Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/chaitin/safeline
serve as a reverse proxy to protect your web services from attacks and exploits.
https://github.com/chaitin/safeline
api-gateway application-security appsec blueteam bruteforce captcha cve cybersecurity firewall hackers http-flood security self-hosted sql-injection vulnerability waf web-application-firewall web-security websecurity xss
Last synced: 5 days ago
JSON representation
serve as a reverse proxy to protect your web services from attacks and exploits.
- Host: GitHub
- URL: https://github.com/chaitin/safeline
- Owner: chaitin
- License: gpl-3.0
- Created: 2023-04-12T11:30:14.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-10-21T06:51:01.000Z (2 months ago)
- Last Synced: 2024-10-29T14:55:52.190Z (about 2 months ago)
- Topics: api-gateway, application-security, appsec, blueteam, bruteforce, captcha, cve, cybersecurity, firewall, hackers, http-flood, security, self-hosted, sql-injection, vulnerability, waf, web-application-firewall, web-security, websecurity, xss
- Language: Go
- Homepage: https://waf.chaitin.com
- Size: 76.2 MB
- Stars: 12,401
- Watchers: 71
- Forks: 780
- Open Issues: 42
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
- awesome-ops - chaitin/safeline - 3.0|12088|2023-04-12|2024-09-27 | 一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击 | (运维管理平台)
- StarryDivineSky - chaitin/safeline
README
SafeLine - Make your web apps secure
🏠 Website |
📖 Docs |
🔍 Live Demo |
🙋♂️ Discord |
中文版## 👋 INTRODUCTION
SafeLine is a self-hosted **`WAF(Web Application Firewall)`** to protect your web apps from attacks and exploits.
A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as `SQL injection`, `XSS`, `code injection`, `os command injection`, `CRLF injection`, `ldap injection`, `xpath injection`, `RCE`, `XXE`, `SSRF`, `path traversal`, `backdoor`, `bruteforce`, `http-flood`, `bot abused`, among others.
#### 💡 How It Works
By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.
A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application, and prevents any unauthorized data from leaving the app. It does this by adhering to a set of policies that help determine what traffic is malicious and what traffic is safe. Just as a proxy server acts as an intermediary to protect the identity of a client, a WAF operates in similar fashion but acting as an reverse proxy intermediary that protects the web app server from a potentially malicious client.
its core capabilities include:
- Defenses for web attacks
- Proactive bot abused defense
- HTML & JS code encryption
- IP-based rate limiting
- Web Access Control List#### ⚡️ Screenshots
| | |
| ------------------------------------------------- | ------------------------------------------------- |
| | |Get [Live Demo](https://demo.waf.chaitin.com:9443/)
## 🔥 FEATURES
List of the main features as follows:
- **`Block Web Attacks`**
- It defenses for all of web attacks, such as `SQL injection`, `XSS`, `code injection`, `os command injection`, `CRLF injection`, `XXE`, `SSRF`, `path traversal` and so on.
- **`Rate Limiting`**
- Defend your web apps against `DoS attacks`, `bruteforce attempts`, `traffic surges`, and other types of abuse by throttling traffic that exceeds defined limits.
- **`Anti-Bot Challenge`**
- Anti-Bot challenges to protect your website from `bot attacks`, humen users will be allowed, crawlers and bots will be blocked.
- **`Authentication Challenge`**
- When authentication challenge turned on, visitors need to enter the password, otherwise they will be blocked.
- **`Dynamic Protection`**
- When dynamic protection turned on, html and js codes in your web server will be dynamically encrypted by each time you visit.#### 🧩 Showcases
| | Legitimate User | Malicious User |
| ----------------------------- | --------------------------------------------------- | ---------------------------------------------------------------- |
| **`Block Web Attacks`** | | |
| **`Rate Limiting`** | | |
| **`Anti-Bot Challenge`** | | |
| **`Auth Challenge`** | | |
| **`HTML Dynamic Protection`** | | |
| **`JS Dynamic Protection`** | | |## 🚀 Quickstart
> [!WARNING]
> 中国大陆用户安装国际版可能会导致无法连接云服务,请查看 [中文版安装文档](https://docs.waf-ce.chaitin.cn/zh/%E4%B8%8A%E6%89%8B%E6%8C%87%E5%8D%97/%E5%AE%89%E8%A3%85%E9%9B%B7%E6%B1%A0)#### 📦 Installing
Information on how to install SafeLine can be found in the [Install Guide](https://docs.waf.chaitin.com/en/tutorials/install)
#### ⚙️ Protecting Web Apps
to see [Configuration](https://docs.waf.chaitin.com/en/tutorials/Configuration)
## 📋 More Informations
#### Effect Evaluation
| Metric | ModSecurity, Level 1 | CloudFlare, Free | SafeLine, Balance | SafeLine, Strict |
| ----------------- | -------------------- | -------------------- | ---------------------- | --------------------- |
| Total Samples | 33669 | 33669 | 33669 | 33669 |
| **Detection** | 69.74% | 10.70% | 71.65% | **76.17%** |
| **False Positive**| 17.58% | 0.07% | **0.07%** | 0.22% |
| **Accuracy** | 82.20% | 98.40% | **99.45%** | 99.38% |#### Is SafeLine Production-Ready?
Yes, SafeLine is production-ready.
- Over 180,000 installations worldwide
- Protecting over 1,000,000 Websites
- Handling over 30,000,000,000 HTTP Requests Daily#### 🙋♂️ Community
Join our [Discord](https://discord.gg/SVnZGzHFvn) to get community support, the core team members are identified by the STAFF role in Discord.
- channel [#feedback](https://discord.com/channels/1243085666485534830/1243120292822253598): for new features discussion.
- channel [#FAQ](https://discord.com/channels/1243085666485534830/1263761679619981413): for FAQ.
- channel [#general](https://discord.com/channels/1243085666485534830/1243115843919806486): for any other questions.Several contact options exist for our community, the primary one being Discord. These are in addition to GitHub issues for creating a new issue.
#### 💪 PRO Edition
Coming soon!
#### 📝 License
See [LICENSE](/LICENSE.md) for details.