In order to timely and efficient manner to prevent tampering hacking of web documents, and tampering of documents and timely repair to restore the page, a distributed " filter driver technology + event trigger technology + core embedded technology " the website security protection system.Events responsible for triggering automatic real-time monitoring, if the page is altered, by filtering the core drive technology and embedded technology has been tampered page deleted immediately, stop the Web service. Tamper with the traditional web products, the system can make a web of illegal tampering more agile rapid reaction, taking up less system resources. Compatible with other security products, the formation of the depth of protection system to maximize the protection of the safety of the protected sites.