DEV Community

Lulu
Lulu

Posted on

Simple and Easy-to-Use Web Security Gateway

In today's world, the HTTP protocol practically rules the entire internet, every tech-savvy person probably has a website. But did you know that the amount of attack and scan traffic on the web is insanely high? Even the most obscure websites face numerous hacker attacks daily.

Today, I want to introduce you to a tool that can protect your website—a widely praised community WAF project called SafeLine.

1. What is SafeLine?

SafeLine is a free WAF that is simple, powerful, and easy to use. It’s built on industry-leading semantic engine detection technology and works as a reverse proxy to protect your site from hacker attacks.

Image description

Powered by an intelligent semantic analysis algorithm, SafeLine is designed for the community, ensuring that no hacker gets past it.

Image description

2. How It Works

Below is a simple website traffic topology. External users send requests that travel through the network to reach your web server.
If any of those external users are malicious, their attack requests will also travel through the network to your server.
SafeLine, acting as a reverse proxy, intercepts all traffic before it reaches your server. It detects and cleans malicious traffic, forwarding only the sanitized traffic to your web server.
This process ensures that harmful requests never reach your server.

Image description

3. How to Use

The project consists of several Docker containers. After cloning the repository, you can start the installation by running the setup.sh script as follows:

git clone git@github.com:chaitin/safeline.git
cd safeline
bash ./setup.sh
Enter fullscreen mode Exit fullscreen mode

Once installed, you can start using it by accessing the local interface at https://127.0.0.1:9443/.

4. System Requirements

  • Operating System: Linux
  • Architecture: x86_64
  • Software Dependencies: Docker version 20.10.6 or higher
  • Software Dependencies: Docker Compose version 2.0.0 or higher
  • Minimal Environment: 1 CPU core / 1 GB RAM / 5 GB Disk Space

5. Features

Ease of Use:

  • Containerized deployment with a single command installation, zero setup cost
  • Pre-configured security settings, no maintenance required, allowing for effortless security management

Security:

  • Industry-leading intelligent semantic analysis algorithm with precise detection, low false positives, and hard to bypass
  • The algorithm has no static rules, making it effective against unknown 0day attacks

High Performance:

  • Rule-free engine with linear security detection, average request detection latency at the millisecond level
  • Strong concurrency, single-core easily handles 2000+ TPS, with no upper limit on traffic scale if the hardware is robust enough

High Availability:

  • Traffic processing engine developed based on Nginx, ensuring performance and stability
  • Built-in comprehensive health check mechanism, with service availability up to 99.99%

GitHub Repository: https://github.com/chaitin/safeline
SafeLine Demo: https://demo.waf.chaitin.com

Top comments (0)