Today, I’m excited to introduce SafeLine, a free and open-source Web Application Firewall (WAF)!

GitHub: https://github.com/chaitin/safeline

SafeLine is an open-source WAF designed for simplicity and ease of use. It’s available as a community edition and can be installed quickly with minimal effort. SafeLine helps protect your web services by filtering incoming traffic from the internet, defending against a wide range of attacks like SQL injection, code injection, command injection, backdoors, and web crawlers.

Here’s an overview of how it works:

With over 200,000 installations worldwide and more than 1 million protected websites, SafeLine processes over 30 billion requests daily.

How to Install SafeLine

You can install SafeLine easily using a one-liner script:

bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"

For a detailed manual installation guide, check out the official tutorial here: https://docs.waf.chaitin.com/en/tutorials/install

Once installed, you can access the SafeLine dashboard at: https://<safeline-ip>:9443/

If it's your first time logging in, you'll need to initialize the admin account by running this command:

docker exec safeline-mgt resetadmin

This will generate the default username and password.

Key Features of SafeLine

• Protects against a wide range of web attacks (including SQL injection, XSS, code injection, OS command injection, CRLF injection, XXE, SSRF, path traversal, etc.).
• Blocks web crawlers and malicious scanners.
• Dynamically encrypts front-end code.
• Supports IP-based rate limiting (defends against DDoS, brute force attacks, and abnormal traffic).
• Allows configuring HTTP access controls.