From a47228aae8704709e9f2fcb21586c1c6e03b539e Mon Sep 17 00:00:00 2001 From: okxlin Date: Thu, 14 Nov 2024 22:49:52 +0800 Subject: [PATCH] =?UTF-8?q?feat:=E6=9B=B4=E6=96=B0=E9=95=BF=E4=BA=AD?= =?UTF-8?q?=E9=9B=B7=E6=B1=A07.2.2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/safeline/{7.1.0 => 7.2.2}/.env.sample | 0 apps/safeline/{7.1.0 => 7.2.2}/data.yml | 0 .../{7.1.0 => 7.2.2}/docker-compose.yml | 12 +- apps/safeline/README.md | 123 ++---------------- apps/safeline/data.yml | 3 +- .../.env.sample | 0 .../{newnet-7.1.0 => newnet-7.2.2}/data.yml | 0 .../docker-compose.yml | 12 +- 8 files changed, 26 insertions(+), 124 deletions(-) rename apps/safeline/{7.1.0 => 7.2.2}/.env.sample (100%) rename apps/safeline/{7.1.0 => 7.2.2}/data.yml (100%) rename apps/safeline/{7.1.0 => 7.2.2}/docker-compose.yml (93%) rename apps/safeline/{newnet-7.1.0 => newnet-7.2.2}/.env.sample (100%) rename apps/safeline/{newnet-7.1.0 => newnet-7.2.2}/data.yml (100%) rename apps/safeline/{newnet-7.1.0 => newnet-7.2.2}/docker-compose.yml (94%) diff --git a/apps/safeline/7.1.0/.env.sample b/apps/safeline/7.2.2/.env.sample similarity index 100% rename from apps/safeline/7.1.0/.env.sample rename to apps/safeline/7.2.2/.env.sample diff --git a/apps/safeline/7.1.0/data.yml b/apps/safeline/7.2.2/data.yml similarity index 100% rename from apps/safeline/7.1.0/data.yml rename to apps/safeline/7.2.2/data.yml diff --git a/apps/safeline/7.1.0/docker-compose.yml b/apps/safeline/7.2.2/docker-compose.yml similarity index 93% rename from apps/safeline/7.1.0/docker-compose.yml rename to apps/safeline/7.2.2/docker-compose.yml index ed884f33..ff6f8d3c 100644 --- a/apps/safeline/7.1.0/docker-compose.yml +++ b/apps/safeline/7.2.2/docker-compose.yml @@ -5,7 +5,7 @@ services: networks: 1panel-network: ipv4_address: ${SUBNET_PREFIX}.234 - image: chaitin/safeline-mgt:7.1.0 + image: chaitin/safeline-mgt:7.2.2 volumes: - /etc/localtime:/etc/localtime:ro - ${SAFELINE_DIR}/resources/mgt:/app/data @@ -34,7 +34,7 @@ services: networks: 1panel-network: ipv4_address: ${SUBNET_PREFIX}.235 - image: chaitin/safeline-detector:7.1.0 + image: chaitin/safeline-detector:7.2.2 volumes: - ${SAFELINE_DIR}/resources/detector:/resources/detector - ${SAFELINE_DIR}/logs/detector:/logs/detector @@ -47,7 +47,7 @@ services: safeline-tengine: container_name: ${CONTAINER_NAME}-tengine restart: always - image: chaitin/safeline-tengine:7.1.0 + image: chaitin/safeline-tengine:7.2.2 volumes: - /etc/localtime:/etc/localtime:ro - /etc/resolv.conf:/etc/resolv.conf:ro @@ -72,7 +72,7 @@ services: networks: 1panel-network: ipv4_address: ${SUBNET_PREFIX}.237 - image: chaitin/safeline-luigi:7.1.0 + image: chaitin/safeline-luigi:7.2.2 volumes: - /etc/localtime:/etc/localtime:ro - ${SAFELINE_DIR}/resources/luigi:/app/data @@ -94,7 +94,7 @@ services: networks: 1panel-network: ipv4_address: ${SUBNET_PREFIX}.238 - image: chaitin/safeline-fvm:7.1.0 + image: chaitin/safeline-fvm:7.2.2 volumes: - /etc/localtime:/etc/localtime:ro logging: @@ -129,7 +129,7 @@ services: networks: 1panel-network: ipv4_address: ${SUBNET_PREFIX}.240 - image: chaitin/safeline-chaos:7.1.0 + image: chaitin/safeline-chaos:7.2.2 logging: options: max-size: "100m" diff --git a/apps/safeline/README.md b/apps/safeline/README.md index e0a8e156..4ced2095 100644 --- a/apps/safeline/README.md +++ b/apps/safeline/README.md @@ -1,118 +1,21 @@

- -

-

雷池 - 广受好评的社区 WAF

-
-

- - - - - +

+

+ SafeLine - 雷池 - 不让黑客越过半步 +

+

- 官方网站 | - 在线 Demo | - 技术文档 | - For English + 🏠 官网   |   + 📖 文档   |   + 🔍 演示环境   |   + 🙋‍♂️ 社区微信群   |   + 国际版

-一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 +## 👋 项目介绍 -核心检测能力由智能语义分析算法驱动,专为社区而生,不让黑客越雷池半步。 +SafeLine,中文名 "雷池",是一款简单好用, 效果突出的 **`Web 应用防火墙(WAF)`**,可以保护 Web 服务不受黑客攻击。 - - -

相关源码仓库

-

- 语义分析自动机引擎 | - 流量分析插件 | - T1K 协议 | - 测试工具 -

- -## 相关特性 - -#### 便捷性 - -采用容器化部署,一条命令即可完成安装,0 成本上手。安全配置开箱即用,无需人工维护,可实现安全躺平式管理。 - -#### 安全性 - -首创业内领先的智能语义分析算法,精准检测、低误报、难绕过。语义分析算法无规则,面对未知特征的 0day 攻击不再手足无措。 - -#### 高性能 - -无规则引擎,线性安全检测算法,平均请求检测延迟在 1 毫秒级别。并发能力强,单核轻松检测 2000+ TPS,只要硬件足够强,可支撑的流量规模无上限。 - -#### 高可用 - -流量处理引擎基于 Nginx 开发,性能与稳定性均可得到保障。内置完善的健康检查机制,服务可用性高达 99.99%。 - -## 🚀 安装 - -### 配置需求 - -- 操作系统:Linux -- 指令架构:x86_64 -- 软件依赖:Docker 20.10.6 版本以上 -- 软件依赖:Docker Compose 2.0.0 版本以上 -- 最小化环境:1 核 CPU / 1 GB 内存 / 10 GB 磁盘 - - -### 一键安装 - -``` -bash -c "$(curl -fsSLk https://waf-ce.chaitin.cn/release/latest/setup.sh)" -``` - -> 更多安装方式请参考 安装雷池 - -## 🕹️ 快速使用 - -### 登录 - -浏览器打开后台管理页面 `https://:9443`。根据界面提示,使用 **支持 TOTP 的认证软件** 扫描二维码,然后输入动态口令登录: - -![login.gif](https://waf-ce.chaitin.cn/images/gif/login.gif) - -### 配置防护站点 - -雷池以反向代理方式接入,优先于网站服务器接收流量,对流量中的攻击行为进行检测和清洗,将清洗过后的流量转发给网站服务器。 - -![config.gif](https://waf-ce.chaitin.cn/images/gif/config_site.gif) - -💡 TIPS: 添加后,执行 `curl -H "Host: <域名>" http://:<端口>` 应能获取到业务网站的响应。 - -### 测试效果 - -使用以下方式尝试模拟黑客攻击,看看雷池的防护效果如何 - -- 浏览器访问 `http://:<端口>/?id=1%20AND%201=1` -- 浏览器访问 `http://:<端口>/?a=` - -![log.gif](https://waf-ce.chaitin.cn/images/gif/detect_log.gif) - -> 如果你需要进行深度测试,请参考 测试防护效果 - -### FAQ - -- [安装问题](https://waf-ce.chaitin.cn/posts/faq_install) -- [登录问题](https://waf-ce.chaitin.cn/posts/faq_login) -- [网站无法访问](https://waf-ce.chaitin.cn/posts/faq_access) -- [配置问题](https://waf-ce.chaitin.cn/posts/faq_config) -- [其他问题](https://waf-ce.chaitin.cn/posts/faq_other) - -## 🏘️ 联系我们 - -1. 可以通过 GitHub Issue 直接进行 Bug 反馈和功能建议 -2. 可以扫描下方二维码加入雷池社区版用户讨论群 - - - -## Star History - - - Star History Chart - +雷池通过过滤和监控 Web 应用与互联网之间的 HTTP 流量来保护 Web 服务。可以保护 Web 服务免受 `SQL 注入`、`XSS`、 `代码注入`、`命令注入`、`CRLF 注入`、`ldap 注入`、`xpath 注入`、`RCE`、`XXE`、`SSRF`、`路径遍历`、`后门`、`暴力破解`、`CC`、`爬虫` 等攻击。 diff --git a/apps/safeline/data.yml b/apps/safeline/data.yml index 819662d8..e68de644 100644 --- a/apps/safeline/data.yml +++ b/apps/safeline/data.yml @@ -1,8 +1,7 @@ name: 雷池 Web 应用防火墙(Safeline WAF) tags: - - 工具 + - 实用工具 title: 一款足够简单、足够好用、足够强的免费 WAF -type: 工具 description: 一款足够简单、足够好用、足够强的免费 WAF additionalProperties: key: safeline diff --git a/apps/safeline/newnet-7.1.0/.env.sample b/apps/safeline/newnet-7.2.2/.env.sample similarity index 100% rename from apps/safeline/newnet-7.1.0/.env.sample rename to apps/safeline/newnet-7.2.2/.env.sample diff --git a/apps/safeline/newnet-7.1.0/data.yml b/apps/safeline/newnet-7.2.2/data.yml similarity index 100% rename from apps/safeline/newnet-7.1.0/data.yml rename to apps/safeline/newnet-7.2.2/data.yml diff --git a/apps/safeline/newnet-7.1.0/docker-compose.yml b/apps/safeline/newnet-7.2.2/docker-compose.yml similarity index 94% rename from apps/safeline/newnet-7.1.0/docker-compose.yml rename to apps/safeline/newnet-7.2.2/docker-compose.yml index 007a95dd..a9d2fe32 100644 --- a/apps/safeline/newnet-7.1.0/docker-compose.yml +++ b/apps/safeline/newnet-7.2.2/docker-compose.yml @@ -6,7 +6,7 @@ services: 1panel-network: safeline-ce: ipv4_address: ${SUBNET_PREFIX}.4 - image: chaitin/safeline-mgt:7.1.0 + image: chaitin/safeline-mgt:7.2.2 volumes: - /etc/localtime:/etc/localtime:ro - ${SAFELINE_DIR}/resources/mgt:/app/data @@ -36,7 +36,7 @@ services: 1panel-network: safeline-ce: ipv4_address: ${SUBNET_PREFIX}.5 - image: chaitin/safeline-detector:7.1.0 + image: chaitin/safeline-detector:7.2.2 volumes: - ${SAFELINE_DIR}/resources/detector:/resources/detector - ${SAFELINE_DIR}/logs/detector:/logs/detector @@ -49,7 +49,7 @@ services: safeline-tengine: container_name: ${CONTAINER_NAME}-tengine restart: always - image: chaitin/safeline-tengine:7.1.0 + image: chaitin/safeline-tengine:7.2.2 volumes: - /etc/localtime:/etc/localtime:ro - /etc/resolv.conf:/etc/resolv.conf:ro @@ -75,7 +75,7 @@ services: 1panel-network: safeline-ce: ipv4_address: ${SUBNET_PREFIX}.7 - image: chaitin/safeline-luigi:7.1.0 + image: chaitin/safeline-luigi:7.2.2 volumes: - /etc/localtime:/etc/localtime:ro - ${SAFELINE_DIR}/resources/luigi:/app/data @@ -99,7 +99,7 @@ services: 1panel-network: safeline-ce: ipv4_address: ${SUBNET_PREFIX}.8 - image: chaitin/safeline-fvm:7.1.0 + image: chaitin/safeline-fvm:7.2.2 volumes: - /etc/localtime:/etc/localtime:ro logging: @@ -136,7 +136,7 @@ services: 1panel-network: safeline-ce: ipv4_address: ${SUBNET_PREFIX}.10 - image: chaitin/safeline-chaos:7.1.0 + image: chaitin/safeline-chaos:7.2.2 logging: options: max-size: "100m"