SafeLine is an open-source Web Application Firewall (WAF) that’s easy to deploy, highly effective, and trusted by developers to defend web services against modern attacks.
In version 7.1, SafeLine introduced a powerful new feature:
Custom NGINX configuration for site-specific location blocks.
This enhancement gives users fine-grained control over NGINX behavior per site.
If you're wondering how to use it, you're in the right place.
What Is a location Block in NGINX?
In NGINX, location blocks are used to match incoming request URIs and apply specific rules — such as routing, proxying, security, or caching.
For example:
location /api/users {
proxy_pass http://backend_service;
}
This tells NGINX how to handle requests to /api/users — in this case, by forwarding them to a backend.
What Can You Do in a location Block?
A lot. Here's a quick rundown of what kinds of directives you can now include using SafeLine's custom NGINX config field:
Reverse Proxy & Routing
location /api/ {
proxy_pass http://backend_server;
}
-
proxy_pass: Forward requests to backend services -
root/alias: Serve static content -
rewrite: Change URL paths on the fly -
return: Send quick custom responses
Logic & Fallbacks
location / {
try_files $uri $uri/ /index.html;
}
-
try_files: Try multiple paths before failing -
index: Set default index files -
internal: Restrict location to internal use only
Access Control & Security
location /admin/ {
allow 192.168.0.0/16;
deny all;
}
-
auth_basic: Password-protect a path -
allow/deny: Restrict access by IP -
limit_conn/limit_req: Rate limiting
Caching & Performance
location / {
proxy_cache my_cache;
proxy_cache_valid 200 10m;
}
-
expires: Set browser cache duration -
proxy_cache: Cache reverse proxy responses -
proxy_buffering,proxy_read_timeout: Tune backend performance
Logging & Monitoring
location /admin/ {
access_log /var/log/nginx/admin_access.log;
error_log /var/log/nginx/admin_error.log warn;
}
-
access_log: Log specific requests -
error_log: Track errors by location -
stub_status: Enable NGINX status page
Custom Headers & Compression
location / {
add_header X-Frame-Options "DENY";
gzip on;
gzip_types text/html application/json;
}
-
add_header: Add or override HTTP headers -
gzip: Enable compression
How to Use Custom NGINX Config in SafeLine
- Go to SafeLine Console > Applications > Site Details > Advanced
- Find the new "Custom NGINX Configuration" section
- Add any valid NGINX
locationdirectives - SafeLine will inject these into the site's configuration at runtime
Pro Tip: Test your config locally in NGINX if you're unsure — SafeLine respects standard NGINX behavior.
Why It Matters
With this update, SafeLine gives users the power of fine-grained NGINX tuning without leaving the WAF dashboard.
You can now:
- Customize reverse proxy behavior
- Add rate limiting per endpoint
- Serve static files or error pages
- Apply additional security headers
- And much more
All within the SafeLine UI, with full transparency and control.
Learn More & Get Involved
SafeLine 7.1 just made your NGINX setup a whole lot more powerful — and more developer-friendly too.
Top comments (0)