How to Fortify and Safely Test Your Website Against Hackers

lulu_liu_c90f973e2f954d7f

Lulu

Posted on August 13, 2024

How to Fortify and Safely Test Your Website Against Hackers

Configuring SafeLine for Website Protection

Introduction

Before diving into the configuration, ensure that SafeLine is properly installed on your server. If you haven't installed it yet, please refer to the Install SafeLine Documentation for detailed instructions.

Protecting Your Website

How SafeLine Works

SafeLine is a web application firewall (WAF) built on Nginx, designed to safeguard your website against various network attacks. It operates as an HTTP/HTTPS reverse proxy, receiving incoming traffic meant for your website, filtering out malicious requests, and forwarding only clean, reliable traffic to your server.

Image description

Setting Up a Website Proxy in SafeLine

1.Access SafeLine Web Admin Console:

Log in to the SafeLine Web Admin Console. Navigate to the "Web Services" -> "Web Services" page and click on the "ADD WEB SERVICES" button located in the upper right corner.

Image description

2.Enter Website Information:

In the dialog box that appears, fill in the details of your original website:

Image description

  • Domain: Enter the domain, hostname, or IP address of your website (e.g., www.chaitin.com).
  • Port: Specify the port that SafeLine will listen to, such as 80 or 443. (For HTTPS websites, make sure to check the SSL option.)
  • Upstream: Enter the real address of your original website, which SafeLine will use to forward traffic.

3.Domain Resolution:

After completing the above settings, update your DNS records to point the domain to the IP address of the server where SafeLine is installed.

Now, you can access your website protected by SafeLine using the domain.

Image description

Testing SafeLine's Protection

With your website now under SafeLine's protection, it's time to test its defenses against common web attacks. Replace chaitin.com with your website's domain name in the following test cases and try to access them:

  • SQL Injection:
    https://chaitin.com/?id=1+and+1=2+union+select+1

  • XSS (Cross-Site Scripting):
    https://chaitin.com/?id=<img+src=x+onerror=alert()>

  • Path Traversal:
    https://chaitin.com/?id=../../../../etc/passwd

  • Code Injection:
    https://chaitin.com/?id=phpinfo();system('id')

  • XXE (XML External Entity):
    https://chaitin.com/?id=<?xml+version="1.0"?><!DOCTYPE+foo+SYSTEM+"">

If SafeLine is working correctly, you should see a blocking page like this when accessing these URLs.

Image description

Monitoring and Reviewing Attacks

To view details of the attacks that SafeLine has blocked:

1.Check the Web Console:
Go to the SafeLine Web Admin Console to see the list of detected and blocked attacks.
Image description

2.View Attack Details:
Click on "detail" next to any attack to see specific information about the attempted intrusion.
Image description

Website:https://waf.chaitin.com
Come and try it out now!

💖 💪 🙅 🚩
lulu_liu_c90f973e2f954d7f
Lulu

Posted on August 13, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related