Web security is a critical concern for anyone hosting websites or applications on a VPS. SafeLine WAF (Web Application Firewall) is a powerful, open-source security solution that provides comprehensive protection for your web applications. This tutorial will guide you through how to install SafeLine WAF on Linux VPS using two different methods: auto installation and manual Docker Compose setup.
What is SafeLine WAF and Why Do You Need It?
SafeLine WAF is a modern web application firewall designed to protect your websites and web applications from various cyber threats. Developed by Chaitin Tech, SafeLine operates as a reverse proxy that sits between your web server and incoming traffic, analyzing and filtering requests before they reach your applications.
SafeLine WAF helps mitigate several types of security threats:
- SQL Injection attacks: Prevents malicious database queries from compromising your data
- Cross-Site Scripting (XSS): Blocks attempts to inject malicious scripts into your web pages
- Brute-force attacks: Detects and blocks repeated login attempts from suspicious sources
- Malicious bots and crawlers: Identifies and filters automated threats while allowing legitimate traffic
- DDoS protection: Helps mitigate distributed denial-of-service attacks
- Directory traversal attacks: Prevents unauthorized access to server files and directories
For businesses and developers using a HostMyCode VPS to host their applications, SafeLine WAF provides an additional security layer that's essential in today's threat landscape.
VPS Requirements for Installing SafeLine WAF
Before you install SafeLine WAF on Linux VPS, ensure your server meets the minimum requirements:
- CPU: At least 2 CPU cores (4 cores recommended for production)
- RAM: Minimum 4GB (8GB recommended for high-traffic websites)
- Storage: At least 20GB free disk space for Docker images and logs
- Operating System: Ubuntu 18.04+, CentOS 7+, or Debian 9+
- Docker: Version 19.03 or later
- Docker Compose: Version 1.25 or later
Required open ports:
- Port 80 (HTTP traffic)
- Port 443 (HTTPS traffic)
- Port 9443 (SafeLine management interface)
- Port 22 (SSH access for administration)
Method 1: Auto Install SafeLine WAF on Linux VPS
The easiest way to install SafeLine WAF Linux VPS is using the official auto-installation script. This method automatically handles all dependencies and configuration.
Step 1: Update Your System
First, ensure your system is up to date:
sudo apt update && sudo apt upgrade -yStep 2: Run the Auto Installation Command
Execute the official SafeLine WAF installation script:
bash -c "$(curl -fsSLk https://waf.chaitin.com/release/latest/manager.sh)" -- --enThis command will:
- Download and install Docker if not present
- Pull the necessary SafeLine WAF Docker images
- Configure the initial setup automatically
- Start all required services
Step 3: Monitor the Installation Process
The installation process typically takes 5-10 minutes depending on your internet connection and server specifications. You'll see progress indicators showing the download and setup of various components.
Method 2: Manual Installation Using Docker Compose
For users who prefer more control over the installation process, you can manually install SafeLine WAF on Linux VPS using Docker Compose.
Step 1: Install Docker and Docker Compose
If Docker isn't already installed on your system:
# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
# Add your user to the docker group
sudo usermod -aG docker $USER
# Install Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-composeStep 2: Create SafeLine Directory
mkdir -p /opt/safeline
cd /opt/safelineStep 3: Download Docker Compose File
Download the official Docker Compose configuration:
curl -fsSL https://waf.chaitin.com/release/latest/compose.yaml -o docker-compose.yamlStep 4: Start SafeLine Services
Launch SafeLine WAF using Docker Compose:
docker-compose up -dVerify that all containers are running:
docker-compose psMany users choose managed VPS hosting solutions to simplify such deployments while maintaining full control over their security configurations.
How SafeLine WAF Works as a Reverse Proxy
SafeLine WAF operates as a reverse proxy, which means it sits between your web server and incoming internet traffic. Here's how it works:
- Traffic Interception: All incoming requests are first received by SafeLine WAF
- Analysis and Filtering: Each request is analyzed against security rules and threat patterns
- Decision Making: SafeLine decides whether to allow, block, or modify the request
- Request Forwarding: Legitimate requests are forwarded to your actual web server
- Response Processing: Responses from your server can also be inspected before reaching the client
This architecture ensures that your actual web server never directly faces potentially malicious traffic, providing an essential security buffer.
Initial Setup and Configuration After Installation
Accessing the SafeLine Dashboard
Once you've successfully installed SafeLine WAF on Linux VPS, access the management dashboard:
- Open your web browser and navigate to:
https://your-server-ip:9443 - Accept the self-signed certificate warning (you can configure proper SSL later)
- Create an admin account with a strong password
- Complete the initial setup wizard
Adding Your First Website for Protection
To protect a website with SafeLine WAF:
- In the dashboard, click "Add Website" or "New Site"
- Enter your domain name (e.g., example.com)
- Specify the backend server details (IP address and port of your web server)
- Configure SSL settings if your site uses HTTPS
- Enable the protection and save the configuration
Basic Configuration and Security Settings
Traffic Monitoring and Analytics
SafeLine WAF provides comprehensive traffic monitoring features:
- Real-time Traffic Dashboard: Monitor incoming requests, blocked attacks, and response times
- Attack Statistics: View detailed reports on blocked threats and attack patterns
- Geographic Analysis: See traffic origins and identify suspicious regions
- Performance Metrics: Track response times and server performance
Protection Rules Configuration
Configure SafeLine's protection rules to match your security requirements:
- SQL Injection Protection: Enable and customize SQL injection detection rules
- XSS Protection: Configure cross-site scripting prevention settings
- Rate Limiting: Set request rate limits to prevent abuse
- IP Whitelisting/Blacklisting: Manage trusted and blocked IP addresses
- Custom Rules: Create specific rules for your application's needs
HTTPS and SSL Configuration
For websites using HTTPS:
- Upload your SSL certificates to SafeLine
- Configure SSL termination settings
- Enable HTTP to HTTPS redirection
- Set up HSTS (HTTP Strict Transport Security) headers
Admin Panel Security
Secure your SafeLine management interface:
- Change the default admin port from 9443 to a custom port
- Enable two-factor authentication if available
- Restrict admin access to specific IP addresses
- Regularly update admin passwords
- Enable audit logging for administrative actions
Troubleshooting Common SafeLine WAF Issues
Port Conflicts
If you encounter port conflicts during installation:
# Check which processes are using ports 80, 443, or 9443
sudo netstat -tulpn | grep :80
sudo netstat -tulpn | grep :443
sudo netstat -tulpn | grep :9443
# Stop conflicting services if necessary
sudo systemctl stop apache2
sudo systemctl stop nginxDocker-Related Problems
For Docker issues when trying to install SafeLine WAF Linux VPS:
# Restart Docker service
sudo systemctl restart docker
# Check Docker container status
docker ps -a
# View container logs
docker logs safeline-waf
# Restart SafeLine containers
docker-compose restartReverse Proxy Misconfiguration
If your website isn't loading properly:
- Verify backend server IP and port settings in SafeLine dashboard
- Check that your web server is running and accessible
- Ensure firewall rules allow traffic between SafeLine and your web server
- Review SafeLine logs for specific error messages
Dashboard Access Errors
If you can't access the SafeLine management interface:
# Check if SafeLine containers are running
docker ps | grep safeline
# Verify firewall allows port 9443
sudo ufw allow 9443
# Check SafeLine management service logs
docker logs safeline-managementReady to enhance your website security with SafeLine WAF? A reliable VPS with adequate resources is essential for optimal performance. HostMyCode VPS hosting provides the perfect foundation for deploying security tools like SafeLine WAF, with flexible configurations and excellent performance.
Frequently Asked Questions
Can I install SafeLine WAF on any Linux VPS distribution?
Yes, SafeLine WAF works on most modern Linux distributions including Ubuntu, CentOS, Debian, and others. The main requirement is having Docker support, which is available on virtually all current Linux distributions.
How much resources does SafeLine WAF consume on a Linux VPS?
SafeLine WAF typically uses 1-2GB of RAM and moderate CPU resources. For production environments, we recommend at least 4GB RAM and 2 CPU cores to ensure optimal performance when processing high traffic volumes.
Can SafeLine WAF protect multiple websites on the same VPS?
Absolutely! SafeLine WAF supports multiple website configurations. You can add as many domains as needed through the management dashboard, each with its own protection rules and backend server configuration.
Is it possible to integrate SafeLine WAF with existing web servers like Apache or Nginx?
Yes, SafeLine WAF works as a reverse proxy in front of any web server. Simply configure your existing Apache, Nginx, or other web server as the backend, and SafeLine will handle all incoming traffic filtering before forwarding legitimate requests.
What happens if SafeLine WAF goes down - will my website be inaccessible?
If SafeLine WAF stops working, your website would become inaccessible since all traffic routes through it. This is why it's important to monitor SafeLine's health and have backup procedures. Consider setting up monitoring alerts and having a rollback plan to direct traffic directly to your web server if needed.
Conclusion
Installing SafeLine WAF on your Linux VPS is a crucial step toward securing your web applications against modern cyber threats. Whether you choose the convenient auto-installation method or prefer the control of manual Docker Compose setup, SafeLine provides robust protection against SQL injection, XSS, brute-force attacks, and malicious bots.
The reverse proxy architecture ensures that your actual web server remains protected while SafeLine handles threat detection and filtering. With proper configuration of traffic monitoring, protection rules, and HTTPS settings, you'll have a comprehensive security solution that scales with your needs.
For hosting SafeLine WAF and your web applications, managed VPS hosting solutions from HostMyCode provide the reliability, performance, and support you need to maintain a secure online presence. With adequate resources and professional support, you can focus on your applications while keeping security threats at bay.