SafeLine's FAQ Part 3: Login and Configuration Issues

Login Issues

Forgot Admin Account Password

To reset the admin account password, run the following command:

docker exec safeline-mgt resetadmin

Dynamic Password Error

Time Inconsistency

SafeLine Community Edition uses the TOTP algorithm for dynamic password authentication, which is time-sensitive. Incorrect device times can lead to errors in dynamic password calculation.

1. Check that your phone (or other TOTP device) has the correct time, including the time zone.
2. Ensure that the SafeLine server's time is accurate.

Password Has Expired

TOTP dynamic passwords are valid for only 30 seconds. If authentication fails, wait for the dynamic password to refresh and try again.

Other Issues

Ensure the container is running normally. If you’ve reset the password, try logging in again.

Rebind Dynamic Password

To rebind the dynamic password, log in to the server, open a terminal, and execute the following command. Then, access the SafeLine page to complete the rebind.

docker exec safeline-mgt resettotp

Configuration Issues

No Interception Records After Configuration

Verify that the access requests are actually passing through SafeLine.

Website Unreachable After Configuration

If the website becomes inaccessible after configuration, consider the following potential issues:

1. Incorrect Site Configuration: Ensure IP addresses and ports are correct, and check for conflicts.
2. Network Connectivity: Make sure the network between SafeLine and the configured site is functioning properly.
3. Port Accessibility: Confirm that the site ports configured in SafeLine are open and accessible.
4. Conflicting Configurations: Review any conflicting settings that might render the new configurations ineffective.

5. SafeLine Status: Check that SafeLine is operating correctly by examining the container status with:
   

   docker ps
   

   Note: You can also refer to the logs of both the safeline-mgt and safeline-tengine containers for additional troubleshooting.

Testing Returns "400 Request Header Or Cookie Too Large" After Configuration

Check if a loop is occurring where SafeLine forwards requests to the upstream server, which then forwards them back to SafeLine. After adjusting the configuration, test again.

"404 Not Found" from WAF After Configuration

Use a packet sniffer to compare requests that pass through the WAF with those that don’t. Check if the forwarding content handled by SafeLine's reverse proxy has changed.

If the server has strict request validation, you may need to manually modify SafeLine's Nginx configuration. Refer to the section on customizing Nginx below.

Note: Operations performed through the SafeLine interface might overwrite or reset some custom configurations.