diff --git a/README.md b/README.md index f48e0ca..56d368f 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,7 @@

- +

-

SafeLine Community Edition

-

Keep hackers at bay

+

长亭雷池 WAF 社区版


@@ -12,101 +11,109 @@

-

Official Website

-

English | 中文文档

+

+ 官方网站 | + 技术文档 | + For English +

-A simple and easy to use WAF tool. Built on [Chaitin Technology](https://www.chaitin.cn/en/)'s ace 🤖️Intelligent Semantic Analysis algorithm🤖️, designed for the community. +

相关源码仓库

+

+ 语义分析自动机引擎 | + 流量分析插件 | + T1K 协议 | + 测试工具 +

-## ✨ Demo +一款足够简单、足够好用、足够强的免费 WAF。 -### 🔥🔥🔥 Online Demo: https://demo.waf-ce.chaitin.cn:9443/ +耗时近 10 年,长亭科技倾情打造,核心检测能力由智能语义分析算法驱动,专为社区而生,不让黑客越雷池半步。 -There is a simple http server, listened on `http://127.0.0.1:8889`, can be used as for testing. + -![](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_detect_log.gif) +## 产品特性 -![](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_website.gif) +#### 便捷性 -## 🚀 Installation +采用容器化部署,一条命令即可完成安装,0 成本上手。安全配置开箱即用,无需人工维护,可实现安全躺平式管理。 -### 1. Make sure [Docker](https://docs.docker.com/engine/install/) and [Compose V2](https://docs.docker.com/compose/install/) are installed correctly on the machine -```shell -docker info # >= 20.10.6 -docker compose version # >= 2.0.0 +#### 安全性 + +首创业内领先的智能语义分析算法,精准检测、低误报、难绕过。语义分析算法无规则,面对未知特征的 0day 攻击不再手足无措。 + +#### 高性能 + +无规则引擎,线性安全检测算法,平均请求检测延迟在 1 毫秒级别。并发能力强,单核轻松检测 2000+ TPS,只要硬件足够强,可支撑的流量规模无上限。 + +#### 高可用 + +流量处理引擎基于 Nginx 开发,性能与稳定性均可得到保障。内置完善的健康检查机制,服务可用性高达 99.99%。 + +## 🚀 安装 + +### 配置需求 + +- 操作系统:Linux +- 指令架构:x86_64 +- 软件依赖:Docker 20.10.6 版本以上 +- 软件依赖:Docker Compose 2.0.0 版本以上 +- 最小化环境:1 核 CPU / 1 GB 内存 / 10 GB 磁盘 + +### 创建安装目录 + +``` +mkdir -p safeline # 创建 safeline 目录 +cd safeline # 进入 safeline 目录 ``` -### 2. Setup and deploy +### 一键安装 -```shell -mkdir -p safeline && cd safeline -# setup -curl -kfLsS https://waf-ce.chaitin.cn/release/latest/setup.sh | bash - -# launch -sudo docker compose up -d +``` +curl -fsSLk https://waf-ce.chaitin.cn/release/latest/setup.sh | bash ``` -#### Upgrade +> 更多安装方式请参考 安装雷池 -**WARN: SafeLine will be restarted and your traffic will be unavailable for a short period of time. You may need to choose a proper time for upgration.** +### 启动 -```shell -curl -kfLsS https://waf-ce.chaitin.cn/release/latest/upgrade.sh | bash - -# delete the old used image layers if necessary. -docker rmi $(docker images | grep "safeline" | grep "none" | awk '{print $3}') +``` +docker compose up -d ``` -## 🕹️ Quick Start +## 🕹️ 快速使用 -### 1. Login +### 登录 -Open admin page `https://:9443` and scan qrcode with any authenticator Apps that support TOTP, enter the code to login. +浏览器打开后台管理页面 `https://:9443`。根据界面提示,使用 **支持 TOTP 的认证软件** 扫描二维码,然后输入动态口令登录: ![safeline_login.gif](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_login.gif) -### 2. Create website +### 配置防护站点 + +雷池以反向代理方式接入,优先于网站服务器接收流量,对流量中的攻击行为进行检测和清洗,将清洗过后的流量转发给网站服务器。 ![safeline_website.gif](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_website.gif) -💡 TIPS: After creating website,execute `curl -H "Host: " http://:` to check if you can get correct response from web server. +💡 TIPS: 添加后,执行 `curl -H "Host: <域名>" http://:<端口>` 应能获取到业务网站的响应。 -### 3. Deploy your website to SafeLine +### 测试效果 -- If your website is hosted by DNS, just modify your DNS record to WAF -- If your website is behind any reverse-proxy like nginx, you can modify your nginx conf and set upstream to WAF +使用以下方式尝试模拟黑客攻击,看看雷池的防护效果如何 -### 4. Protected!👌 +- 浏览器访问 `http://:<端口>/?id=1%20AND%201=1` +- 浏览器访问 `http://:<端口>/?a=` -Try these: +> 如果你需要进行深度测试,请参考 测试防护效果 -- `http://:/webshell.php` -- `http://:/?id=1%20AND%201=1` -- `http://:/?a=` +## 🏘️ 联系我们 -## 📖 FAQ - -Please refer to our [FAQ](FAQ.md) first if you have any questions. - -For examples: -- [docker compose or docker-compose?](FAQ.md#docker-compose-or-docker-compose) -- [website configurations](FAQ.md#站点配置问题) -- [website not working / not correctly response](FAQ.md#配置完成之后还是没有成功访问到上游服务器) - -## 🏘️ Contact Us - -1. You can make bug feedback and feature suggestions directly through GitHub Issues. -2. By scanning the QR code below (use wechat or qq), you can join the discussion group of SafeLine users for detailed discussions. +1. 可以通过 GitHub Issue 直接进行 Bug 反馈和功能建议 +2. 可以扫描下方二维码加入雷池社区版用户讨论群 -## ✨ CTStack - - -SafeLine has already joined [CTStack](https://stack.chaitin.com/tool/detail?id=717) community. - ## Star History - Star History Chart - + Star History Chart + diff --git a/README_CN.md b/README_CN.md deleted file mode 100644 index e74d53c..0000000 --- a/README_CN.md +++ /dev/null @@ -1,145 +0,0 @@ -

- -

-

雷池 SafeLine 社区版

-

不让黑客越雷池半步

-
-

- - - - - -

- -

官方网站

-

中文文档 | English

- -一款简单、好用的 WAF 工具。基于[长亭科技](https://www.chaitin.cn)王牌的 🤖️智能语义分析算法🤖️ 打造,专为社区设计。 - -## ✨ Demo - -### 🔥🔥🔥 体验地址:https://demo.waf-ce.chaitin.cn:9443/ - -有一台运行在环境上 `http://127.0.0.1:8889` 的服务可以作为上游服务器测试使用。 - -![](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_detect_log.gif) - -![](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_website.gif) - -## 🚀 安装 - -### 1. 确保机器上正确安装 [Docker](https://docs.docker.com/engine/install/) 和 [Compose V2](https://docs.docker.com/compose/install/) -```shell -docker info # >= 20.10.6 -docker compose version # >= 2.0.0 -``` - -### 2. 部署安装 - -```shell -mkdir -p safeline && cd safeline -# 下载并执行 setup -curl -kfLsS https://waf-ce.chaitin.cn/release/latest/setup.sh | bash - -# 运行 -sudo docker compose up -d -``` - -#### 升级 - -##### 自动一键更新 - -**WARN: 雷池 SafeLine 服务会重启,流量会中断一小段时间,根据业务情况选择合适的时间来执行升级操作。** - -```shell -# 请到 compose.yaml 同级目录下执行下面脚本 -curl -kfLsS https://waf-ce.chaitin.cn/release/latest/upgrade.sh | bash - -# 如果有需要,可以手动删除旧版本镜像 -docker rmi $(docker images | grep "safeline" | grep "none" | awk '{print $3}') -``` -**有部分环境的默认 SafeLine 安装路径是在 `/data/safeline-ce`,安装之后可能会发现需要重新绑定 OTP、配置丢失等情况,可以修改 .env 的 `SAFELINE_DIR` 变量,指向 `/data/safeline-ce`** - -##### 手动更新镜像 - -**适用于 docker hub 拉取镜像失败的场景,手动更新镜像,注意还是要执行 `upgrade.sh` 来处理 `.env` 的更新,否则有可能会因为缺少参数而启动失败。** - -###### 1. 在一台能够从 docker hub 拉取镜像的机器上执行 - -```shell - -# 拉取镜像 -docker pull chaitin/safeline-tengine:latest -docker pull chaitin/safeline-mgt-api:latest -docker pull chaitin/safeline-mario:latest -docker pull chaitin/safeline-detector:latest -docker pull postgres:15.2 -docker pull redis:7.0.11 - -# 打包镜像 -docker save -o image.tar chaitin/safeline-tengine:latest chaitin/safeline-mgt-api:latest chaitin/safeline-mario:latest chaitin/safeline-detector:latest postgres:15.2 redis:7.0.11 - -# 传输到 SafeLine 要部署的目标服务器 -# scp image.tar :/root/ -``` -###### 2. 在目标服务器 load 镜像 - -```shell -docker load -i image.tar - -curl -kfLsS https://waf-ce.chaitin.cn/release/latest/upgrade.sh | bash -``` - -## 🕹️ 快速使用 - -### 1. 登录 - -浏览器打开后台管理页面 `https://:9443`。根据界面提示,使用 **支持 TOTP 的认证软件** 扫描二维码,然后输入动态口令登录: - -![safeline_login.gif](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_login.gif) - -### 2. 添加站点 - -![safeline_website.gif](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_website.gif) - -💡 TIPS: 添加后,执行 `curl -H "Host: <域名>" http://:<端口>` 应能获取到业务网站的响应。 - -### 3. 将网站流量切到雷池 - -- 若网站通过域名访问,则可将域名的 DNS 解析指向雷池所在设备 -- 若网站前有 nginx 、负载均衡等代理设备,则可将雷池部署在代理设备和业务服务器之间,然后将代理设备的 upstream 指向雷池 - -### 4. 开始防护👌 - -试试这些攻击方式: - -- 浏览器访问 `http://:<端口>/webshell.php` -- 浏览器访问 `http://:<端口>/?id=1%20AND%201=1` -- 浏览器访问 `http://:<端口>/?a=` - -## 📖 FAQ - -有任何问题请先查阅我们的 [FAQ 文档](FAQ.md)。 - -比如: -- [docker compose or docker-compose?](FAQ.md#docker-compose-还是-docker-compose) -- [站点如何配置](FAQ.md#站点配置问题) -- [配置完成之后,还是没有成功访问到上游服务器](FAQ.md#配置完成之后还是没有成功访问到上游服务器) - -## 🏘️ 联系我们 -1. 您可以通过 GitHub Issue 直接进行 Bug 反馈和功能建议。 -2. 扫描下方二维码可以加入雷池社区版用户讨论群进行详细讨论 - - - -## ✨ CTStack - - -雷池 SafeLine 现已加入 [CTStack](https://stack.chaitin.com/tool/detail?id=717) 社区 - -## Star History - - - Star History Chart - diff --git a/README_EN.md b/README_EN.md new file mode 100644 index 0000000..f48e0ca --- /dev/null +++ b/README_EN.md @@ -0,0 +1,112 @@ +

+ +

+

SafeLine Community Edition

+

Keep hackers at bay

+
+

+ + + + + +

+ +

Official Website

+

English | 中文文档

+ +A simple and easy to use WAF tool. Built on [Chaitin Technology](https://www.chaitin.cn/en/)'s ace 🤖️Intelligent Semantic Analysis algorithm🤖️, designed for the community. + +## ✨ Demo + +### 🔥🔥🔥 Online Demo: https://demo.waf-ce.chaitin.cn:9443/ + +There is a simple http server, listened on `http://127.0.0.1:8889`, can be used as for testing. + +![](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_detect_log.gif) + +![](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_website.gif) + +## 🚀 Installation + +### 1. Make sure [Docker](https://docs.docker.com/engine/install/) and [Compose V2](https://docs.docker.com/compose/install/) are installed correctly on the machine +```shell +docker info # >= 20.10.6 +docker compose version # >= 2.0.0 +``` + +### 2. Setup and deploy + +```shell +mkdir -p safeline && cd safeline +# setup +curl -kfLsS https://waf-ce.chaitin.cn/release/latest/setup.sh | bash + +# launch +sudo docker compose up -d +``` + +#### Upgrade + +**WARN: SafeLine will be restarted and your traffic will be unavailable for a short period of time. You may need to choose a proper time for upgration.** + +```shell +curl -kfLsS https://waf-ce.chaitin.cn/release/latest/upgrade.sh | bash + +# delete the old used image layers if necessary. +docker rmi $(docker images | grep "safeline" | grep "none" | awk '{print $3}') +``` + +## 🕹️ Quick Start + +### 1. Login + +Open admin page `https://:9443` and scan qrcode with any authenticator Apps that support TOTP, enter the code to login. + +![safeline_login.gif](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_login.gif) + +### 2. Create website + +![safeline_website.gif](https://ctstack-oss.oss-cn-beijing.aliyuncs.com/veinmind/safeline-assets/safeline_website.gif) + +💡 TIPS: After creating website,execute `curl -H "Host: " http://:` to check if you can get correct response from web server. + +### 3. Deploy your website to SafeLine + +- If your website is hosted by DNS, just modify your DNS record to WAF +- If your website is behind any reverse-proxy like nginx, you can modify your nginx conf and set upstream to WAF + +### 4. Protected!👌 + +Try these: + +- `http://:/webshell.php` +- `http://:/?id=1%20AND%201=1` +- `http://:/?a=` + +## 📖 FAQ + +Please refer to our [FAQ](FAQ.md) first if you have any questions. + +For examples: +- [docker compose or docker-compose?](FAQ.md#docker-compose-or-docker-compose) +- [website configurations](FAQ.md#站点配置问题) +- [website not working / not correctly response](FAQ.md#配置完成之后还是没有成功访问到上游服务器) + +## 🏘️ Contact Us + +1. You can make bug feedback and feature suggestions directly through GitHub Issues. +2. By scanning the QR code below (use wechat or qq), you can join the discussion group of SafeLine users for detailed discussions. + + + +## ✨ CTStack + + +SafeLine has already joined [CTStack](https://stack.chaitin.com/tool/detail?id=717) community. + +## Star History + + + Star History Chart +