If you're familiar with using Nginx Proxy Manager (NPM) to reverse proxy services to your domain, you'll love SafeLine. SafeLine is more than just a reverse proxy tool—it's a powerful web application firewall (WAF) that not only proxies your traffic but also defends your site by blocking malicious attacks. Think of it as a reverse proxy combined with advanced DDoS protection.
SafeLine dashboard:
SafeLine Official Website: https://waf.chaitin.com
Installation Guide
There are two main methods to install SafeLine WAF. I recommend using the command-line method for ease of use.
Method 1: Command Line Installation (Recommended)
Run this single command to install SafeLine on your server:
bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Method 2: Manual Deployment
If you prefer a manual setup, refer to the official documentation:
SafeLine Installation Guide
Once SafeLine is installed, you'll receive your initial login credentials automatically:
[SafeLine] Initial username: admin
[SafeLine] Initial password: **********
[SafeLine] Done
Accessing the Dashboard
To access the management page, open your browser and navigate to:
https://<your-ip>:9443
. For example:https://192.168.10.1:9443
Log in with the default credentials generated during installation. If you forget your password, you can reset it by running this command:
docker exec safeline-mgt resetadmin
Configuring Your Site
SafeLine Community Edition primarily functions as a reverse proxy, similar to Nginx. All traffic to your website will first pass through SafeLine, where it is inspected and filtered before being forwarded to your actual web server.
Here’s a step-by-step guide:
- Domain: Enter the domain you want to protect.
-
Upstream Server: Input the IP and port of your website server.
For instance, if your server is at
192.168.10.1:8989
and hosts your blog, configure the domain (e.g.,www.zhiyin6.top
) to point to the SafeLine server's IP. You can set the port to80
for HTTP or443
for HTTPS.
After configuration, your website traffic will be routed through SafeLine, providing enhanced protection.
Testing the Protection
You can manually or automatically test the protection to ensure SafeLine is filtering attacks. Here are a couple of ways to simulate common attacks:
SQL Injection Simulation:
Visit the following URL to simulate an SQL injection attack:
http://<IP-or-domain>:<port>/?id=1%20AND%201=1
XSS (Cross-Site Scripting) Simulation:
Test XSS attacks by visiting this URL:
http://<IP-or-domain>:<port>/?html=<script>
Open the URLs in your browser, and you’ll see that SafeLine detects and blocks the attack attempts, keeping your site safe.
By using SafeLine, you're not just reverse proxying traffic—you’re adding an extra layer of defense against SQL injection, XSS, and other malicious attacks. Give it a try and see how this powerful WAF can protect your site!
SafeLine is open-source and free to use. Explore its GitHub repository here: https://github.com/chaitin/SafeLine