SafeLine is a Web Application Firewall (WAF) developed by Chaitin Tech, leveraging nearly ten years of experience in cybersecurity. The core of SafeLine’s detection prowess lies in its advanced semantic analysis algorithms, making it a powerful tool for securing web applications.
Getting Started with SafeLine Installation
Before diving into the installation process, ensure your system meets the following minimum requirements:
System Requirements:
- Operating System: Linux
- Architecture: x86_64
-
Dependencies:
- Docker version 20.10.14 or later
- Docker Compose version 2.0.0 or later
Minimum Hardware Specs:
- CPU: 1 Core
- RAM: 1 GB
- Disk Space: 5 GB
You can use the following commands to verify your server's configuration:
uname -m # Check instruction set architecture
docker version # Check Docker version
docker compose version # Check Docker Compose version
docker-compose version # Check Docker Compose version (old version)
cat /proc/cpuinfo | grep "processor" # Check CPU information
free -h # Check memory information
df -h # Check disk space information
lscpu | grep ssse3 # Verify SSSE3 instruction set support
Installing Docker Engine on Ubuntu
Follow the official Docker documentation for Ubuntu installation here.
1.Remove Conflicting Packages:
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
2.Configure the Docker APT Repository:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
3.Install Docker and Compose Plugins:
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
Installing SafeLine
To install SafeLine, run the following command:
bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/setup.sh)"
Upon completion, the terminal will display your username, password, and SafeLine backend URL.
Accessing SafeLine
If you forget your password, reset it with the following command:
docker exec safeline-mgt resetadmin
Access the SafeLine backend via your browser.
Configuring Sites and Testing with WebGoat
1.Use WebGoat as a Test Platform
WebGoat, a security education tool, is ideal for demonstrating web application vulnerabilities. To set it up:
docker run --name webgoat -d -p 8080:8080 -p 9090:9090 webgoat/webgoat
Visit http://WebGoat:8080/WebGoat/login
in your browser to register an account.
2.Add a Protected Site
Set the WebGoat URL as a protected target in SafeLine.
Note: Ensure proper local domain name resolution on both SafeLine and your local machine.
-
Linux:
/etc/hosts
-
Windows:
C:\Windows\System32\drivers\etc\hosts
3.Conduct a Test
Access the SafeLine-protected site: http://www.test-waf.org/WebGoat/login
.
In WebGoat, select the SQL Injection module, run a modified SQL query, and observe how SafeLine intercepts and logs the attack, showcasing its robust protection.
Top comments (0)