SafeLine WAF: Step-by-Step Guide to Secure Your Web Environment

carrie_luo1

Carrie

Posted on October 9, 2024

SafeLine WAF: Step-by-Step Guide to Secure Your Web Environment

Online Installation (Recommended!!!)

If your server has internet access, we recommend this installation method. Just copy and run the following command:

bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Enter fullscreen mode Exit fullscreen mode

See the official documentation for additional installation details.

Log in

  1. Open the management page in your browser: https://:9443.
  2. Enter the initial admin password, which will be displayed automatically in the shell after installation.

Image description

If you forget the password, you can reset it manually with this command:

docker exec safeline-mgt resetadmin
Enter fullscreen mode Exit fullscreen mode

Configuring Your Site

Domain: domain name of your original website, or hostname, or ip address, for example: www.chaitin.com
Port: port that SafeLine will listen, such as 80 or 443. (for https websites, please check the SSL option)
Upstream: real address of your original website, through which SafeLine will forward traffic to it

1. Configuring SafeLine on a Dedicated Server (Recommended!!!)

Environment:
Web Server: IPA, port 80, domain ‘example.com’
SafeLine Server: IPB

Steps:

  1. Redirect the original website traffic to SafeLine’s IPB (this is required). For example, modify the DNS to point the domain to IPB.
  2. Refer to the configuration below.
  3. Block access to the web server except through SafeLine. You can achieve this by setting up a firewall.

Image description

If you can access your website at example.com:80 and the "Requests" count increases on the statistics page, the configuration was successful.

2. Configuring SafeLine on the Web Server (Not Recommended)

Note: This is not recommended as it increases the load on a single server, making it more prone to downtime and making upgrades and troubleshooting more difficult.

Environment:

  • 1. Web Server: IPA, port 80, domain ‘example.com’ Steps:
  • 2. Change the original website’s listening port to another port, freeing up port 80 for configuration.
  • 3. Refer to the configuration below.

Image description

If you can access your website at example.com:80 and the "Requests" count increases on the statistics page, the configuration was successful.

3. Configuring SafeLine with Other Reverse Proxy Devices

SafeLine can act as a reverse proxy and can be placed anywhere in the main traffic flow.
Point the traffic at the connection point to SafeLine and enter the next-hop server address in the "Upstream" field in SafeLine.

Environment:

Web Server: IPA
SafeLine Server: IPB
Upstream Server: IPC, port C
Downstream Server:IPD, domain ‘example.com’
Steps:

  1. Redirect the downstream Nginx traffic to SafeLine’s IPC and set the port to 80.
  2. Refer to the configuration below.

Image description

If you can access your website at example.com:80 and the "Requests" count increases on the statistics page, the configuration was successful.

Confirming Website Accessibility

Use the parameters you configured in SafeLine to access your site. Open your browser and go to http://<IP or domain>:<port>/.

  • The default protocol is http; check ssl for https.
  • The hostname can be SafeLine’s IP or your website’s domain (make sure the domain is resolved to SafeLine).
  • The port is the one you configured on the SafeLine page.

Simulating Attacks Manually

Simulate attacks by visiting the following URLs:

Simulate SQL Injection: http://<IP or domain>:<port>/?id=1%20AND%201=1
Simulate XSS: http://<IP or domain>:<port>/?html=<script>alert(1)</script>
In your browser, you will see that SafeLine has detected and blocked the attack requests.

💖 💪 🙅 🚩
carrie_luo1
Carrie

Posted on October 9, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related