Abstract: The security defect of Web page design on building website is discussed in this paper, server-side dynamic Web page exists security defect are presented. Introducing the landing check lack-hole, and around checking the direct entering design page hole, and the table date-base loaded hole, and the source code expose hole and file up hole, and giving corresponding solving way.