DEV Community

Lulu
Lulu

Posted on

Protect Your Site with SafeLine: A Free, Open-Source WAF

These days, web admins are increasingly concerned about malicious attacks targeting their sites. To bolster security, many turn to WAF (Web Application Firewall) services offered by server providers and third-party platforms, but these can often be expensive. That’s why I want to introduce you to SafeLine, a free and powerful WAF solution.

What is SafeLine WAF?
SafeLine is a free, open-source web security tool developed by Chaitin Tech over the past decade. It's designed to be user-friendly and effective, utilizing advanced semantic detection technology to protect your website from hackers. Acting as a reverse proxy, SafeLine inspects incoming traffic and blocks malicious requests before they reach your server.

Image description

How to Get Started with SafeLine
Minimum Requirements:

  • Operating System: Linux
  • Architecture: x86_64
  • Software Dependencies: Docker version 20.10.6+ and Docker Compose version 2.0.0+
  • Hardware Requirements: 1 CPU core, 1 GB RAM, 10 GB Disk Space

Installation:
The simplest way to install SafeLine is with a single command:

bash -c "$(curl -fsSLk https://waf-ce.chaitin.cn/release/latest/setup.sh)"
Enter fullscreen mode Exit fullscreen mode

Alternatively, you can clone the repository and run the setup script:

git clone git@github.com:chaitin/safeline.git
cd safeline
bash ./setup.sh
Enter fullscreen mode Exit fullscreen mode

Using SafeLine After Installation
Once SafeLine is installed, you can start using it by accessing the local web service port. SafeLine acts as a reverse proxy, sitting between incoming traffic and your web server. It filters out malicious traffic, ensuring only safe requests reach your server.

To verify your setup, you can use a simple curl command:

curl -H "Host: <domain>" http://:<port>
Enter fullscreen mode Exit fullscreen mode

Testing SafeLine’s Protection

You can test SafeLine’s effectiveness by simulating an attack. For example, try visiting:

  • http://:<port>/?id=1%20AND%201=1
  • http://:<port>/?a=

SafeLine will block these malicious attempts, ensuring your site remains secure.
Image description

How SafeLine Works
SafeLine operates as a reverse proxy, intercepting all incoming traffic before it reaches your web server. It’s designed to identify and filter out malicious requests, forwarding only clean traffic to your server. This setup effectively prevents external attacks from compromising your site.

Image description

Highly Recommended
If you're looking for a robust, open-source web firewall, SafeLine is a fantastic option. Developed by Chaitin Tech, SafeLine offers enterprise-level protection with minimal setup and high performance. I highly recommend giving it a try to safeguard your website against a wide range of malicious attacks.

Top comments (0)