SafeLine: The Open-Source WAF That’s Gaining Traction on GitHub
Lulu
Posted on August 15, 2024
SafeLine, an easy-to-use and highly effective Web Application Firewall (WAF), has already garnered an impressive 11.6K stars on GitHub. It’s designed to protect web services from hacker attacks by filtering and monitoring HTTP traffic between web applications and the internet.
What SafeLine Does
SafeLine shields your web services from various types of attacks, including SQL injection, XSS, code injection, command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoors, brute force attacks, CC attacks, and web scraping.
By blocking malicious HTTP traffic directed at your web services, SafeLine acts as a reverse proxy, creating a protective barrier between your web services and potential threats.
Key Features of SafeLine
- Web Attack Protection: Safeguards your applications against a wide range of threats.
- Anti-Scraping and Anti-Scanning: Protects your content and infrastructure from unauthorized data collection and scans.
- Dynamic Encryption of Front-End Code: Adds an extra layer of security by dynamically encrypting your front-end code.
- Rate Limiting Based on Source IP: Controls access by limiting the rate of requests from individual IP addresses.
- HTTP Access Control: Enforces strict access controls on HTTP traffic.
System Requirements
Before installing SafeLine, make sure your system meets the following requirements:
- Operating System: Linux
- CPU Architecture: x86_64 with SSSE3 instruction set support
- Software Dependencies: Docker version 20.10.14 or above, Docker Compose version 2.0.0 or above
- Minimum Resources: 1 core CPU, 1 GB RAM, 5 GB disk space
How to Install SafeLine
Installing SafeLine is straightforward and only takes about three minutes. With root privileges, run the following command, follow the prompts, and you’ll be good to go:
bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Configuring Your Sites
SafeLine operates mainly as a reverse proxy, similar to nginx. It intercepts and filters web traffic before it reaches your original web server, ensuring only safe and legitimate requests are forwarded.
Testing SafeLine’s Protection
To see SafeLine in action, you can simulate hacker attacks on your website. Replace https://chaitin.com
with your own site’s URL and try the following test attacks:
-
SQL Injection Attack:
https://chaitin.com/?id=1+and+1=2+union+select+1
-
XSS Attack:
https://chaitin.com/?id=<img+src=x+onerror=alert()>
-
Path Traversal Attack:
https://chaitin.com/?id=../../../../etc/passwd
-
Code Injection Attack:
https://chaitin.com/?id=phpinfo();system('id')
-
XXE Attack:
https://chaitin.com/?id=<?xml+version="1.0"?><!DOCTYPE+foo+SYSTEM+"">
If everything is set up correctly, SafeLine should block all these attacks, as shown in the screenshot below.
Explore SafeLine
Finally, if you’re interested in exploring SafeLine further, check out the link:
Website: https://waf.chaitin.com
GitHub: https://github.com/chaitin/SafeLine
Posted on August 15, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.