Part 2: SafeLine WAF Deployment Scenarios & Advanced Protection

Welcome back! In Part 1, we covered environment setup, installation, and logging into SafeLine. Now, let's explore how to deploy SafeLine in different scenarios and enable advanced protection.

---

🏗️ Deployment Scenarios

1. Deploy SafeLine on a Separate Server (Recommended)

• Website server IP: IPA (listening on port 80, domain example.com)
• SafeLine server IP: IPB

Steps:

1. Point your domain DNS to IPB (SafeLine server).
2. Configure SafeLine according to the provided settings.
3. On your website server, block all access except from SafeLine (e.g., firewall rules).

Verify success:
If visiting http://example.com:80 loads your site and SafeLine’s dashboard shows “Today’s Requests” increasing, you’re all set! 🎉

---

2. Deploy SafeLine on the Website Server (Not Recommended)

Why not recommended?
This setup increases server load, raises downtime risk, and makes troubleshooting harder.

• Website server IP: IPA, port 80, domain example.com

Steps:

1. Change your website's listening port to a different port (e.g., port A), so that port 80 becomes free and unused.
2. Configure SafeLine to listen on port 80 and proxy incoming requests to your website on port A.

Verify success:
Same as above.

---

3. Deploy SafeLine Alongside Other Reverse Proxy Devices

SafeLine can be inserted anywhere in your traffic chain.

• Website server IP: IPA
• SafeLine server IP: IPB
• Upstream proxy IP: IPC, port C
• Downstream server IP: IPD, domain example.com

Steps:

1. Point downstream proxy traffic to SafeLine at IPC:80.
2. Set SafeLine’s upstream server to IPC:C.

Verify success:
Same as above.

---

🛡️ Advanced Protection

The new version adds advanced protection configuration per individual site, allowing you to apply extra defense settings on a per-site basis.

Note: Custom rules are not affected by the current global switches.

---

Human Verification

Click to enable human verification (CAPTCHA) for the specific site.

Identity Authentication

Click to add an extra identity authentication rule for the current site.

---

You’ve now learned how to deploy SafeLine WAF in various scenarios and enabled advanced protection features to secure your web applications.

In the final part, we will guide you through testing your WAF’s effectiveness, installing Docker on CentOS if needed, and troubleshooting common issues to ensure your deployment runs smoothly.

👉 Ready to complete your setup?
Continue with Part 3: SafeLine WAF – Testing, Docker Setup & Troubleshooting Guide.

---

🤝 Join Our Community

For any technical support, you can post the question directly on our forum: https://safepoint.cloud/discussion (Our technicians will receive a notification and reply shortly).
Or you can also post it in our Discord community: https://discord.gg/dy3JT7dkmY (We’ll check messages there every day)

---

📢 Notes

This article is originally written by the author and follows CC 4.0 BY-SA license. Please keep the original link and this statement when sharing.

Original link: https://blog.csdn.net/m0_74375496/article/details/140550745