How to Set Up Free Reverse Proxy with High-Security Protection

Lulu - Sep 5 - - Dev Community

If you're familiar with using Nginx Proxy Manager (NPM) to reverse proxy services to your domain, you'll love SafeLine. SafeLine is more than just a reverse proxy tool—it's a powerful web application firewall (WAF) that not only proxies your traffic but also defends your site by blocking malicious attacks. Think of it as a reverse proxy combined with advanced DDoS protection.

SafeLine dashboard:

Image description

Image description

SafeLine Official Website: https://waf.chaitin.com


Installation Guide

There are two main methods to install SafeLine WAF. I recommend using the command-line method for ease of use.

Method 1: Command Line Installation (Recommended)

Run this single command to install SafeLine on your server:

bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Enter fullscreen mode Exit fullscreen mode

Method 2: Manual Deployment

If you prefer a manual setup, refer to the official documentation:

SafeLine Installation Guide

Once SafeLine is installed, you'll receive your initial login credentials automatically:

[SafeLine] Initial username: admin  
[SafeLine] Initial password: **********
[SafeLine] Done
Enter fullscreen mode Exit fullscreen mode

Accessing the Dashboard

To access the management page, open your browser and navigate to:

https://<your-ip>:9443. For example:https://192.168.10.1:9443

Image description

Log in with the default credentials generated during installation. If you forget your password, you can reset it by running this command:

docker exec safeline-mgt resetadmin
Enter fullscreen mode Exit fullscreen mode

Configuring Your Site

SafeLine Community Edition primarily functions as a reverse proxy, similar to Nginx. All traffic to your website will first pass through SafeLine, where it is inspected and filtered before being forwarded to your actual web server.

Here’s a step-by-step guide:

  1. Domain: Enter the domain you want to protect.
  2. Upstream Server: Input the IP and port of your website server. For instance, if your server is at 192.168.10.1:8989 and hosts your blog, configure the domain (e.g., www.zhiyin6.top) to point to the SafeLine server's IP. You can set the port to 80 for HTTP or 443 for HTTPS.

Image description

After configuration, your website traffic will be routed through SafeLine, providing enhanced protection.


Testing the Protection

You can manually or automatically test the protection to ensure SafeLine is filtering attacks. Here are a couple of ways to simulate common attacks:

  • SQL Injection Simulation:

    Visit the following URL to simulate an SQL injection attack:

    http://<IP-or-domain>:<port>/?id=1%20AND%201=1

  • XSS (Cross-Site Scripting) Simulation:

    Test XSS attacks by visiting this URL:

    http://<IP-or-domain>:<port>/?html=<script>

Open the URLs in your browser, and you’ll see that SafeLine detects and blocks the attack attempts, keeping your site safe.

Image description


By using SafeLine, you're not just reverse proxying traffic—you’re adding an extra layer of defense against SQL injection, XSS, and other malicious attacks. Give it a try and see how this powerful WAF can protect your site!

SafeLine is open-source and free to use. Explore its GitHub repository here: https://github.com/chaitin/SafeLine

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .