DEV Community

Lulu
Lulu

Posted on

SafeLine: The Open-Source WAF That’s Gaining Traction on GitHub

SafeLine, an easy-to-use and highly effective Web Application Firewall (WAF), has already garnered an impressive 11.6K stars on GitHub. It’s designed to protect web services from hacker attacks by filtering and monitoring HTTP traffic between web applications and the internet.

What SafeLine Does

SafeLine shields your web services from various types of attacks, including SQL injection, XSS, code injection, command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoors, brute force attacks, CC attacks, and web scraping.

Image description

By blocking malicious HTTP traffic directed at your web services, SafeLine acts as a reverse proxy, creating a protective barrier between your web services and potential threats.

Key Features of SafeLine

  • Web Attack Protection: Safeguards your applications against a wide range of threats.
  • Anti-Scraping and Anti-Scanning: Protects your content and infrastructure from unauthorized data collection and scans.
  • Dynamic Encryption of Front-End Code: Adds an extra layer of security by dynamically encrypting your front-end code.
  • Rate Limiting Based on Source IP: Controls access by limiting the rate of requests from individual IP addresses.
  • HTTP Access Control: Enforces strict access controls on HTTP traffic.

System Requirements

Before installing SafeLine, make sure your system meets the following requirements:

  • Operating System: Linux
  • CPU Architecture: x86_64 with SSSE3 instruction set support
  • Software Dependencies: Docker version 20.10.14 or above, Docker Compose version 2.0.0 or above
  • Minimum Resources: 1 core CPU, 1 GB RAM, 5 GB disk space

How to Install SafeLine

Installing SafeLine is straightforward and only takes about three minutes. With root privileges, run the following command, follow the prompts, and you’ll be good to go:

bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Enter fullscreen mode Exit fullscreen mode

Configuring Your Sites

SafeLine operates mainly as a reverse proxy, similar to nginx. It intercepts and filters web traffic before it reaches your original web server, ensuring only safe and legitimate requests are forwarded.

Image description

Image description

Testing SafeLine’s Protection

To see SafeLine in action, you can simulate hacker attacks on your website. Replace https://chaitin.com with your own site’s URL and try the following test attacks:

  • SQL Injection Attack: https://chaitin.com/?id=1+and+1=2+union+select+1
  • XSS Attack: https://chaitin.com/?id=<img+src=x+onerror=alert()>
  • Path Traversal Attack: https://chaitin.com/?id=../../../../etc/passwd
  • Code Injection Attack: https://chaitin.com/?id=phpinfo();system('id')
  • XXE Attack: https://chaitin.com/?id=<?xml+version="1.0"?><!DOCTYPE+foo+SYSTEM+"">

If everything is set up correctly, SafeLine should block all these attacks, as shown in the screenshot below.

Image description

Explore SafeLine

Finally, if you’re interested in exploring SafeLine further, check out the link:
Website: https://waf.chaitin.com
GitHub: https://github.com/chaitin/SafeLine

Top comments (0)