This article is written by an excellent SafeLine user, Sutharinee Ritthidetch.

Original link:
https://www.linkedin.com/pulse/my-first-experience-open-source-web-application-waf-ritthidetch-bv6bf/

As part of my senior project, I’m researching how well Web Application Firewalls (WAFs) can protect web applications. I had never used a WAF before, so I didn’t know where to begin.

My supervisor, Tuul Triyason recommended 3 WAF options. After comparing their ease of use for beginners and the quality of their documentation, our group selected SafeLine WAF (developed by Chaitin Technology) as the focus of our research. - https://ly.safepoint.cloud/aMx9T1U

First-Time Experience:

🛠️ Installation was very easy - SafeLine is deployed using Docker, and the installation takes just a few minutes, by following the documentation from this website: https://docs.waf.chaitin.com/en/GetStarted/Deploy

Image description

🌐 The web interface is very user-friendly - even with no experience with WAF, I was able to navigate everything easily.
💡 I can configure custom security rules without needing to write code.

Image description

Fast detection – SafeLine detects attacks very quickly! It detects something suspicious, it blocks that action immediately.

Image description

🔥 Real-time monitoring – I could see attack logs in real time as the attacks were coming in. It can also be configured to send alerts to Discord or Telegram when an attack is detected.

Image description

🔍 I can also view the type of attack, whether the request was blocked or just audited and details of each request in the logs, including the malicious payload, IP address, etc.

Image description

Image description

In my research, I’m using SafeLine WAF to:

⛔ Evaluate how well SafeLine can block attacks that I have selected from the OWASP Top 10, such as XSS and SQL injection.

⚙️ Evaluate the request-handling capacity and resource usage (CPU and memory) of WAF under different VM configurations (CPU and memory).

⏫ Trying out custom rules to see how they improve security for a web application.

❗ Learning how rate limiting helps reduce risk, such as in brute-force attacks.

Image description
Rate-Limiting

I’m still learning how to use SafeLine WAF. I’ll share more updates as I try more features and learn new things during my research project. 😊

📘 Project Contributors

Supervisor: Asst. Prof. Dr. Tuul Triyason Tuul Triyason
Students:

  1. Sutharinee Riithidetch https://www.linkedin.com/in/sutharinee-ritthidetch/
  2. Arissara Sanyaboot https://www.linkedin.com/in/arissara-sanyaboot-877a14361/