The Web server system, being the most important platform of supporting and providing network services, is facing serious security problem. The existing defending technologies mainly deal with the known attacking methods or the known vulnerabilities, and therefore are not effective in case of the unknown threats and do not provide overall defense. This paper first proposes an attacking model to analyze the shortcomings of existing defending technologies. Next, a dynamic heterogeneous redundancy structure based mimic defending model is proposed, and its defending principles and the characteristics are interpreted. Then, the mimic defending Web server is designed on the mimic defending model, and the structure and the implementation principles in the Web server design are introduced. The results of security and performance tests show that the presented mimic defending Web server can defend against all kinds of attacks in the tests with little performance loss, which verifies the effectiveness and the practicability of the mimic defending technology. Finally a perspective of the future work and challenges of mimic defending technology is discussed.