Protect Your Website from Attacks with SafeLine: A Free, Open-Source WAF

Building a blog, corporate site, or internal web application often means facing malicious scans, SQL injections, and XSS attacks. While enterprise WAFs are effective, they can be prohibitively expensive for individuals and small businesses. But don’t worry—there’s a free solution: SafeLine Community Edition, a user-friendly and visually appealing web application firewall (WAF) from Chaitin Tech.

What Makes SafeLine Special?

SafeLine is a powerful, community-driven, free WAF that promises to protect your web applications—even against 0-day attacks. Here’s what sets it apart:

1. Advanced Semantic Analysis: SafeLine's intelligent semantic analysis algorithm leads the industry in precision, offering low false positives and making it hard for attackers to bypass. This rules-free algorithm doesn’t break a sweat when dealing with unknown 0-day vulnerabilities.

2. Nginx-Based Traffic Interception: By leveraging Nginx as a reverse proxy, SafeLine ensures minimal performance impact and seamless integration with your existing infrastructure, making it an excellent choice for those who want robust security without disrupting their business operations.

3. Easy Deployment with Docker: SafeLine can be deployed with a single command via Docker, making it incredibly accessible even for beginners or those with no sysadmin experience. The installation process is straightforward and hassle-free.

4. User-Friendly Management Interface: SafeLine offers a web-based management interface where you can monitor the WAF’s status, review attack logs, and view real-time statistics like geographic distribution of attack IPs, request counts, and site visit metrics (PV and UV).

5. Active Community Support: Engage directly with the SafeLine team and other users via the Discord community. Whether you need help with setup, have feature requests, or want to stay updated with the latest patches and features, the community is there to support you.

Key Features

1. Data Statistics: SafeLine provides detailed statistics on site requests, protection interceptions, IP geolocation, and UV/PV data, along with a 30-day access history.

2. Attack Event Monitoring: Track all attack events, including the attacker’s IP and country, the number of interceptions, and the duration and timing of each attack.

3. Detailed Event Information: Dive into the specifics of any event, including attack types (e.g., XSS), attack addresses, IPs, and timestamps.

4. Protected Sites: Easily add and manage web sites you want to protect with SafeLine.

Installation & Deployment

Requirements

• Operating System: Linux
• Architecture: x86_64
• Software Dependencies: Docker 20.10.6+ and Docker Compose 2.0.0+
• Minimal Environment: 1 CPU core, 1 GB RAM, 5 GB disk space

To check if your system meets these requirements, use the following commands:

uname -m                 # Check architecture
docker version           # Check Docker version
docker compose version   # Check Docker Compose version
cat /proc/cpuinfo        # Check CPU info
cat /proc/meminfo        # Check memory info
df -h                    # Check disk space

Installation Methods

1. Automatic Deployment (Recommended)
To start the automated installation of SafeLine (requires root privileges), run:

bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"

Once the command is executed, the installation is complete.
2. Manual Deployment

• Install Docker (Skip this if Docker is already installed)

   curl -sSL "https://get.docker.com/" | bash

• Create SafeLine Directory Create a directory where SafeLine will store its configuration and data. Ensure you have at least 5GB of free space.

   mkdir -p "/data/safeline"

• Download Docker Compose Script Navigate to the SafeLine directory and download the latest docker compose script.

   cd "/data/safeline"
   wget "https://waf.chaitin.com/release/latest/compose.yaml"

• Set Environment Variables Create and edit the .env file in the SafeLine directory:

   cd "/data/safeline"
   touch ".env"

Populate it with the following content:

   SAFELINE_DIR=/data/safeline
   IMAGE_TAG=latest
   MGT_PORT=9443
   POSTGRES_PASSWORD={your-postgres-password}
   SUBNET_PREFIX=172.22.222
   IMAGE_PREFIX=chaitin

Replace the placeholders with your specific configurations.

• Launch SafeLine Start the SafeLine service:

   docker compose up -d

Access the SafeLine web interface at http://<your-server-ip>:9443/.

Troubleshooting Common Installation Issues

1. Directory Already Exists: If you encounter a "directory already exists" error, delete the default directory:

   rm -rf /data/safeline

1. Network Errors: Check your network and remove any invalid networks:

   docker network ls
   docker network rm <network-id>

For more information, visit the official SafeLine documentation: https://docs.waf.chaitin.com/.