This guide walks you through how to configure and protect a web application using SafeLine WAF.
Prerequisite
Make sure SafeLine is already installed and running.
If not, check out the installation guide first.
How SafeLine Works
SafeLine is a web application firewall (WAF) built on Nginx.
It works as an HTTP/HTTPS reverse proxy, sitting in front of your app to inspect and filter incoming traffic.
All traffic goes through SafeLine first. It blocks malicious requests and only forwards clean traffic to your backend.
Proxy an Application with SafeLine
- Log in to the SafeLine Admin Console.
- Go to Applications → Applications.
- Click Add Application.
- Fill in your app details:
-
Domain: Your app’s domain name or IP (e.g.
www.chaitin.com) - Port: The port SafeLine should listen on (e.g. 80 or 443) For HTTPS, check the SSL option.
- Upstream: The actual address (IP or domain) of your backend app
Once saved, update your DNS to point your domain to the SafeLine server's IP.
Now you can access your app through the domain — fully protected by SafeLine.
Simulate Web Attacks
To verify that SafeLine is working, try simulating some common attacks.
If your app is protected by SafeLine, test it with URLs like these (replace with your own domain):
SQL Injection
https://yourdomain.com/?id=1+and+1=2+union+select+1XSS
https://yourdomain.com/?id=<img+src=x+onerror=alert()>Path Traversal
https://yourdomain.com/?id=../../../../etc/passwdCode Injection
https://yourdomain.com/?id=phpinfo();system('id')XXE
https://yourdomain.com/?id=<?xml+version="1.0"?><!DOCTYPE+foo+SYSTEM+"">
If the attack is detected, SafeLine will block it and show an interception page:
View Attack Logs in the Console
- Go to the Logs tab in the Admin Console.
- You’ll see a list of blocked or detected attacks:
- Click Detail to view full info about any attack:
Join Our Community
Need help? Reach out anytime:
- Discussion Forum — Our tech team monitors and responds promptly
- Discord — Chat with the team and other users
Top comments (0)