SafeLine is a WAF (Web Application Firewall) developed by Chaitin Tech over nearly 10 years, with its core detection capabilities powered by intelligent semantic analysis algorithms.
Online Installation of SafeLine
Before proceeding with any operations, ensure that your system meets the following requirements:
Minimum Configuration Requirements
Operating System: Linux
Instruction Set Architecture: x86_64
Software Dependencies:
Docker version 20.10.14 or above
Docker Compose version 2.0.0 or above
Minimal Environment: 1 Core CPU / 1 GB RAM / 5 GB Disk
You can execute the following commands line by line to verify your server configuration:
uname -m # View instruction set architecture
docker version # View Docker version
docker compose version # View Docker Compose version
docker-compose version # View Docker Compose version (old version)
cat /proc/cpuinfo | grep "processor" # View CPU information
free -h # View memory information
df -h # View disk information
lscpu | grep ssse3 # Check if the CPU supports the SSSE3 instruction set
Installing Docker Engine on Ubuntu
Official documentation: https://docs.docker.com/engine/install/ubuntu/
● Uninstall conflicting packages:
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
● Configuring the Docker APT Repository
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
● Install the Latest Docker and Compose Plugins
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Installing SafeLine Community Edition
To install SafeLine online, you can run the following commands:
bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
● Set Up SafeLine Installation Directory
● After the installation is complete, you will see the username, password, and SafeLine backend address output in the terminal.
Logging into SafeLine
If you forget your password, you need to manually execute the reset command to obtain the initial password.
docker exec safeline-mgt resetadmin
Access the backend management page via your browser
Configure Sites and Test
1. Use WebGoat as a Test Site
To evaluate the effectiveness of SafeLine, we use WebGoat as the testing platform. WebGoat is a security education tool specifically designed to demonstrate and learn about web application security vulnerabilities.
You can find WebGoat here: https://github.com/WebGoat/WebGoat
docker run --name webgoat -d -p 8080:8080 -p 9090:9090 webgoat/webgoat
Access http://WebGoat:8080/WebGoat/login via your browser and register an account.
2. Add a Protected Site
Add the WebGoat URL as the protection target.
Add local domain name resolution on both SafeLine and your local machine.
● Linux Local Domain Resolution File: /etc/hosts
● Windows Local Domain Resolution File: C:\Windows\System32\drivers\etc\hosts
3. Test
Access the SafeLine protected site: http://www.test-waf.org/WebGoat/login
Select the SQL Injection module in WebGoat, attempt to execute modified SQL queries, and observe SafeLine's response.
Attempt to run this SQL query
SELECT department FROM employees WHERE first_name='Bob' AND last_name='Franco'
After executing the SQL attack, SafeLine will immediately intercept and log this activity, demonstrating its robust protection capabilities.
Top comments (0)