Safe3-uusec-waf/docs/installer.sh
UUSEC Technology e66cca6014 v7.0.0
### Feature Updates

**Interface & Management**

- Redesigned main program and management interface with improved aesthetics and usability, supports UI language switching (English/Chinese)
- Added Rule Collections functionality: Create custom rule templates for batch configuration
- Introduced whitelist rules that terminate further rule matching upon success
- UUSEC WAF Rules API intelligent suggestions during advanced rule editing:ml-citation
- New plugin management supporting hot-reloaded plugins to extend WAF capabilities

**Protocol & Optimization**

- Supports streaming responses for continuous data push (e.g., LLM stream outputs)
- Enables Host header modification during proxying for upstream service access
- Search engine validation: `waf.searchEngineValid(dns,ip,ua)` prevents high-frequency rules from affecting SEO indexing
- Interception log report generation (HTML/PDF exports)
- Automatic rotation of UUSEC WAF error/access logs to prevent performance issues

**Security & Infrastructure**

- Expanded free SSL certificate support: HTTP-01 & DNS-01 verification across 50+ domain providers
- Customizable advanced WAF settings: HTTP2, GZIP, HTTP Caching, SSL protocols, etc
- Cluster configuration: Manage UUSEC WAF nodes and ML servers via web UI
2025-07-02 09:47:41 +08:00

96 lines
2.3 KiB
Bash

#!/bin/bash
# UUSEC WAF one click installation script
# Supported system: CentOS/RHEL 7+, Debian 11+, Ubuntu 18+, Fedora 32+, etc
info() {
echo -e "\033[32m[UUSEC WAF] $*\033[0m"
}
warning() {
echo -e "\033[33m[UUSEC WAF] $*\033[0m"
}
abort() {
echo -e "\033[31m[UUSEC WAF] $*\033[0m"
exit 1
}
if [[ $EUID -ne 0 ]]; then
abort "This script must be run with root privileges"
fi
OS_ARCH=$(uname -m)
case "$OS_ARCH" in
x86_64)
;;
*)
abort "Unsupported CPU arch: $OS_ARCH"
;;
esac
if [ -f /etc/os-release ]; then
source /etc/os-release
OS_NAME=$ID
OS_VERSION=$VERSION_ID
elif type lsb_release >/dev/null 2>&1; then
OS_NAME=$(lsb_release -si | tr '[:upper:]' '[:lower:]')
OS_VERSION=$(lsb_release -sr)
else
abort "Unable to detect operating system"
fi
check_ports() {
if [ $(command -v ss) ]; then
for port in 80 443 777 4443 4447 6612; do
if ss -tln "( sport = :${port} )" | grep -q LISTEN; then
abort "Port ${port} is occupied, please close it and try again"
fi
done
fi
}
install_waf() {
if [ ! $(command -v curl) ]; then
$( command -v yum || command -v apt-get || command -v zypper ) -y install curl
fi
curl https://uuwaf.uusec.com/docker.tgz -o /tmp/docker.tgz
mkdir -p /opt && tar -zxf /tmp/docker.tgz -C /opt/
if [ $? -ne "0" ]; then
abort "Installation of UUSEC WAF failed"
fi
}
allow_firewall_ports() {
if [ ! -f "/opt/waf/.fw" ];then
echo "" > /opt/waf/.fw
if [ $(command -v firewall-cmd) ]; then
firewall-cmd --permanent --add-port={80,443,4443,4447}/tcp > /dev/null 2>&1
firewall-cmd --reload > /dev/null 2>&1
elif [ $(command -v ufw) ]; then
for port in 80 443 4443 4447; do ufw allow $port/tcp > /dev/null 2>&1; done
ufw reload > /dev/null 2>&1
fi
fi
}
main() {
info "Detected system: ${OS_NAME} ${OS_VERSION} ${OS_ARCH}"
warning "Check for port conflicts ..."
check_ports
if [ ! -e "/opt/waf" ]; then
warning "Install UUSEC WAF ..."
install_waf
else
abort 'The directory "/opt/waf" already exists, please confirm to remove it and try again'
fi
warning "Add firewall ports exception ..."
allow_firewall_ports
bash /opt/waf/manager.sh
}
main