This Technology has become ubiquitous and growing, web applications are one of the examples on technology, which are widely used, and deals with a sensitive and huge amount of data, for that these web applications have become a target for many attackers for financial gain, infiltration data, distort the reputation of application, or even for fun. Therefore, it becomes a need to protect web-based applications from attacks, whether known or unknown. This paper discusses the methods of classifying requests in normal and abnormal. It depends on measuring the accuracy of each classification method to know which method will be the best in classifying applications. HTTP DATASET CSIC 2010 contains 61065 of web requests automatically generated, it was developed at the information security institute of Spanish Research National Council CISC, this requests generated from an e-commerce web application, where users register by providing some private information and buy items by their shopping cart. The goal of using this dataset is to present machine-learning techniques in the classifying and predicting the HTTP requests as normal or anomalous traffic. Four classifiers approaches were utilized including: Support Vector Machine (SVM), Decision Trees (DT), Logistic Regression (LR), and Random Forest (RF).