Releases: chaitin/SafeLine
Releases · chaitin/SafeLine
SafeLine-CE 8.6.0
What's new
- Auth supports OIDC integration, enabling unified user management and access control. Click to view feature introduction
- Pro version enables [Group Management] feature in "Applications - Advanced"
- Supports application grouping and drag-and-drop sorting
- Allows specifying groups when adding applications
- Pro version increases Auth seats to 100
- Applications optimized with card-style interface
- Original application "Edit" button now displays basic info edit instead of application edit; application edit can be accessed from details page
- Supports NTLM authorization authentication
Fix
- Fixed issue where scanners were not properly disabled in audited mode
- Fixed issue where specific paths would not correctly return "website does not exist" response
- Fixed issue where Anti-Bot incorrectly displayed IP filtering conditions when switching verification methods
- Optimized UA display in data statistics
SafeLine-CE 8.5.0
What's new
- Auth supports SSO, requiring only one authentication to access all applications that have joined SSO. SSO Guide
- Support editing application title and icon in application details. This content is only for display in SafeLine console and SSO center, and does not affect the original application configuration
- Modularization of Applications Functionality, with original global application configuration migrated to the Applications - Advancedpage
- Modularization of Attacks Functionality, with original custom rules and detection modules migrated to Attacks - Settingspage. The original detection Modulehas been renamed to Semantic Analysis Module
- Modularization of Settings Functionality, with original ssl cert, general configuration, and system settings migrated to the Settings page. The settings function list is as follows:
- Protections: IP Groups, SSL Cert, Blocking Pages, Performance, Clean Data, Config Auto Sync, Attack Alert, Syslog, Information Sharing Program
- Management: Manager User, API Token, SSL Cert (SafeLine Web Console), System Message
Fix
- Applications list supports searching by application name
- Fixed an issue where the exclusion of resources in Routings collection was not correctly implemented
SafeLine-CE 8.4.0
Fix
- Fixed an issue where the sl-session in the response header contained an extra space.
- Minor UI styling improvements.
SafeLine-CE 8.3.0
What's new
This version involves automatic migration of AUTH-related data. Relevant users are advised to review the data migration rules and decide whether to upgrade at your discretion.
- Modularization of Anti-Bot Functionality
- Personal/Lite version supports viewing the latest 20 logs of Anti-Bot
- Supports application-level configuration "Enable Anti-Bot for specific conditions" and custom whitelist conditions for Anti-Bot
- Data migration rules
- Original Custom Anti-Bot Rules
- Rules configured with "Application" parameter will be migrated to specified applications and automatically enable Anti-Bot for those applications with BASIC selected by default
- Rules without "Application" parameter will be migrated to apply to all applications and automatically enable Anti-Bot for all applications with BASIC selected by default
- No rule migration will occur for applications with Anti-Bot already enabled
- Custom Anti-Bot rules will not be migrated if they have been disabled
- Original Custom Anti-Bot Rules
- Slave Node supports viewing the data dashboard
Fix
- Fixed an issue where master-slave configuration could not synchronize rule disabled status
- Fixed a style error issue when rate limiting triggers Anti-Bot
SafeLine-CE 8.2.0
Improvements
- OPEN API is available to all console users, with each user able to generate their own dedicated Token
SafeLine-CE 8.1.0
Improvements
This version involves automatic migration of AUTH-related data. Relevant users are advised to review the data migration rules and upgrade at their discretion.
- Modularization of AUTH Functionality
- Supports application-level configuration to "Enable authentication for specific conditions" and custom whitelist conditions for AUTH
- Supports selection of different login methods, currently supporting Account/password and GitHub
- Supports global user management with new user authorization approval
- Enhanced AUTH logs
- No longer supports multi-factor authentication scenarios
- Data Migration Rules
- Original Custom AUTH Rules
- Rules configured with "Application" parameter will be migrated to specified applications and automatically enable AUTH for those applications
- Rules without "Application" parameter will be migrated to apply to all applications and automatically enable AUTH for all applications
- No rule migration will occur for applications with AUTH already enabled
- Original Identity Sources
- Only active identity sources will be migrated; for GitHub, only valid users will be migrated
- After migration, users will automatically be configured with application authorization based on original associations
- Original Custom AUTH Rules
- Modularization of HTTP Flood Functionality
- Changed the entry point for global Rate Limiting configuration
- Added parameter descriptions for Rate Limiting to provide intuitive understanding of current configurations
Fix
- Optimized rule compilation module to accelerate rule compilation speed
- Enhanced detection engine health check mechanism
- Improved breadcrumb structure
- Fixed issue with abnormal AUTH source IP acquisition under Proxy Protocol configuration
- Fixed problem with site logs closing unexpectedly under certain conditions
- Fixed various translation errors
SafeLine-CE 8.0.0
Improvements
- SafeLine Community Edition has been renamed to Personal Edition
- New Lite Edition launched with premium features for personal use
- New IP Intelligence feature: Direct access to SafePoint IP Intelligence for comprehensive attack behavior analysis
- SSE streaming enabled for applications
Fix
- Fixed delayed data updates in statistics module
- Fixed high memory usage when Anti-Bot Challenge is enabled in certain scenarios
- Fixed application routings limit not taking effect
- Fixed database index length overflow issues
*Fixed QPS not displaying in SDK bypass mode
SafeLine-CE 7.6.2
Feature
- Free now supports viewing up to 20 latest Auth Logs
- Free enables access to application logs including access log and error log
- Pro increased maximum concurrent users allowed in waiting room to 5,000
Fixed
- Enhanced query performance for statistics dashboard
- Improved detection engine stability with optimized memory allocation
SafeLine-CE 7.5.0
Feature
- Added
GitHubauthentication in Auth- Auth supports multiple types of IdP
- GitHub authentication supports granular user audit management
- Added the feature of obtaining real IP through
PROXY Protocol - Added
Opt in to User Experience PrograminSystem. Users can opt out to stop us from getting your usage habits.
Fixed
- Custom interception pages no longer affect error codes returned by upstream
- Refactored FVM memory management, significantly reducing memory usage of FVM containers
- Fixed an issue where the default administrator account password would occasionally reset during upgrades
- Fixed an issue where rate limiting would count approved attack requests in high-frequency attack calculations
- Optimized master-slave configuration synchronization by adding error retry mechanism and improving sync performance
- Fixed inconsistency between browser favicon and title display in Pro versions
SafeLine-CE 7.3.0
Improvements
- Anti-Bot Challenge adds a fault-tolerant mechanism which supports automatic switching to local verification when there is a cloud failure.
- Improve Custom Block Pages
- Allow custom page color schemes
- Custom HTML supports online editing, online preview, and allow reset to the default page.
- Web Services / SECURITY add Get Attack IP From
- Pro version supports Data Dashboard
- Improve Custom Rules
- URL, URL path add Does Not Equal, Does Not Contain
- BODY add Contain, Does Not Contain
Fix
- Clean Data supports more options.
- Optimize SQL injection detection logic to allow non-injection attacks.
- Make returning a built-in certificate when the site does not exist optional, to be compatible with IP certificate anomalies.
- Fix CAPTCHA occasionally fails to close properly.
- Fix modifying the SSL protocol under specific conditions does not take effect.
*Fix the frontend styles are incorrect when selecting multiple websites for custom rules.