CodeNewbie Community 🌱

Sharon428931
Sharon428931

Posted on

Secure Your Web Traffic with SafeLine: A Hands-On Setup Guide

SafeLine WAF (Web Application Firewall) is a powerful, open-source tool for securing your web applications against various types of attacks. In this guide, we’ll walk through how to log in to SafeLine, explore multiple deployment methods, and perform basic security testing.


1. Logging Into SafeLine

To access the SafeLine dashboard, open your browser and visit:

https://<waf-ip>:9443
Enter fullscreen mode Exit fullscreen mode

Image description

Make sure your browser allows self-signed certificates if you're running a local or test deployment.


2. SafeLine Deployment Methods

SafeLine supports multiple deployment strategies to suit different infrastructures. Below are three common setups.


2.1 Deploying SafeLine on a Separate Device

This is the recommended approach. Deploy SafeLine on a dedicated machine and route all web traffic through it to filter out malicious requests before they reach your web server.

Steps:

  1. Point your domain (via DNS) to SafeLine’s IP.
  2. Block direct access to the origin web server using firewall rules or private networks.

Example Setup:

  • SafeLine IP: 192.168.65.8 (www.waf.ct)
  • Web Server IP: 192.168.65.4 (www.server.ct)

Image description

Nginx Configuration (SafeLine):

upstream backend_monitor_servers {
    server 192.168.65.4:80;
}

server {
    listen 81;
    server_name www.waf.ct;

    location / {
        limit_req zone=five burst=10;
        proxy_pass http://backend_monitor_servers;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header Host $host;
        add_header Strict-Transport-Security "max-age=31536000";
    }

    access_log /data/log/nginx/access.log;
    error_log /data/log/nginx/error.log;
}
Enter fullscreen mode Exit fullscreen mode

Image description

Test It:

You can simulate an SQL injection attempt to test SafeLine's detection:

curl -v "http://www.waf.ct?id=1'union select * from dps"
Enter fullscreen mode Exit fullscreen mode

Image description


2.2 Deploying SafeLine on the Same Machine (Not Recommended)

While possible, running SafeLine on the same host as your web server is not ideal due to potential resource conflicts and operational risks.

Steps:

  1. Change your web server to listen on a non-standard port (e.g., 8080).
  2. Let SafeLine listen on ports 80 and 443 to act as the frontend.
  3. Restrict direct access to your web server to localhost.

Example:

  1. Web app listens on port 8080

Image description

  1. SafeLine listens on port 80 and 443, and proxies traffic to your web server.

Image description

Test:

Run the following command to test the configuration:

curl -H "Host: <domain>" http://<SafeLine IP>:<SafeLine lisenting port>
Enter fullscreen mode Exit fullscreen mode

For example:

curl -H "Host: 192.168.65.8" http://192.168.65.8:80
Enter fullscreen mode Exit fullscreen mode

If your web app responds and the "Today's Visit Count" metric increases in the dashboard, the setup is successful.


2.3 Deploying SafeLine with Other Reverse Proxies

You can also integrate SafeLine as part of a multi-proxy chain. In this case, SafeLine sits between your upstream proxy/load balancer and the backend server.

Configuration Tip:

  • Just configure SafeLine to receive traffic from the previous proxy and set the "Upstream Server" to the next hop IP or domain.

Image description


Conclusion

SafeLine offers flexible deployment options to match your infrastructure, including:

  • Dedicated standalone mode
  • Inline on the same host (for testing)
  • Alongside other reverse proxy systems

No matter your architecture, SafeLine can help protect your applications from real-world attacks. Choose the setup that fits your environment best β€” and start securing your traffic today.


Join SafeLine Community

Top comments (0)