DEV Community

MotorBuy6
MotorBuy6

Posted on • Updated on

SafeLine, make your web app secure default

#opensource #cybersecurity #waf #tutorial

SafeLine is a web security gateway to protect your websites from attacks and exploits.

It defenses for all of web attacks, such as sql injection, code injection, os command injection, CRLF injection, ldap injection, xpath injection, rce, xss, xxe, ssrf, path traversal, backdoor, bruteforce, http-flood, bot abused and so on.

Image description

Automatic Deploy
Use the following command to start the automated installation of SafeLine. (This process requires root privileges)

bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Enter fullscreen mode Exit fullscreen mode

After the command is executed, it means the installation is successfully. Please go to "Use Web UI" directly.
Mannually Deploy
to see Documentation

Usage
Login
Open the web console page https://<safeline-ip>:9443/ in the browser, then you will see below.

Image description

Execute the following command to get administrator account

docker exec safeline-mgt /app/mgt-cli reset-admin --once
Enter fullscreen mode Exit fullscreen mode

After the command is successfully executed, you will see the following content

Please must remember this content

[SafeLine] Initial username:admin
[SafeLine] Initial password:**********
[SafeLine] Done
Enter fullscreen mode Exit fullscreen mode

Enter the password in the previous step and you will successfully logged into SafeLine.

Protecting a website
Log into the SafeLine Web Admin Console, go to the "Site" -> "Website" page and click the "Add Site" button in the upper right corner.

Image description

In the next dialog box, enter the information to the original website.

Domain: domain name of your original website, or hostname, or ip address, for example: www.chaitin.com
Port: port that SafeLine will listen, such as 80 or 443. (for https websites, please check the SSL option)
Upstream: real address of your original website, through which SafeLine will forward traffic to it
After completing the above settings, please resolve the domain name you just entered to the IP address of the server where SafeLine is located.

Image description

Then you can access the website protected by the SafeLine through the domain name like this.

Image description

Try to attack your website
Now, your website is protected by SafeLine, let’s try tp attack it and see what happens.

If https://chaitin.com is a website protected by SafeLine, here are some test cases for common attacks:

  • SQL Injection:https://chaitin.com/?id=1+and+1=2+union+select+1
  • XSS: https://chaitin.com/?id=<img+src=x+onerror=alert()>
  • Path Traversal: https://chaitin.com/?id=../../../../etc/passwd
  • Code Injection: https://chaitin.com/?id=phpinfo();system('id')
  • XXE: https://chaitin.com/?id=<?xml+version="1.0"?><!DOCTYPE+foo+SYSTEM+"">

Replace chaitin.com in the above cases with your website domain name and try to access it.
Image description

Check the web console of SafeLine to see the attack list
Image description

To view the specific details of the attack, click "detail"
Image description

Official Website: https://waf.chaitin.com/
Official GitHub: https://github.com/chaitin/SafeLine
Official Discord: https://discord.gg/3aRJ4qfwjA

Top comments (0)

Read next

dinko7 profile image

Adding a "Done" Button to iOS Numpad in Flutter

Dinko Marinac -

veronicajoseph profile image

How Salesforce is Likely to Change the Way Tech Professionals Approach Data Management

Veronica Joseph -

longlikun profile image

Nextjs中使用axios实现一个动态的下载/上传进度条

likun -

bhavikjikadara profile image

How to install Python in Windows 11?

Bhavik Jikadara -