Web Application Firewalls (WAFs) have become an essential security tool for protecting websites and online applications from malicious attacks. SafeLine WAF is a self-hosted solution that provides robust security while giving users full control over their deployment.
Why Use SafeLine WAF?
Web applications are constantly targeted by attackers using methods such as SQL injection, XSS (Cross-Site Scripting), and DDoS attacks. SafeLine WAF helps:
- Prevent attacks: Blocks malicious requests before they reach your server.
- Protect sensitive data: Ensures user information and backend data remain secure.
- Enhance reliability: Reduces downtime caused by attacks.
- Maintain compliance: Assists with meeting security standards and regulations.
By deploying SafeLine, organizations can protect their websites, APIs, and web applications with minimal manual intervention.
Who Can Use SafeLine WAF?
SafeLine is suitable for a wide range of users:
- Small and medium-sized businesses (SMBs): Secure websites without relying on cloud-based services.
- Enterprises: Protect high-traffic websites and critical applications.
- Developers and DevOps teams: Gain full control of security policies and traffic management.
- Security-conscious individuals: Self-hosted solution ensures data privacy and independence from third-party cloud providers.
Essentially, anyone running a web application or website that needs protection from cyber threats can benefit from SafeLine.
How to Install SafeLine WAF
SafeLine can be deployed quickly using either automatic or manual methods. Below is a summarized guide based on the official documentation.
Prerequisites
- Operating system: Linux
- Architecture: x86_64 or ARM64
- Dependencies: Docker ≥ 20.10.14, Docker Compose ≥ 2.0.0
- Minimum resources: 1 CPU core, 1 GB memory, 5 GB disk
- CPU instruction set: SSSE3
Automatic Deployment (Recommended)
Use the following command to start the automated installation of SafeLine. (This process requires root privileges)
bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/manager.sh)" -- --en
After the command is executed, it means the installation is successfully. Please go to Use Web UI directly.
Mannually Deploy
Install Docker
Install the latest version of Docker.
If you already have Docker installed, please skip this step.
curl -sSL "https://get.docker.com/" | bash
Create SafeLine Directory
Create a directory for SafeLine to use, SafeLine will write its configuration and data to this directory. (You need to have at least 5GB of disk space)
mkdir -p "/data/safeline"
Docker Compose Script
Download the latest docker compose script by using the following command.
cd "/data/safeline"
wget "https://waf.chaitin.com/release/latest/compose.yaml"
Write Environment variables
cd "/data/safeline"
touch ".env"
Write the following content in the ".env" file
SAFELINE_DIR=/data/safeline
IMAGE_TAG=latest
MGT_PORT=9443
POSTGRES_PASSWORD={postgres-password}
SUBNET_PREFIX=172.22.222
IMAGE_PREFIX=chaitin
ARCH_SUFFIX=
RELEASE=
REGION=-g
MGT_PROXY=0
If deploying to an ARM server, change ARCH_SUFFIX to -arm
ARCH_SUFFIX=-arm
If you want to install the LTS version
RELEASE=-lts
- SAFELINE_DIR: 123
- IMAGE_TAG: SafeLine version to be used
- MGT_PORT: Web console port to be used
- POSTGRES_PASSWORD: Postgres db initialization password
- SUBNET_PREFIX: SafeLine internal network communication address prefix
- IMAGE_PREFIX: Mirror repository prefix
- ARCH_SUFFIX: Set to
-arm for ARM servers.
- RELEASE: Set to
-lts for use LTS version.
- MGT_PROXY: The number of console proxy layers,It should only be used when configuring the proxy for the console. By default, it is set to 0 and no proxy is configured.
Launch SafeLine
Everything is ready to start the SafeLine service.
This process may take several minutes, so don't worry.
docker compose up -d
Use Web UI
Open the web console page https://<safeline-ip>:9443/ in the browser, then you will see below.
Get Administrator Account
docker exec safeline-mgt resetadmin
After the command is successfully executed, you will see the following content
Please must remember this content
[SafeLine] Initial username:admin
[SafeLine] Initial password:**********
[SafeLine] Done
Login
Enter the password in the previous step and you will successfully logged into SafeLine.
