Welcome to the final part of our SafeLine WAF series!
So far, you have set up SafeLine and configured it for your environment. Now, it’s time to test your protection, finalize your Docker installation if necessary, and troubleshoot any issues that may arise. This will help you maintain a robust and reliable WAF deployment.
🔍 Test Protection
You can test the protection effectiveness either manually or automatically.
Confirm Website Accessibility
Access your website using the parameters configured in SafeLine WAF:
- Open your browser and visit:
http://<IP or domain>:<port>/ - The default protocol is HTTP; check the SSL option to use HTTPS.
- The hostname can be either the SafeLine IP or your website domain (make sure the domain resolves to SafeLine).
- The port is the one you configured in SafeLine for the site.
If your website is not accessible, please refer to the Configuration Issues section.
Overall Monitoring Flow Reference:
Manual Attack Simulation
Try these URLs to simulate attacks and confirm SafeLine blocks them:
- SQL Injection:
http://<IP or domain>:<port>/?id=1%20AND%201=1 - XSS Attack:
http://<IP or domain>:<port>/?html=<script>alert(1)</script>
If SafeLine blocks these, you’ll see the attack prevented in your browser and logged in the dashboard. ✅
🐳 Docker Installation on CentOS
Update yum packages
sudo yum update
If you get errors like “Could not resolve host” or mirrorlist failures, add Alibaba Cloud repo:
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
Setup Docker repository (use Alibaba Cloud repo to avoid errors)
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Install Docker engine
sudo yum -y install docker-ce docker-ce-cli containerd.io
Start Docker service
sudo systemctl start docker
⚠️ Troubleshooting
If you get x509 certificate errors when pulling images, it’s likely a system time or certificate issue.
Check your system time:
date
If it’s wrong, sync time with:
sudo yum -y install ntpdate
sudo ntpdate cn.pool.ntp.org
Conclusion 🎉
Congratulations on completing the SafeLine WAF deployment series! You have now:
- Prepared your environment and installed SafeLine with Docker 🛠️
- Explored multiple deployment scenarios and enabled advanced protection features 🛡️
- Tested your WAF’s effectiveness and learned how to troubleshoot common issues 🔍
With these skills, you’re well-equipped to protect your web applications against a wide range of threats. Remember to keep your system and SafeLine updated, monitor your traffic regularly, and fine-tune your rules as needed.
Thank you for following along! If you have any questions or want to share your experience, feel free to join our community or leave a comment. 💬
🤝 Join Our Community
For any technical support, you can post the question directly on our forum: https://safepoint.cloud/discussion (Our technicians will receive a notification and reply shortly).
Or you can also post it in our Discord community: https://discord.gg/dy3JT7dkmY (We’ll check messages there every day)
📢 Notes
This article is originally written by the author and follows CC 4.0 BY-SA license. Please keep the original link and this statement when sharing.
Original link: https://blog.csdn.net/m0_74375496/article/details/140550745
Top comments (4)
Pretty cool seeing all the steps here, tbh getting Docker to play nice always takes me a minute too
I'm so glad to see my article helps you a lot!
love seeing real step-by-step stuff like this, way easier for me to follow - makes me wonder, you think the biggest blocker is setup headaches or people just not taking time to test their security?
The setup of SafeLine is super easy and very friendly to beginners. The biggest blockers might be realize the importance of web security and they don't know such an easy security tool