SafeLine-CE 7.5.0

Feature

• Added GitHub authentication in Auth
  • Auth supports multiple types of IdP
  • GitHub authentication supports granular user audit management
• Added the feature of obtaining real IP through PROXY Protocol
• Added Opt in to User Experience Program in System. Users can opt out to stop us from getting your usage habits.

Fixed

• Custom interception pages no longer affect error codes returned by upstream
• Refactored FVM memory management, significantly reducing memory usage of FVM containers
• Fixed an issue where the default administrator account password would occasionally reset during upgrades
• Fixed an issue where rate limiting would count approved attack requests in high-frequency attack calculations
• Optimized master-slave configuration synchronization by adding error retry mechanism and improving sync performance
• Fixed inconsistency between browser favicon and title display in Pro versions

SafeLine-CE 7.3.0

Improvements

• Anti-Bot Challenge adds a fault-tolerant mechanism which supports automatic switching to local verification when there is a cloud failure.
• Improve Custom Block Pages
  • Allow custom page color schemes
  • Custom HTML supports online editing, online preview, and allow reset to the default page.
• Web Services / SECURITY add Get Attack IP From
• Pro version supports Data Dashboard
• Improve Custom Rules
  • URL, URL path add Does Not Equal, Does Not Contain
  • BODY add Contain, Does Not Contain

Fix

• Clean Data supports more options.
• Optimize SQL injection detection logic to allow non-injection attacks.
• Make returning a built-in certificate when the site does not exist optional, to be compatible with IP certificate anomalies.
• Fix CAPTCHA occasionally fails to close properly.
• Fix modifying the SSL protocol under specific conditions does not take effect.
  *Fix the frontend styles are incorrect when selecting multiple websites for custom rules.

SafeLine-CE 7.1.0

Improvements

• System->Attack Alert add Telegram
• Pro version supports deployment on ARM servers
• Site detail add "Custom NGINX Config"
• Clean Data add selection of cleaning 7 days, 15 days, or 30 days of data
• Pro version add Anti-Replay in Anti-Bot
• Improve the performance of data statistics and reduce memory usage

FIx

• Fix the problem that the SSL protocol version will be reset after restarting

SafeLine-CE 7.0.1

Improvements

• Allowlist adds "detecting and recording attack requests when whitelisting" . Attack log of allowlist add the name of the Rule
• Allow Enable/Disable enhanced rules. Pro version allow advaned security rules, or further configuration of rules
• Improve Challenge
  • Pro version allow customizing the page of challenge
  • Pro version allow choosing sliding verificaiton, allow modifying the validity period of the verification
• Pro version allow HA synchronizatio by setting master node and slave node in System Settings -> Configuration Synchronization
• Optimize error log when tengine is abnormal

Fix

• Update IP geolocation library and fix some IP geolocation display errors
• Fix the problem that static sites cannot access subdirectory paths normally
• Fix the problem that the attack log is not correctly recorded as whitelist release when low-risk events hit the whitelist
• Fix the problem that X-Forwarded-Host is set to $http_host by default when passing it to the upstream server
• Fix the problem of incorrect resource settings for site resource collection exclusion
• Fix the problem that the site configuration is lost abnormally after ssl_ciphers is saved
• Remove bridge container (merge into mgt)

SafeLine-CE 6.10.2

Improvements

• Add Limit High-Frequency Error. Allow blocking clients that request a large number of errors. It can effectively prevent attacks such as directory traversal and 401 (HTTP Basic Auth) brute force:

Fix

• If a request is judged as an attack, but released because whitelist, it will now be recorded. The attack type will be recorded as 'Allow List'
• SSL Cert allow renewing the free cert in advance
• In Attacks Events and Attack Logs, Attack IP allow fuzzy query (#378)
• When a ssl site does not exist (SafeLine cannot find the host) , return a built-in cert to avoid leaking domain name (#978)
• Challenge (Anti-Bot) page display CN or EN according to the browser language now.
• Optimize the log processing module, remove container mario, improve performance and reduce resource usage.

SafeLine-CE 6.9.0

Added

• In Protection Log->Attack Detection->Attack Log, "View IP Profile" has been added, which allows you to directly jump to Changting IP Intelligence and comprehensively analyze the attack behavior of the IP
• Sites that support adding "redirection"
• Sites built with static files support setting default pages and behaviors when pages do not exist. Can be used to adapt History routing mode (#1049)
• System Settings -> Data Cleanup supports separate configuration of protection log and statistics cleanup
• Site global configuration, site advanced configuration, support enabling HTTP/1.0 (new installation is not enabled by default):
• Site global configuration, site advanced configuration, support resetting XFF
• Professional version supports customizing global and site Header operations and SSL cipher:
• Professional version supports customizing authentication pages

Fixed

• Fix the problem that HSTS configuration does not take effect when requesting 404
• Fix the problem that the site details->website routing page occasionally times out

SafeLine-CE 6.8.0

Improvements

• Change the code of Challenge to 468 to avoid being cached by CDN
• Reduce the probability of deadlock in luigi

Fix

• Mistakenly return 504 error when 502 Bad Gateway
• Access log and error log in site detail do not refresh automatically
• Advanced statistics sometimes have data of 0
• Sites Serving as Static Files mistakenly record some rate-limiting logs caused by 127.0.0.1

SafeLine-CE 6.6.0

Improvements:

• Allow building a site using static files:
• Add API Token in System:

Fix:

• Always create a new Let's Encrypt account abnormally when get a free cert (#759)

SafeLine-CE 6.5.0

Improvements:

• Allow setting Global (Protections ->Rate Limiting) and Site (Web Services -> Web Services) Rate limiting at the same time:
• Improve the speed of Tengine when loading site configuration after restart service

SafeLine-CE 6.4.1

Optimized

• UI optimizations