A method is provided for detecting unauthorized access attack. The detecting method includes obtaining at least one HTTP request and at least one URL address of the HTTP request by parsing the HTTP request; determining whether there exist one or more protection rules corresponding to the URL address; and, when it is determined that the protection rules corresponding to the URL address exit, obtaining access data of the HTTP request. The detecting method also includes determining whether the access data satisfies the protection rules; and, when it is determined that the access data does not satisfy the protection rules, determining the corresponding HTTP request of the URL address to be an unauthorized access attack.