In this article differential-game model of the web server normal behavior template is developed for the first time. Developed model allows to take into account the dynamics of the attack progress on web server, that permits to discover the possibilities of guaranteed control of its level protection.