WAF 是 Web Application Firewall 的缩写，也被称为 Web 应用防火墙。区别于传统防火墙，WAF 工作在应用层，对基于 HTTP/HTTPS 协议的 Web 系统有着更好的防护效果，使其免于受到黑客的攻击。

WAF is short for Web Application Firewall, also known as Web Application Firewall. Unlike traditional firewalls, WAFs work at the application layer and have better protection against web systems based on HTTP/HTTPS protocols from hackers.

雷池 WAF Thunder Pool WAF

长亭科技研发的雷池，可为网站通过检测、智能语义分析，访问频率进行攻击拦截，还可通过 威胁情报库进行IP拦截。

The thunder pool developed by Changting Technology can block websites through detection, intelligent semantic analysis, access frequency, and IP interception through threat intelligence database.

官网（official website）: 长亭雷池 WAF 社区版 (chaitin.cn)

介绍(Introduce the official website)：长亭科技 - 下一代应用安全领导者 (chaitin.cn)

GitHub:  GitHub - chaitin/SafeLine: 一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术，作为反向代理接入，保护你的网站不受黑客攻击。

安装便捷、使用简单 Easy to install and use

安装只需要一条命令，界面情形脱俗，安全配置开箱即用，易用性高。

Installation requires only one command, the interface is out of the ordinary, the security configuration is out of the box, and the ease of use is high.

业界领先的安全防护能力 Industry-leading security

攻击检测使用了业界首创的智能语义分析算法，同时还具备威胁情报、动态限频、智能建模等多种高级防护模式。

Attack detection uses the industry's first intelligent semantic analysis algorithm, and also has a variety of advanced protection modes such as threat intelligence, dynamic frequency limiting, and intelligent modeling.

性能卓越 Excellent performance

单核轻松支撑 2000+ TPS 流量，平均请求检测延迟在 1 毫秒级别，只要硬件足够强，可支撑的流量规模无上限。

A single core can easily support 2000+ TPS traffic, and the average request detection latency is at the level of 1 millisecond, as long as the hardware is strong enough, the scale of traffic that can be supported is unlimited.

核心能力 Core competencies

1.Web 攻击防护 1. Web Attack Protection

雷池 Web 攻击检测能力由智能语义分析算法驱动，具备对 OWASP Top 10 攻击的防护能力，也具备对 Web 攻击的泛化识别能力，可对抗绝大部分特征不明确的 0Day 攻击。

Leichi's web attack detection capability is driven by intelligent semantic analysis algorithms, which has the ability to protect against OWASP Top 10 attacks and generalize and identify web attacks, which can combat most of the 0-day attacks with unclear characteristics.

2.Web 访问控制 2. Web Access Control

雷池允许使用者根据 HTTP 请求特征来设置条件实现黑白名单方式的访问控制。

Leichi allows users to set conditions based on HTTP request characteristics to implement access control in the blacklist and whitelist mode.

3.防 CC 3. Anti-CC

雷池通过高频访问封禁和高频攻击封禁能力，可实现访问频率控制以对抗 CC 攻击。

Thunder Pool enables access frequency control to combat CC attacks through high-frequency access blocking and high-frequency attack blocking capabilities.

5.网站资源识别 5. Website Resource Identification

雷池集成了基于流量的资源自动识别能力，对流量进行精确画像，自动梳理 API 格式，可用于 API 管理和 API 防护。

Leichi integrates the automatic identification of traffic-based resources, accurately profiles traffic, and automatically sorts out API formats, which can be used for API management and API protection.