First Experience with an Open-Source Web Application Firewall – SafeLine WAF in my research project.

Sutharinee Ritthidetch

IT Security Compliance | Student at SIT, KMUTT

Published Apr 24, 2025

As part of my senior project, I’m researching how well Web Application Firewalls (WAFs) can protect web applications. I had never used a WAF before, so I didn’t know where to begin. My supervisor, Tuul Triyason recommended 3 WAF options. After comparing their ease of use for beginners and the quality of their documentation, our group selected SafeLine WAF (developed by Chaitin Technology) as the focus of our research. - https://safepoint.cloud/landing/safeline.

First-Time Experience:

🛠️ Installation was very easy - SafeLine is deployed using Docker, and the installation takes just a few minutes, by following the documentation from this website: https://docs.waf.chaitin.com/en/GetStarted/Deploy

🌐 The web interface is very user-friendly - even with no experience with WAF, I was able to navigate everything easily.
💡 I can configure custom security rules without needing to write code.

⚡ Fast detection – SafeLine detects attacks very quickly! It detects something suspicious, it blocks that action immediately.

🔥 Real-time monitoring – I could see attack logs in real time as the attacks were coming in. It can also be configured to send alerts to Discord or Telegram when an attack is detected.

🔍 I can also view the type of attack, whether the request was blocked or just audited and details of each request in the logs, including the malicious payload, IP address, etc.

In my research, I’m using SafeLine WAF to:

⛔ Evaluate how well SafeLine can block attacks that I have selected from the OWASP Top 10, such as XSS and SQL injection.
⚙️ Evaluate the request-handling capacity and resource usage (CPU and memory) of WAF under different VM configurations (CPU and memory).
⏫ Trying out custom rules to see how they improve security for a web application.
❗ Learning how rate limiting helps reduce risk, such as in brute-force attacks.