Introduction:
HTTP/HTTPS protocols are the backbone of modern internet communication. From large enterprises to individual users, anyone can quickly set up a website using web development tools. Today, I want to introduce you to a highly regarded community-driven WAF project: SafeLine. It's the most starred open-source WAF on GitHub.
Official Website: https://waf.chaitin.com
GitHub: https://github.com/chaitin/safeline
1. What is a WAF?
WAF stands for Web Application Firewall. Unlike traditional firewalls, a WAF operates at the application layer, providing superior protection for web systems that rely on HTTP/HTTPS protocols. It shields your web applications from hacker attacks.
2. What is SafeLine?
SafeLine is a free, easy-to-use, and powerful WAF developed by Chaitin Technology over nearly a decade. It’s powered by an intelligent semantic analysis algorithm and works as a reverse proxy to safeguard your website against various cyber threats.
How to Use SafeLine
SafeLine is deployed using containers, consisting of several Docker containers. Here's how you can get started:
- Verify your environment: Ensure your system meets the installation requirements using the following commands:
uname -m # Check if the architecture is x86_64
docker version # Ensure Docker version is 20.10.6 or above
docker compose version # Ensure Docker Compose version is 2.0.0 or above
docker-compose version # Same as above (for compatibility with older Docker Compose versions)
cat /proc/cpuinfo # Check CPU info, minimum 1 core required
cat /proc/meminfo # Check memory info, minimum 1 GB required
df -h # Check disk space, minimum 5 GB required
lscpu | grep ssse3 # Ensure the CPU supports the SSSE3 instruction set
- Clone the GitHub repository and install SafeLine: Run the following commands to install SafeLine:
git clone git@github.com:chaitin/safeline.git
cd safeline
bash ./setup.sh
-
Access SafeLine:
After installation, access SafeLine at
https://127.0.0.1:9443/
to get started. You can also use the following command for a one-line installation:
bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Once installed, visit https://127.0.0.1:9443/
, bind TOTP authentication, and you're ready to go.
3. Core Features
Web Attack Protection
SafeLine’s web attack detection is powered by intelligent semantic analysis algorithms. It protects against OWASP Top 10 attacks and generalizes to detect various 0-Day attacks with unknown signatures.
Web Access Control
SafeLine allows users to set up access control through blacklists and whitelists based on HTTP request characteristics.
- Anti-CC (Challenge Collapsar) Attack
SafeLine can control access frequency to defend against CC attacks by blocking high-frequency visits and high-frequency attack attempts.
- Bot Detection
Equipped with algorithms for client recognition, human-machine behavior analysis, and malicious IP intelligence, SafeLine is adept at identifying and mitigating bots, scanners, and automated attacks.
- Website Resource Identification
SafeLine integrates traffic-based resource auto-recognition, providing precise traffic profiling and automatic API format sorting, which is useful for API management and protection.
4. Project Features
Easy Installation and Simple Usage
Installation requires just one command. The interface is intuitive, and the security configuration is ready to use right out of the box, making it highly user-friendly.Industry-Leading Security Capabilities
SafeLine employs a pioneering intelligent semantic analysis algorithm for attack detection. It also includes advanced protection features such as threat intelligence, dynamic rate limiting, and intelligent modeling.Exceptional Performance
SafeLine can easily handle over 2000+ TPS traffic on a single core, with an average request detection latency of just 1 millisecond. With sufficient hardware, there is no upper limit to the supported traffic scale.