Configuring SafeLine for Website Protection
Introduction
Before diving into the configuration, ensure that SafeLine is properly installed on your server. If you haven't installed it yet, please refer to the Install SafeLine Documentation for detailed instructions.
Protecting Your Website
How SafeLine Works
SafeLine is a web application firewall (WAF) built on Nginx, designed to safeguard your website against various network attacks. It operates as an HTTP/HTTPS reverse proxy, receiving incoming traffic meant for your website, filtering out malicious requests, and forwarding only clean, reliable traffic to your server.
Setting Up a Website Proxy in SafeLine
1.Access SafeLine Web Admin Console:
Log in to the SafeLine Web Admin Console. Navigate to the "Web Services" -> "Web Services" page and click on the "ADD WEB SERVICES" button located in the upper right corner.
2.Enter Website Information:
In the dialog box that appears, fill in the details of your original website:
- Domain: Enter the domain, hostname, or IP address of your website (e.g., www.chaitin.com).
- Port: Specify the port that SafeLine will listen to, such as 80 or 443. (For HTTPS websites, make sure to check the SSL option.)
- Upstream: Enter the real address of your original website, which SafeLine will use to forward traffic.
3.Domain Resolution:
After completing the above settings, update your DNS records to point the domain to the IP address of the server where SafeLine is installed.
Now, you can access your website protected by SafeLine using the domain.
Testing SafeLine's Protection
With your website now under SafeLine's protection, it's time to test its defenses against common web attacks. Replace chaitin.com
with your website's domain name in the following test cases and try to access them:
SQL Injection:
https://chaitin.com/?id=1+and+1=2+union+select+1
XSS (Cross-Site Scripting):
https://chaitin.com/?id=<img+src=x+onerror=alert()>
Path Traversal:
https://chaitin.com/?id=../../../../etc/passwd
Code Injection:
https://chaitin.com/?id=phpinfo();system('id')
XXE (XML External Entity):
https://chaitin.com/?id=<?xml+version="1.0"?><!DOCTYPE+foo+SYSTEM+"">
If SafeLine is working correctly, you should see a blocking page like this when accessing these URLs.
Monitoring and Reviewing Attacks
To view details of the attacks that SafeLine has blocked:
1.Check the Web Console:
Go to the SafeLine Web Admin Console to see the list of detected and blocked attacks.
2.View Attack Details:
Click on "detail" next to any attack to see specific information about the attempted intrusion.
Website:https://waf.chaitin.com
Come and try it out now!
Top comments (0)