Part 1: Getting Started with SafeLine WAF – Environment Setup & Installation

SafeLine is an open-source Web Application Firewall (WAF) developed by Chaitin Tech. It acts like a security guard for your website, filtering out malicious traffic before it reaches your server. In this guide, I’ll walk you through how to deploy SafeLine on a Linux server using Docker – from environment checks to installation and configuration. Let’s get started! 🛠️

✅ Environment Check – What You Need Before Installing

Make sure your server meets these minimum requirements:

• OS: Linux (x86_64 architecture)
• Docker: version 20.10.14 or higher
• Docker Compose: version 2.0.0 or higher
• Resources: at least 1 CPU core, 1 GB RAM, 5 GB free disk space

Run these commands to check your setup:

uname -m                    # Check system architecture
docker version              # Check Docker version
docker compose version      # Check Docker Compose version
cat /proc/cpuinfo | grep processor  # CPU info
free -h                    # Memory info
df -h                      # Disk space
lscpu | grep ssse3         # Check CPU supports ssse3 instruction set

If Docker is not installed yet, please continue reading in Part 2 and scroll down to the Docker installation section. 👇

⚡ Installing SafeLine WAF

Recommended: One-Command Online Install

If your server has internet access, just run:

bash -c "$(curl -fsSLk https://waf-ce.chaitin.cn/release/latest/setup.sh)"

If you want to speed up downloads on Huawei Cloud, run:

CDN=1 bash -c "$(curl -fsSLk https://waf-ce.chaitin.cn/release/latest/setup.sh)"

To install the latest streaming detection mode, use:

STREAM=1 bash -c "$(curl -fsSLk https://waf-ce.chaitin.cn/release/latest/setup.sh)"

🔐 Logging Into SafeLine

1. Open your browser and visit: https://<waf-ip>:9443
2. Use the initial admin password printed in your terminal after installation.

Forgot the password? Reset it with:

docker exec safeline-mgt resetadmin

1. Follow the on-screen instructions to scan the QR code with a TOTP app (like Google Authenticator), then enter the generated code to log in.

🌐 Configuring Your Website

SafeLine works as a reverse proxy, just like Nginx. Your website traffic first hits SafeLine, which inspects and filters requests before forwarding them to your backend server.

🏗️ Deployment Scenarios (Overview)

In the next article, we will cover detailed deployment scenarios, including recommended and alternative setups, along with advanced protection features.

You’ve completed the environment check, installation, and login steps!

👉 Continue reading in Part 2: Deployment Scenarios & Advanced Protection with SafeLine WAF

🤝 Join Our Community

For any technical support, you can post the question directly on our forum: https://safepoint.cloud/discussion (Our technicians will receive a notification and reply shortly).
Or you can also post it in our Discord community: https://discord.gg/dy3JT7dkmY (We’ll check messages there every day)

📢 Notes

This article is originally written by the author and follows CC 4.0 BY-SA license. Please keep the original link and this statement when sharing.

Original link: https://blog.csdn.net/m0_74375496/article/details/140550745