Overview
SafeLine is a self-hosted Web Application Firewall (WAF) that sits in front of your web application as a reverse proxy. It filters, monitors, and blocks malicious HTTP/S traffic to defend against a broad range of attacks, including SQL injection, XSS, code injection, OS command injection, CRLF injection, LDAP/XPath injection, SSRF, RCE, XXE, and path traversal. It also provides proactive bot defense, IP-based rate limiting, and a Web Access Control List to prevent abuse. Core capabilities include defenses for web attacks, proactive bot protection, HTML and JS code encryption, and dynamic protection that encrypts assets per visit. When deployed, SafeLine acts as a shield between clients and your servers, enforcing policies to distinguish malicious from legitimate requests. SafeLine is production-ready with over 180,000 installations worldwide, protecting more than 1,000,000 websites and handling tens of billions of HTTP requests daily. Features include Block Web Attacks, Rate Limiting, Anti-Bot Challenge, Authentication Challenge, and Dynamic Protection.
Features
Block Web Attacks
Defends against a wide range of web attacks, including SQL injection, XSS, code injection, OS command injection, CRLF, XXE, SSRF, path traversal, and more.
Rate Limiting
Defends against DoS, bruteforce attempts, traffic surges, and other abuse by throttling requests that exceed defined limits.
Anti-Bot Challenge
Provides anti-bot challenges to protect your site; human users are allowed, while crawlers and bots are blocked.
Authentication Challenge
When enabled, visitors must enter a password to access protected areas; without it, access is blocked.
Dynamic Protection
Dynamically encrypts HTML and JavaScript on-the-fly per user visit to protect client-side code.
