SafeLine is an open-source, self-hosted Web Application Firewall (WAF) designed to protect your web applications from modern threats — without relying on third-party cloud services.
By acting as a reverse proxy, SafeLine inspects and filters all incoming HTTP/HTTPS traffic. It blocks suspicious or malicious requests before they ever reach your backend.
Why You Need a WAF
By placing a WAF in front of your web application, you create a shield between your app and the internet.
Just like a forward proxy protects the identity of client devices, a WAF acts as a reverse proxy, sitting between your app and potential attackers. It ensures that every request must pass through the WAF before it reaches your server.
A WAF protects your application by filtering, monitoring, and blocking malicious HTTP/HTTPS traffic. It also prevents sensitive or unauthorized data from leaking out of the app. This is done based on a set of policies that help determine which traffic is harmful and which is safe.
What SafeLine Protects You From
SafeLine helps defend against a wide range of web attacks, including:
- SQL Injection (SQLi)
- Cross-Site Scripting (XSS)
- Code Injection
- OS Command Injection
- CRLF Injection
- XXE, SSRF, and RCE
- Path Traversal
- Brute-force Attacks
- HTTP Floods
- Malicious Bots
- And more
Core Features
Web Attack Prevention
Blocks common and advanced web threats like SQLi, XSS, code injection, SSRF, and path traversal attacks — right out of the box.
Rate Limiting
Protects against abuse such as DoS, brute-force attempts, and traffic spikes by limiting request rates based on IP.
Anti-Bot Challenge
Uses challenge-response mechanisms to distinguish real users from bots. Human users can continue normally, while bots are blocked.
Authentication Challenge
Optionally require a password challenge before visitors can access your site. Useful for staging environments or admin panels.
Dynamic Protection
With dynamic protection enabled, your site's HTML and JavaScript are encrypted on each request, making scraping and reverse engineering more difficult.
Join SafeLine
- Live Demo: https://demo.waf.chaitin.com:9443/statistics/dashboard
- GitHub Repo: https://github.com/chaitin/SafeLine
- Discord Group: https://discord.gg/hUAfMWhknP
SafeLine is free and open-source. You can deploy it in your own infrastructure, customize the rule sets, and fully control your web security posture.
