SafeLine is a WAF that Chaitin Tech has meticulously developed over 10 years. Its core detection capability is powered by an intelligent semantic analysis algorithm, earning high recognition in professional circles.
The SafeLine Community Edition is a derivative project of the enterprise-level Ray Shield product. It reduces the complex features aimed at large professional enterprises, lowers hardware requirements, and simplifies usage, making it a free WAF product designed specifically for the community.
Official Website: https://waf.chaitin.com/
Official GitHub: https://github.com/chaitin/SafeLine
Dynamic Protection
Dynamic protection refers to endowing web pages with dynamic characteristics without changing the content users see. Even static pages will have dynamic randomness.
As a reverse proxy, all web code processed by SafeLine will be dynamically encrypted and protected. Dynamic protection can achieve many effects, such as:
- Protecting the privacy of front-end code
- Blocking crawling behavior
- Preventing vulnerability scanning
- Preventing exploit attacks...
Dynamic Protection Example - HTML
The image below shows what the normal HTML of a website looks like.
After passing through SafeLine's dynamic protection, the HTML code mentioned above will be encrypted to look like the image below.
Dynamic Protection Example - JavaScript
Let's look at another example. The image below shows what the normal JavaScript of a website looks like.
After passing through SafeLine's dynamic protection, the JavaScript code mentioned above will be encrypted to look like the image below.
After enabling dynamic protection, the HTML and JavaScript code of the website will be dynamically encrypted into different random forms with each visit. This can effectively block crawlers and automated attack exploitation programs.
Dynamic Protection Example - Crawler
Let's assume there is a crawler whose task is to bulk scrape critical information from the target website. The usual design approach for a crawler is:
- Find the web pages containing critical information, such as http://ct.cn/info?id=666
- Automatically send requests to get the web page content
- Parse the HTML structure to extract key information from the page
- Traverse IDs to get more information
After enabling dynamic protection, the web page structure will be completely randomized, preventing the crawler's actions.
Dynamic Protection Example - Web Vulnerability Scanner
Let's assume there is a web vulnerability scanner. The scanning principles are usually as follows:
- Detecting SQL injection vulnerabilities by judging the consistency of the web page's response content under 1=1 and 1=2 conditions.
- Detecting RCE vulnerabilities by determining whether the web page's response content contains characteristic characters from the payload.
- Detecting information disclosure by checking if the web page's response content includes error messages or sensitive information.
- Brute-forcing by judging the consistency of the response content for successful and failed login attempts.
After enabling dynamic protection, the web page's response content will be dynamically encrypted into different random forms with each visit, interfering with the scanner's judgment logic and preventing vulnerability scanning actions.
Top comments (0)