Self-hosted WAF and reverse proxy for blocking web attacks, bots, and abusive HTTP traffic
- Stars21.5k
- Forks1.4k
- Open Issues91
GPL-3.0
- Go
- C++
- Raku
About SafeLine
SafeLine is a self-hosted web application firewall that sits in front of web apps as a reverse proxy. It filters and monitors HTTP traffic to protect applications from attacks including SQL injection, XSS, code injection, OS command injection, RCE, XXE, SSRF, path traversal, bruteforce, and HTTP flood.
It blocks web attacks, defends against bot abuse, and applies IP-based rate limiting against denial-of-service attempts and traffic surges. Anti-bot and authentication challenges screen visitors, while dynamic protection encrypts HTML and JavaScript on each visit.
SafeLine runs entirely on your own infrastructure and is installed with a single command. It is used across more than 180,000 installations protecting over one million websites.
Key features
- Blocks SQL injection, XSS, RCE, SSRF, and path traversal
- IP-based rate limiting for DoS, bruteforce, and traffic surges
- Anti-bot and authentication challenges
- HTML and JS code encryption
- Web access control lists and dynamic protection
Details
- First released
- 2023
- Self-hosting
- Self-hosted WAF and reverse proxy
- Protection
- SQL injection · XSS · DDoS
- Controls
- Rate limiting · ACLs · challenges
- Deployment
- Reverse proxy in front of web apps
- Install
- Single-command Docker install