MCPcopy
hub / github.com/chaitin/SafeLine

github.com/chaitin/SafeLine @v9.3.9 sqlite

repository ↗ · DeepWiki ↗ · release v9.3.9 ↗
471 symbols 1,293 edges 107 files 88 documented · 19%
README

SafeLine - Make your web apps secure

🏠 Website   |   📖 Docs   |   🔍 Live Demo   |   🙋‍♂️ Discord   |   中文版

👋 INTRODUCTION

SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits.

A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, ldap injection, xpath injection, RCE, XXE, SSRF, path traversal, backdoor, bruteforce, http-flood, bot abused, among others.

💡 How It Works

By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.

A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application, and prevents any unauthorized data from leaving the app. It does this by adhering to a set of policies that help determine what traffic is malicious and what traffic is safe. Just as a proxy server acts as an intermediary to protect the identity of a client, a WAF operates in similar fashion but acting as a reverse proxy intermediary that protects the web app server from a potentially malicious client.

its core capabilities include:

  • Defenses for web attacks
  • Proactive bot abused defense
  • HTML & JS code encryption
  • IP-based rate limiting
  • Web Access Control List

⚡️ Screenshots

Get Live Demo

🔥 FEATURES

List of the main features as follows:

  • Block Web Attacks
  • It defenses for all of web attacks, such as SQL injection, XSS, code injection, os command injection, CRLF injection, XXE, SSRF, path traversal and so on.
  • Rate Limiting
  • Defend your web apps against DoS attacks, bruteforce attempts, traffic surges, and other types of abuse by throttling traffic that exceeds defined limits.
  • Anti-Bot Challenge
  • Anti-Bot challenges to protect your website from bot attacks, humen users will be allowed, crawlers and bots will be blocked.
  • Authentication Challenge
  • When authentication challenge turned on, visitors need to enter the password, otherwise they will be blocked.
  • Dynamic Protection
  • When dynamic protection turned on, html and js codes in your web server will be dynamically encrypted by each time you visit.

🧩 Showcases

Legitimate User Malicious User
Block Web Attacks
Rate Limiting
Anti-Bot Challenge
Auth Challenge
HTML Dynamic Protection
JS Dynamic Protection

🚀 Quickstart

[!WARNING] 中国大陆用户安装国际版可能会导致无法连接云服务,请查看 中文版安装文档

📦 Installing

Information on how to install SafeLine can be found in the Install Guide

⚙️ Protecting Web Apps

to see Configuration

📋 More Informations

Effect Evaluation

Metric ModSecurity, Level 1 CloudFlare, Free SafeLine, Balance SafeLine, Strict
Total Samples 33669 33669 33669 33669
Detection 69.74% 10.70% 71.65% 76.17%
False Positive 17.58% 0.07% 0.07% 0.22%
Accuracy 82.20% 98.40% 99.45% 99.38%

Is SafeLine Production-Ready?

Yes, SafeLine is production-ready.

  • Over 180,000 installations worldwide
  • Protecting over 1,000,000 Websites
  • Handling over 30,000,000,000 HTTP Requests Daily

🙋‍♂️ Community

Join our Discord to get community support, the core team members are identified by the STAFF role in Discord.

  • channel #feedback: for new features discussion.
  • channel #FAQ: for FAQ.
  • channel #general: for any other questions.

Several contact options exist for our community, the primary one being Discord. These are in addition to GitHub issues for creating a new issue.

   

💪 PRO Edition

Coming soon!

📝 License

See LICENSE for details.

Extension points exported contracts — how you extend this code

Tool (Interface)
(no doc) [5 implementers]
mcp_server/pkg/mcp/mcp.go
ToolWrapper (Interface)
By deferring the concretization of generic types to the Register method, we avoid type inference issues. Each Tool is wr
mcp_server/internal/tools/tool.go
ClientOption (FuncType)
ClientOption Client configuration options
mcp_server/internal/api/client.go

Core symbols most depended-on inside this repo

text
called by 128
scripts/manage.py
Error
called by 120
mcp_server/pkg/errors/errors.go
AppendInto
called by 39
management/webserver/pkg/fvm/fsl/selector.go
info
called by 35
scripts/manage.py
error
called by 34
scripts/manage.py
warning
called by 30
scripts/manage.py
debug
called by 25
scripts/manage.py
Info
called by 20
mcp_server/pkg/logger/logger.go

Shape

Function 286
Method 89
Struct 89
TypeAlias 3
Interface 2
Class 1
FuncType 1

Languages

Go86%
Python14%

Modules by API surface

scripts/manage.py65 symbols
management/webserver/pkg/fvm/fvm.go22 symbols
mcp_server/pkg/logger/logger.go16 symbols
mcp_server/pkg/mcp/mcp.go13 symbols
mcp_server/internal/api/client.go12 symbols
management/webserver/pkg/fvm/generator.go12 symbols
mcp_server/pkg/errors/errors.go11 symbols
mcp_server/internal/config/config.go10 symbols
management/tcontrollerd/utils/file.go10 symbols
management/webserver/rpc/website.go9 symbols
management/webserver/model/detectlog.go9 symbols
mcp_server/pkg/logger/field.go8 symbols

Dependencies from manifests, versioned

chaitin.cn/dev/go/errorsv0.0.0-2021032405513 · 1×
chaitin.cn/dev/go/logv0.0.0-2022122010433 · 1×
chaitin.cn/dev/go/settingsv0.0.0-2022122010433 · 1×
github.com/boombuler/barcodev1.0.1-0.20190219062 · 1×
github.com/bytedance/sonicv1.11.6 · 1×
github.com/chenzhuoyu/base64xv0.0.0-2022111506244 · 1×
github.com/gin-contrib/sessionsv0.0.5 · 1×
github.com/gin-contrib/ssev0.1.0 · 1×
github.com/go-playground/localesv0.14.1 · 1×
github.com/go-playground/universal-translatorv0.18.1 · 1×

Datastores touched

safeline-ceDatabase · 1 repos

For agents

$ claude mcp add SafeLine \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact