DEV Community

Carrie
Carrie

Posted on

What each container does in SafeLine WAF

What is SafeLine WAF

SafeLine is a self-hosted WAF (Web Application Firewall) to protect your web apps from attacks and exploits.

SafeLine helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, ldap injection, xpath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, http-flood, bot abused, among others. Its core capabilities include defense for web attacks and bot abuse, HTML & JS code encryption, IP-based rate limiting, web access control list.

What each container does in SafeLine WAF

Getting SafeLine running involves quite a few containers. Users may get confused about what they do only with their names. Here is a detailed and newest description of all the containers.

How to Install SafeLine to Protect Websites

Minimum configuration requirements

Dependency Value
Operating system Linux
Instruction architecture x86_64
Software dependency Docker version 20.10.14 or above
Software dependency Docker Compose version 2.0.0 or above
Minimum environment 1 core CPU / 1 GB memory / 5 GB disk

You can execute the following commands to confirm the server configuration:

uname -m                                # view Instruction architecture
docker version                          # view Docker version
docker compose version                  # view Docker Compose version
cat /proc/cpuinfo| grep "processor"     # view CPU info
free -h                                 # view memory info
df -h                                   # view disk info
lscpu | grep ssse3                      # Check CPU ssse3 instruction
Enter fullscreen mode Exit fullscreen mode

Deploy

Automatic Deploy

Recommended
{.is-success}

Use the following command to start the automated installation of SafeLine. (This process requires root privileges)

bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Enter fullscreen mode Exit fullscreen mode

After the command is executed, it means the installation is successfully. Please go to Use Web UI directly.

Mannually Deploy

Install Docker

Install the latest version of Docker.

If you already have Docker installed, please skip this step.

curl -sSL "https://get.docker.com/" | bash
Enter fullscreen mode Exit fullscreen mode

Create SafeLine Directory

Create a directory for SafeLine to use, SafeLine will write its configuration and data to this directory. (You need to have at least 5GB of disk space)

mkdir -p "/data/safeline"
Enter fullscreen mode Exit fullscreen mode

Docker Compose Script

Download the latest docker compose script by using the following command.

cd "/data/safeline"
wget "https://waf.chaitin.com/release/latest/compose.yaml"
Enter fullscreen mode Exit fullscreen mode

Write Environment variables

cd "/data/safeline"
touch ".env"
Enter fullscreen mode Exit fullscreen mode

Write the following content in the ".env" file

SAFELINE_DIR=/data/safeline
IMAGE_TAG=latest
MGT_PORT=9443
POSTGRES_PASSWORD={postgres-password}
SUBNET_PREFIX=172.22.222
IMAGE_PREFIX=chaitin
Enter fullscreen mode Exit fullscreen mode

NOTE: Replace the placeholders in the file
{.is-warning}

  • SAFELINE_DIR: 123
  • IMAGE_TAG: SafeLine version to be used
  • MGT_PORT: Web console port to be used
  • POSTGRES_PASSWORD: Postgres db initialization password
  • SUBNET_PREFIX: SafeLine internal network communication address prefix
  • IMAGE_PREFIX: Mirror repository prefix

Launch SafeLine

Everything is ready to start the SafeLine service.

This process may take several minutes, so don't worry.

docker compose up -d
Enter fullscreen mode Exit fullscreen mode

Use Web UI

Open the web console page https://<safeline-ip>:9443/ in the browser, then you will see below.

Get Administrator Account

docker exec safeline-mgt resetadmin
Enter fullscreen mode Exit fullscreen mode

After the command is successfully executed, you will see the following content

Please must remember this content
{.is-warning}

[SafeLine] Initial username:admin
[SafeLine] Initial password:**********
[SafeLine] Done
Enter fullscreen mode Exit fullscreen mode

Login

Enter the password in the previous step and you will successfully logged into SafeLine.

Uninstallation

If you are sure no longer want to use SafeLine, please follow the steps below to completely uninstall it.

  1. Enter SafeLine directory
cd <safeline-directory>
Enter fullscreen mode Exit fullscreen mode
  1. Execute the follow command to stop SafeLine
docker compose down
Enter fullscreen mode Exit fullscreen mode
  1. Execute the follow command to remove SafeLine data
rm -rf <safeline-directory>
Enter fullscreen mode Exit fullscreen mode

FAQ

to Install Question

Top comments (0)