Introduction
Before we get into configuration, make sure SafeLine WAF is already installed on your server. If not, check out the official installation guide first. Once it’s set up, you’ll be ready to protect your site from a wide range of web attacks.
How SafeLine Protects Your Site
SafeLine is a Web Application Firewall (WAF) based on Nginx. It works as a reverse proxy for HTTP/HTTPS traffic:
- It receives all incoming requests for your website.
- Filters out suspicious or malicious traffic.
- Passes only clean requests to your backend server.
This means hackers hit the firewall, not your application.
Adding Your Website to SafeLine
Access the Web Admin Console
Log in and go to Applications. Click “ADD APPLICATIONS” in the top-right corner.-
Fill in Website Details
-
Domain: Your site’s domain or IP (e.g.,
www.example.com
). - Port: The listening port (80 for HTTP, 443 for HTTPS — check SSL for HTTPS).
- Upstream: The real server address that SafeLine should forward traffic to.
-
Domain: Your site’s domain or IP (e.g.,
- Update DNS Point your domain to the SafeLine server’s IP. From now on, all traffic flows through the WAF before reaching your website.
Testing Your Site’s Protection
Once your site is running behind SafeLine, you can simulate common attacks to verify protection. Replace example.com
with your own domain and try:
- SQL Injection
[https://example.com/?id=1+and+1=2+union+select+1](https://example.com/?id=1+and+1=2+union+select+1)
- Cross-Site Scripting (XSS)
[https://example.com/?id=](https://example.com/?id=)\<img+src=x+onerror=alert()>
- Path Traversal
[https://example.com/?id=../../../../etc/passwd](https://example.com/?id=../../../../etc/passwd)
- Code Injection
[https://example.com/?id=phpinfo();system('id](https://example.com/?id=phpinfo%28%29;system%28'id)')
- XXE (XML External Entity)
[https://example.com/?id=](https://example.com/?id=)<?xml+version="1.0"?><!DOCTYPE+foo+SYSTEM+"">
If SafeLine is configured properly, these requests should be blocked and replaced with a protection page.
Monitoring Attacks
To keep track of blocked attempts:
- Check the Admin Console The dashboard shows a list of recent blocked attacks.
- View Attack Details Click “detail” on any log entry to see the full payload and context of the intrusion attempt.
Conclusion
SafeLine doesn’t just sit quietly in the background — it actively shields your site from SQLi, XSS, path traversal, code injection, XXE, and more. With just a few steps, you can not only deploy it but also see in real-time how it defends your site.
Top comments (0)