Today, I want to introduce you to a highly praised open-source Web Application Firewall (WAF) — Safeline.
Safeline is a free, simple-to-use, and powerful WAF that can protect your website from hacker attacks. It’s based on industry-leading semantic detection technology and functions as a reverse proxy, making it easy to integrate into your existing infrastructure. With its intelligent semantic analysis engine, Safeline was built for the community and ensures hackers can’t breach your defenses.
Key Features
1. Ease of Use
Safeline is containerized, so you can deploy it with a single command. It’s a zero-cost setup, and its security configuration works out of the box with no manual intervention needed. You can enjoy peace of mind with hands-off security management.
2. Top-Tier Security
At the core of Safeline is an industry-first intelligent semantic analysis algorithm. This technology offers precise detection, low false positives, and is difficult to bypass. Because the detection engine doesn’t rely on traditional rule sets, it can effectively handle unknown zero-day attacks without a hitch.
3. High Performance
Safeline operates with a rule-free engine and a linear detection algorithm, boasting an average request inspection latency of just 1 millisecond. It’s highly scalable too, easily handling over 2,000 TPS (transactions per second) per core. With the right hardware, Safeline can support virtually unlimited traffic.
4. High Availability
The traffic handling engine is built on Nginx, ensuring both performance and stability. It also comes with a robust health-check mechanism, providing 99.99% uptime for your service.
Installation Guide
Requirements
- Operating System: Linux
- Architecture: x86_64
- Software Dependencies: Docker version 20.10.6 or above, Docker Compose version 2.0.0 or above
- Minimal Environment: 1 CPU core, 1 GB RAM, 10 GB disk space
One-Click Installation
Run this command to install Safeline:
bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Quick Setup
Open your browser and go to https://<your-ip>:9443
to access the admin panel. Follow the on-screen instructions to log in.
Configure Your Protected Sites
Safeline works as a reverse proxy, intercepting traffic before it reaches your web server. It detects and filters out malicious requests, forwarding only clean traffic to your server.
TIP: After configuration, use the following command to check if your site is properly set up:
curl -H "Host: <your-domain>" http://:<port>
Testing the WAF
To test Safeline’s protection, simulate a hacker attack by visiting the following URLs:
http://<your-IP-or-domain>:<port>/?id=1%20AND%201=1
http://<your-IP-or-domain>:<port>/?a=
Conclusion
If you’re looking for a free and open-source WAF, give Safeline a try. It’s a great option for protecting your website from the ever-growing threat of hacker attacks.
- Official Website: https://waf.chaitin.com
- GitHub Repository: https://github.com/chaitin/safeline
Top comments (0)