Introduction
In my last post, I introduced SafeLine WAF and why I picked it over Cloudflare and ModSecurity. In this guide, Iβll walk you through how I actually run it in production β including config tips, real-world testing, and how I keep it updated.
Configuring Your First Protected Service
Through the web UI (https://your-ip:9443), I added my blog as the first protected app:
- Website Name: Personal Blog
- Domain: blog.mydomain.com
- Upstream: 192.168.1.100:3000
- Mode: Balanced
- SSL: Letβs Encrypt auto
SafeLine offers 3 protection modes:
- Monitor β logs attacks only (great for testing)
- Balanced β best mix of protection & low false positives
- Strict β maximum security, but more chance of blocking legit requests
SSL/TLS
No more SSL headaches. SafeLine terminates SSL itself:
- Auto handles Letβs Encrypt
- Supports custom certs
- Works with wildcard domains
Advanced Configs That Helped Me
- Protecting multiple apps: blog, API, Jellyfin
- Rate limiting to stop bots
- Custom rules (e.g., block sqlmap/nmap user agents)
- Whitelisting my admin IPs so I donβt lock myself out
Testing SafeLineβs Protection
I ran some basic attack payloads:
# SQL injection
curl "http://blog.mydomain.com/?id=1' OR '1'='1"
# XSS
curl "http://blog.mydomain.com/?q=<script>alert('xss')</script>"
# Path traversal
curl "http://blog.mydomain.com/../../etc/passwd"
β
All were blocked instantly
β
Legit traffic went through fine
Monitoring & Logs
- Real-time attack dashboard
- Geo maps of where traffic comes from
- Export logs for deeper analysis
For CLI folks:
# Detector logs
docker compose logs -f safeline-detector
# Web proxy logs
docker compose logs -f safeline-tengine
Updating & Backups
# Update SafeLine
cd /data/safeline
docker compose pull
docker compose up -d
# Backup configs
cp -r /data/safeline /backup/safeline-$(date +%Y%m%d)
Why Itβs Worth It
SafeLine gives me:
- Enterprise-grade protection for free
- No vendor lock-in
- Full control of my data
- Coverage for 10 apps in my homelab
If I had to rely on commercial WAFs, Iβd easily be spending \$50+/month for worse protection.
Conclusion
Running SafeLine has been one of the easiest wins in my homelab. Itβs lightweight, powerful, and keeps my web apps locked down without breaking stuff.
If you run any self-hosted apps, give it a shot β itβs honestly one of the best security tools you can add.
Join the SafeLine Community
If you continue to experience issues, feel free to contact SafeLine support for further assistance.
Top comments (0)