In Part1,we covered how to deploy and configure SafeLine, a free and open source WAF built by Chaitin Tech.
Now it’s time to test it.
🔬 Smart Detection: Semantic Analysis Engine
SafeLine doesn’t rely on basic rule-matching. Its built-in semantic analysis engine deeply understands request intent, making it way more accurate against modern attacks.
🤖 Advanced Defense
- Web attacks: SQLi, XSS, RCE, CRLF, XXE, SSRF, etc.
- Bot Defense: CAPTCHA, rate limiting, anti-crawlers
- HTTP Flood: Throttle IPs that exceed traffic thresholds
- Authentication: Enforce login for sensitive endpoints
- Threat Intelligence: Auto-block IPs from known bad actors
✅ Try Simulated Attacks
# SQL Injection
https://your-site.com/?id=1+and+1=2+union+select+1
# XSS
https://your-site.com/?id=<img+src=x+onerror=alert()>
# Path Traversal
https://your-site.com/?id=../../../../etc/passwd
# Code Injection
https://your-site.com/?id=phpinfo();system('id')
# XXE
https://your-site.com/?id=<?xml+version="1.0"?><!DOCTYPE+foo+SYSTEM+"">
🧪 Test with BlazeHTTP (WAF Benchmark Tool)
Run this Docker container to benchmark SafeLine’s protection:
docker run --rm --net=host chaitin/blazehttp:latest /app/blazehttp -t "http://127.0.0.1:8888"
📊 Real Test Results
| WAF | Accuracy | Detection | Miss Rate | False Positives |
|---|---|---|---|---|
| SafeLine (Personal - Balanced) | 99.45% | 71.65% | 28.35% | 0.07% |
| SafeLine (Personal - Strict) | 99.38% | 76.17% | 23.83% | 0.22% |
| SafeLine (Pro - Strict) | 99.66% | 90.68% | 9.32% | 0.07% |
| CloudFlare | 98.40% | 10.70% | 89.30% | 0.07% |
| ModSecurity L1 | 82.39% | 82.26% | 17.74% | 17.61% |
| ModSecurity L4 | 48.32% | 96.77% | 3.23% | 52.49% |
📌 Accuracy = (Correct Blocks + Correct Passes) / Total Samples
📌 Detection Rate = Correct Blocks / Attack Samples
📌 Miss Rate = Incorrect Passes / Attack Samples
📌 False Positive Rate = Incorrect Blocks / Normal Samples
⚙️ Performance Specs
- Personal Edition: Lightweight, runs with just 1 CPU + 1GB RAM, handles ~800 QPS
- Lite Edition: Efficient and low-resource friendly
- Pro Edition: Full performance, maxes out server capacity
Minimum requirements:
- CPU: 1 core
- RAM: 2 GB
- Disk: 60 GB, 2000 IOPS
Scale up: Add 1 core, 2 GB RAM, and 40 GB disk for every 1000 QPS.
🌍 Join the Community
➡️ Try SafeLine today — it's open source, battle-tested, and production-ready.
🏷️ Join the community, share feedback, and help us improve.
Top comments (1)
The side-by-side numbers with ModSecurity are eye-opening — SafeLine clearly outpaces in both accuracy and flexibility. Plus, it’s great to see a free, open-source tool standing strong against industry giants. Survival Race