SafeLine: Your First Line of Defense Against Web Attacks
When your website goes online, the first challenge you may encounter isn't your clients but potential attacks from the internet. Today, we're introducing SafeLine, an open-source project that has quickly become the top open-source Web Application Firewall (WAF) on GitHub, providing robust protection against cyber threats.
What is SafeLine?
SafeLine is a free web application firewall (WAF) designed to be both simple and powerful, aimed at protecting websites from hacker attacks. It utilizes industry-leading semantic engine detection technology, functioning as a reverse proxy. The core detection capabilities of SafeLine are driven by intelligent semantic analysis algorithms, offering top-tier protection.
SafeLine integrates via a reverse proxy, intercepting traffic before it reaches the web servers. It detects and removes malicious activities within the traffic, forwarding only sanitized traffic to the web servers. This approach ensures that external attack traffic never reaches your servers.
Installing SafeLine
Resource Requirements
To install SafeLine, ensure your system meets the following requirements:
- Operating System: Linux
- Architecture: x86_64
- Software Dependencies: Docker version 20.10.6 or above / Docker Compose version 2.0.0 or above
- Minimum Environment: 1 core CPU, 1 GB RAM, 5 GB disk space
1. Automatic Installation
The simplest method is to use the provided one-click installation script. Execute the following command as the root user:
bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
2. Manual Installation
Alternatively, you can manually install SafeLine:
- Create SafeLine Directory: ```bash
mkdir -p "/data/safeline"
This command creates the `/data/safeline` directory as the installation directory for SafeLine.
2. **Ensure Sufficient Disk Space**:
Ensure that the directory has at least 5GB of storage space.
3. **Download `compose.yaml`**:
```bash
cd "/data/safeline"
wget "https://waf-ce.chaitin.cn/release/latest/compose.yaml"
-
Create
.env
Configuration File: Create a.env
file in the SafeLine directory and enter the following details: ```env
SAFELINE_DIR=/data/safeline
IMAGE_TAG=latest
MGT_PORT=9443
POSTGRES_PASSWORD={your-postgres-password}
SUBNET_PREFIX=172.22.222
IMAGE_PREFIX=swr.cn-east-3.myhuaweicloud.com/chaitin-safeline
5. **Start the Services**:
Start the SafeLine services using Docker Compose:
```bash
docker compose up -d
Once the services are started, access SafeLine by visiting https://127.0.0.1:9443/
in your web browser.
Accessing SafeLine
After installing SafeLine, log in to the management interface to configure your sites.
Configuring Sites
First, configure the sites you want to protect. It is recommended to deploy SafeLine on a dedicated server to avoid potential risks and high server load.
After completing the configuration, when you access your domain name through a web browser, you should receive responses from your website. The "Today's Requests" count should increase on the data statistics page, indicating successful configuration.
We can simulate attacks on the website, such as SQL injection or XSS attacks, to test SafeLine’s capabilities:
- SQL Injection Simulation
https://example.com/?id=1+and+1=2+union+select+1
- XSS Attack Simulation
https://example.com/?id=
If SafeLine is properly configured and functioning, these attacks should indeed be intercepted and prevented as shown in the screenshot or monitoring page. This demonstrates SafeLine’s ability to protect your website from common web application vulnerabilities.
Dynamic Protection
In SafeLine 6.0, dynamic protection features have been introduced. Dynamic protection endows web pages with dynamic characteristics while maintaining the appearance seen by users. This includes:
- Safeguarding frontend code privacy
- Preventing web crawling activities
- Blocking vulnerability scanning activities
- Thwarting exploit attempts
Dynamic Protection Capabilities
- HTML Dynamic Encryption
- JavaScript Dynamic Obfuscation
Dynamic encryption can be configured for specific paths.
Advanced Site Protection
Advanced site protection allows for configuring additional security measures such as blacklisting, whitelisting, CAPTCHA, and identity verification, enhancing protection against automated threats while validating legitimate traffic.
Product Features
- Convenience: Easy installation via containerization, with out-of-the-box security configurations requiring no manual maintenance.
- Security: Industry-leading semantic analysis algorithms for precise detection, low false positives, and resilience against unknown 0-day attacks.
- High Performance: Linear security detection algorithms with millisecond-level detection latency and robust concurrency handling.
- High Availability: Nginx-based traffic processing engine ensures both performance and stability with a 99.99% service availability guarantee.
Summary
SafeLine is an exceptional WAF product that, as an open-source project, offers high functionality and completeness. It meets the needs of both enterprises and individuals. If you require a WAF and have concerns about costs, consider trying the SafeLine Community Edition.
Project Information
- Website: https://waf.chaitin.com
- GitHub Link: SafeLine GitHub
Top comments (0)