification is successful, a response is made to the second first network request, so that corresponding service data processing can be performed, otherwise, the second first network is intercepted. According to the method, device and system for preventing malicious requests for the server of the invention, a blacklist user data table is updated in real time in a malicious request verification process, and users who send malicious requests are marked as blacklist users; and service processing is performed on the network request (the second network request) which is transmitted by a user based on the session token obtained by the user; and therefore, the rate of misjudgment and the rate of missed judgment can be effectively decreased, and the accuracy of malicious request judgment can be improved.