Introduction
My website has been frequently targeted by vulnerability scans and attacks. Given my limited technical skills, I decided to install SafeLine, a WAF (Web Application Firewall), based on a friend’s recommendation. This article documents the installation process I followed. My setup involves multiple machines, with separate servers for my web application and WAF, so please bear with any issues that arise.
What is SafeLine?
SafeLine is a Docker-based WAF developed by Chaitin Technology. It leverages intelligent semantic analysis to effectively defend against various cyber threats. SafeLine is well-suited for protecting personal websites, thanks to its robust attack detection capabilities. You can find more information on the SafeLine Website.
Installation
1. CentOS
To install SafeLine on CentOS, use the following command:
bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
2. UOS (Unified Operating System)
I was testing compatibility with UOS, so I decided to deploy the WAF on a UOS Server. The installation worked smoothly, though setting up Docker requires a few extra steps.
First, create and edit the docker-ce.repo
file in /etc/yum.repos.d
:
vi /etc/yum.repos.d/docker-ce.repo
Add the following content and save the file:
[docker-ce-stable]
name=Docker CE Stable - 8Server
baseurl=https://download.docker.com/linux/centos/8Server/$basearch/stable
enabled=1
gpgcheck=0
gpgkey=https://download.docker.com/linux/centos/gpg
Next, run the following command to install Docker:
yum install docker-ce docker-ce-cli containerd.io docker-compose-plugin
Finally, execute the one-click installation script:
bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Conclusion
After a week of testing, I found that SafeLine effectively blocks malicious communications, including code injections and scanner attacks. The WAF runs smoothly on UOS and is both stable and frequently updated, making it an excellent choice for protecting personal websites.
WAF Demo:https://demo.waf.chaitin.com:9443
Top comments (0)