/safeline

长亭科技自研,基于业界领先的语义引擎检测技术,打造的简洁、易用的免费 WAF

Primary LanguageTypeScriptOtherNOASSERTION

SafeLine Community Edition

Keep hackers at bay


Official Website

English | 中文文档

A simple and easy to use WAF tool. Built on Chaitin Technology's ace 🤖️Intelligent Semantic Analysis algorithm🤖️, designed for the community.

✨ Demo

🔥🔥🔥 Online Demo: https://demo.waf-ce.chaitin.cn:9443/

There is a simple http server, listened on http://127.0.0.1:8889, can be used as for testing.

🚀 Installation

1. Make sure Docker and Compose V2 are installed correctly on the machine

docker info # >= 20.10.6
docker compose version # >= 2.0.0

2. Setup and deploy

mkdir -p safeline && cd safeline
# setup
curl -kfLsS https://waf-ce.chaitin.cn/release/latest/setup.sh | bash

# launch
sudo docker compose up -d

Upgrade

WARN: SafeLine will be restarted and your traffic will be unavailable for a short period of time. You may need to choose a proper time for upgration.

# check `IMAGE_TAG`
cat .env | grep IMAGE_TAG
# set IMAGE_TAG to `latest` or some specific version like `1.1.0`
sed -i "s/IMAGE_TAG=.*/IMAGE_TAG=latest/g" .env

# check `compose.yaml`
# image namespace has changed to `chaitin`
sed -i "s/chaitinops/chaitin/g" compose.yaml

# replace with `docker-compose` if necessary.
docker compose down && docker compose pull && docker compose up -d

🕹️ Quick Start

1. Login

Open admin page https://<waf-ip>:9443 and scan qrcode with any authenticator Apps that support TOTP, enter the code to login.

safeline_login.gif

2. Create website

safeline_website.gif

💡 TIPS: After creating website,execute curl -H "Host: <Domain>" http://<WAF IP>:<Port> to check if you can get correct response from web server.

3. Deploy your website to SafeLine

  • If your website is hosted by DNS, just modify your DNS record to WAF
  • If your website is behind any reverse-proxy like nginx, you can modify your nginx conf and set upstream to WAF

4. Protected!👌

Try these:

  • http://<IP or Domain>:<Port>/webshell.php
  • http://<IP or Domain>:<Port>/?id=1%20AND%201=1
  • http://<IP or Domain>:<Port>/?a=<script>alert(1)</script>

📖 FAQ

Please refer to our FAQ first if you have any questions.

For examples:

🏘️ Contact Us

  1. You can make bug feedback and feature suggestions directly through GitHub Issues.
  2. By scanning the QR code below (use wechat or qq), you can join the discussion group of SafeLine users for detailed discussions.

✨ CTStack

SafeLine has already joined CTStack community.