SafeLine is a relatively new WAF boasting a wealth of features and an attractive GUI. Whilst I want to see more independent testing and greater clarity over the privacy terms it does look promising. One to keep an eye on!
Docker Compose:
SafeLine:
Nikto:
Discord:
Twitter:
Reddit:
GitHub:
00:00 – Intro (WAF / China / Privacy)
04:06 – Config & Deployment
09:58 – First Login – GUI Overview
15:53 – Get Certificate
19:48 – Nikto Testing
25:47 – Closing Thoughts
[ad_2]
source
I always thought WAF = wife approval factor
Thanks for the demo and info. Another great fantastic video Jim. Have a wonderful day
I have Nginx configured as a reverse proxy for my web applications, and I'm now trying to integrate SafeLine into this setup. I’ve set port 80 to forward to SafeLine, and then configured Nginx to route traffic to SafeLine on port 9443. In theory, this setup should work, but I keep running into a certificate error. Any ideas on what might be causing this?
Hi Jim, Jim here! Can you take a look at Incus and LXConsole? Seems like an up and coming viable and stable Proxmox alternative that’s very lightweight and performant. Love the channel.
Thanks for the demo and info. Have a great day
Honestly, I tried to move past the Chinese origin. However, seeing that it doesn't even default to IPv6 being on was the final nail in the coffin for me.
This sounds like an intersting product right up until the throwawy line "they're based in China" Oh well onto the next.
But I tried and it did work well and I got positive results after a pen test. Every software collect data. Telemetry is very often used to understand usage patterns.
Chinese, nope thx
Great video as always ! The chinese factor being a problem, Bunkerweb seems to be a good (French) alternative from what I saw. Maybe you could give it a try to do a WAF comparison ?
Very interesting, thanks for your work with this video Jim!
kindly compare it to Crowdsec waf
Very nice indeed! I wonder would this possibly replace traefik+crowdsec+ let's encrypt combo? 🤔
try to review openappsec
Please review BunkerWeb.
compare it to firewalla software / firewall
Been looking for a decent WAF for awhile. Sophos is a pain and crowdsec isn't much better. I appreciate the transparency on the origin, i wont be testing this out because of the origin but its nice to see other options coming out that might get support going for other projects.
3:10 – it looks interesting but combining Chinese software with something that can read encrypted packets is a bit too much for me. Great review though and thanks for sharing it
May I ask why you always use VMs as opposed to LXCs? A video on the pros / cons would be great!
*Contemplating on setting up WAF for external services*….Jim's Garage "Should You Switch? Deployment Guide and Initial Thought"…………. 3:10 …glad to know.
Cloudflare offers this as well without the Chinese factor. Free tier and paid. I would urge everyone to at least review that before even installing this on their network.
Like you, I am leery of the data that is getting sent to them. They have exact numbers on their site on the use of their product and how it is being used. The notifications would be nice to have as even Netdata offers Discord notifications for free. I did some testing with this myself and did see the encrypted traffic on wireshark. You can also get the same level of service as their pro version through Cloudflare WAF and using Nginx Proxy Manager and the GoAccess container add-on to view logs and get all the data on locations, attacks, referrers and more. $100/mo or $600/yr is too costly for homelabbers just to get access to the expanded data and notifications.
Well I stopped at the elephant in the room @3:10
I spent a couple of days digging through this app after they reached out and initially was pretty impressed. Until I saw the price, privacy policy, and the phoning home of the app.
When I asked them about the phoning home, they had this to say: "About data collection, If you and you team choose to believe in what I said, I can tell you sincerely that we only collect data about the installation location and the usage status of the important capabilities like dynamic protection. We use this data for statistics and analysis to achieve better business goals. "
I have/had a video in mind for SafeLine, but it's not as in-depth with testing and that sort of thing as your video.
Would love a video of more advanced crowdsec/traefik configuration.