Carrie

Posted on Sep 24

How to Deploy SafeLine WAF on Ubuntu

#cybersecurity #webdev

Installing Docker Environment

Update Software Packages

sudo apt update

Install Docker

sudo apt-get install docker.io
docker -v

Install Docker Compose V2

To install Compose V2 for the active user under the $HOME directory, follow these steps:

Docker Compose V2 Installation Official Guide

1.Set up Docker Config Directory

   DOCKER_CONFIG=${DOCKER_CONFIG:-$HOME/.docker}
   mkdir -p $DOCKER_CONFIG/cli-plugins

2.Download Docker Compose V2

   curl -SL https://github.com/docker/compose/releases/download/v2.23.0/docker-compose-linux-x86_64 -o $DOCKER_CONFIG/cli-plugins/docker-compose

If the download is too slow, you can download the file separately and upload it to your server, then move it to /root/.docker/cli-plugins and name it docker-compose to skip the above command.

   mv docker-compose-linux-x86_64 /root/.docker/cli-plugins/docker-compose

Grant Execute Permission

chmod +x $DOCKER_CONFIG/cli-plugins/docker-compose

Verify Installation

docker compose version

Installing SafeLine

System Requirements

Operating System: Linux
Architecture: x86_64
Software Dependencies:
- Docker 20.10.14 or higher
- Docker Compose 2.0.0 or higher
Minimal Environment:
- 1 CPU Core
- 1 GB RAM
- 5 GB Disk Space

Environment Confirmation Commands

uname -m                 # Check architecture
docker version           # Check Docker version
docker compose version   # Check Docker Compose version
docker-compose version   # Check Docker Compose (legacy)
cat /proc/cpuinfo        # Check CPU info
cat /proc/meminfo        # Check memory info
df -h                    # Check disk space
lscpu | grep ssse3       # Check if CPU supports ssse3 instruction set

Online Installation

bash -c "$(curl -fsSLk https://waf-ce.chaitin.cn/release/latest/setup.sh)"

Logging into SafeLine

1.Access port 9443.
2.Download the Tencent Authenticator for login.

Configuring Protection Sites

1.After adding a site, execute the following command on the client to ensure it receives a response from the business website and the site's "Today's Visits" increases, indicating a successful configuration:

   curl -H "Host: <domain>" http://<SafeLine IP>:<SafeLine Listening Port>

2.Only allow access from the IP where SafeLine is deployed.

Manual Testing

Test the target website for vulnerabilities such as SQL injection and XSS. If the protection interface appears, it indicates successful protection.

Simulate SQL Injection

http://<IP or Domain>:<Port>/?id=1%20AND%201=1

Simulate XSS

http://<IP or Domain>:<Port>/?html=

Official Documentation

For more detailed information, refer to the official documentation guidelines of SafeLine Community Edition.

Github:https://github.com/chaitin/SafeLine
Discord:https://discord.gg/wVyX7vDE

DEV Community