DEV Community

Sharon
Sharon

Posted on

Beginner’s Playbook: Shield Your Site with SafeLine WAF

#cybersecurity #docker #devops #safeline

Introduction

My personal website has been a frequent target of vulnerability scans and random attack attempts. Since I don’t consider myself a security expert, I wanted a straightforward way to protect my site without spending weeks on complex configurations.

A friend recommended SafeLine WAF (Web Application Firewall), an open-source project from Chaitin Technology. I decided to give it a try and document the process here. My setup uses two separate servers—one for my web application and one for SafeLine—so if you’re running a similar architecture, this guide should help.

What is SafeLine?

SafeLine is a Docker-based WAF that uses semantic analysis to detect and block malicious traffic. Unlike rule-heavy firewalls, SafeLine’s detection engine is lightweight and effective, which makes it ideal for personal websites and small projects.

Installation

1. Installing on CentOS

If you’re on CentOS, installation is super simple. Just run:

bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/manager.sh)" -- --en
Enter fullscreen mode Exit fullscreen mode

That’s it—SafeLine will be up and running with a single command.

2. Installing on UOS (Unified Operating System)

For testing, I also tried deploying SafeLine on a UOS Server. The installation worked fine, but Docker required a few manual steps.

First, create and edit the Docker repo file:

vi /etc/yum.repos.d/docker-ce.repo
Enter fullscreen mode Exit fullscreen mode

Paste the following content and save:

[docker-ce-stable]
name=Docker CE Stable - 8Server
baseurl=https://download.docker.com/linux/centos/8Server/$basearch/stable
enabled=1
gpgcheck=0
gpgkey=https://download.docker.com/linux/centos/gpg
Enter fullscreen mode Exit fullscreen mode

Then, install Docker:

yum install docker-ce docker-ce-cli containerd.io docker-compose-plugin
Enter fullscreen mode Exit fullscreen mode

Finally, run the SafeLine one-click installer:

bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Enter fullscreen mode Exit fullscreen mode

Conclusion

After running SafeLine for a week, here’s my takeaway:

  • It successfully blocked scanner traffic and common injection attempts.
  • It runs smoothly on UOS with no performance issues.
  • Frequent updates and stability make it a solid choice for personal websites.

If you want to try it out yourself, there’s a live demo available here:
👉 SafeLine WAF Demo

Links

Top comments (0)