These days, web admins are super concerned about malicious attacks on their sites. To keep things secure, both server providers and third-party platforms offer WAF (Web Application Firewall) services, but they can be pretty pricey. Today, I want to introduce you to a free WAF: SafeLine.
SafeLine WAF Official Site: https://waf.chaitin.com
1. What is SafeLine WAF?
SafeLine WAF is a free, easy-to-use, and powerful WAF created by Chaitin Tech over the past 10 years. It uses top-notch semantic detection technology and works as a reverse proxy to shield your website from hackers. Its core detection capability is powered by smart semantic analysis, built for the community, making sure hackers can’t breach SafeLine.
Features:
Ease of Use: SafeLine is containerized, so you can install it with a single command—zero hassle. It comes with ready-to-go security settings, no manual work needed, making it easy to manage.
Security: It’s got an industry-leading smart semantic analysis algorithm that offers accurate detection, low false positives, and is tough to bypass. No predefined rules mean it can handle unknown 0-day attacks without breaking a sweat.
Performance: With a rule-free engine and linear security detection, the average request detection delay is in the milliseconds. SafeLine can easily handle 2000+ TPS per core, and if your hardware is strong enough, it can scale up to support any amount of traffic.
High Availability: The traffic handling engine is built on Nginx, ensuring both performance and stability. With a comprehensive health check mechanism, SafeLine boasts a service availability of 99.99%.
SafeLine WAF GitHub Repository: https://github.com/chaitin/safeline
2. What is a WAF?
WAF stands for Web Application Firewall. Unlike traditional firewalls, a WAF operates at the application layer, providing better protection for web systems that use HTTP/HTTPS protocols, shielding them from hacker attacks.
A WAF can identify and block common web attacks, such as SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Server-Side Request Forgery (SSRF), WebShell uploads and communication, and more.
3. How to Install and Deploy SafeLine?
Minimum Requirements:
- Operating System: Linux
- Architecture: x86_64
- Software Dependencies: Docker version 20.10.6 or higher
- Software Dependencies: Docker Compose version 2.0.0 or higher
- Minimal Environment: 1 CPU core / 1 GB RAM / 10 GB Disk Space
One-Command Installation (Recommended)
bash -c "$(curl -fsSLk https://waf-ce.chaitin.cn/release/latest/setup.sh)"
Run the setup.sh
script to install SafeLine
After cloning the repository, execute the script:
git clone git@github.com:chaitin/safeline.git
cd safeline
bash ./setup.sh
How to Use SafeLine After Installation?
Once installation is complete, you can start using SafeLine by accessing the local web service port as instructed.
Configuring Protected Sites
SafeLine acts as a reverse proxy, receiving traffic before it reaches your web server. It detects and filters out malicious traffic, forwarding the clean traffic to your web server.
After adding your site, you can verify the setup by running the following command:
curl -H "Host: <domain>" http://:<port>
This should return a response from your web server.
Testing the Protection
To see how well SafeLine protects your site, try simulating a hacker attack with the following:
- Visit
http://:<port>/?id=1%20AND%201=1
in your browser. - Visit
http://:<port>/?a=
in your browser.
4. How Does SafeLine Work?
Here’s a simple overview of how SafeLine works, illustrated by a basic WAF deployment diagram.
In the diagram below, you see a straightforward website topology. External users send requests that travel through the network and eventually reach the web server. If some of these external users are malicious, their attack requests will also pass through the network and reach the web server.
SafeLine is integrated as a reverse proxy, intercepting all traffic before it hits the web server. It detects and filters out malicious activity from the traffic, forwarding only the clean traffic to the web server.
By doing this, SafeLine ensures that malicious requests are filtered out before they can reach the web server, effectively preventing external attacks from compromising your site.
5. Highly Recommended
So, now that you’ve been introduced to SafeLine WAF, what do you think? Feels like you’ve discovered something amazing, right? SafeLine is an open-source web firewall developed by Chaitin Tech over nearly 10 years. It’s ready to use out-of-the-box, offers enterprise-level protection, and delivers high performance. I highly recommend giving it a try to safeguard your site from all kinds of malicious attacks.
Website: https://waf.chaitin.com
GitHub: https://github.com/chaitin/safeline
Community: https://discord.gg/3aRJ4qfwjA