What is SafeLine?
SafeLine is a web security gateway to protect your websites from attacks and exploits.
It defenses for all of web attacks, such as sql injection, code injection, os command injection, CRLF injection, ldap injection, xpath injection, rce, xss, xxe, ssrf, path traversal, backdoor, bruteforce, http-flood, bot abused and so on.
What is WAF?
WAF is the abbreviation of Web Application Firewall, also known as Web Application Firewall.
Different from traditional firewalls, WAF works at the application layer and has a better protection effect on Web systems based on HTTP/HTTPS protocols, protecting them from hacker attacks.
Core Capabilities
1.Defenses For OWASP Attacks
SafeLine use as an important tool to defense against OWASP Top 10 Attack, such as SQL injection, XSS, Insecure deserialization etc.
2.Defenses For 0-Day Attacks
SafeLine use intelligent rule-free detection algorithm to against 0-Day attacks with unknown attack signatures.
3.Proactive Bot defense
SafeLine uses advanced algorithms to send capthcha challenge for suspicious users to against automated robot attacks.
4.In-Browser Code Encryption
SafeLine can dynamically encrypt and obfuscate static code in the browser (such as HTML, JavaScript) to against reverse engineering.
5.Web Authentication
SafeLine prompting the user for authentication to web apps that lacks valid authentication credentials, Illegal users will be blocked.
6.Web Access Control List
SafeLine offering fine-grained control over traffic allows you to define a set of rules that determine which requests are allowed or denied.
Why Choose SafeLine
1. Free and Easy To Use
Deployed by Docker, one command can complete the installation, and you can get started at 0 cost.
The security configuration is ready to use, no manual maintenance is required, and safe lying management can be achieved.
2. High Security Efficacy
The first intelligent semantic analysis algorithm in the industry, accurate detection, low false alarm, and difficult to bypass.
The semantic analysis algorithm has no rules, and you are no longer at a loss when facing 0-day attacks with unknown features.
3. High Performance
Ruleless engine, linear security detection algorithm, average request detection delay at 1 millisecond level.
Strong concurrency, single core easily detects 2000+ TPS, as long as the hardware is strong enough, there is no upper limit to the traffic scale that can be supported.
4. High Availability
The traffic processing engine is developed based on Nginx, and both performance and stability can be guaranteed.
Built-in complete health check mechanism, service availability is as high as 99.99%.
Deploy Archtechure
The following figure is a simple website traffic topology. External users send requests, which are eventually transmitted to the website server through the network.
At this time, if there are malicious users among the external users, the attack requests sent by the malicious users will also be transmitted to the website server through the network.
The community version of Leichi is connected as a reverse proxy, receiving traffic before the website server, detecting and cleaning the attack behavior in the traffic, and forwarding the cleaned traffic to the website server.
Through the above behaviors, it is ultimately ensured that external attack traffic cannot reach the website server.
Top comments (0)