That change meant one thing: I needed a new strategy to protect my services and keep my real home IP completely hidden.

That’s when I deployed Safeline WAF on a Hetzner VPS, turning it into a secure, self-hosted reverse-proxy layer sitting in front of my homelab. And honestly, it worked far better than I expected.

Leaving Cloudflare Meant I Needed a New Shield

The moment I moved away from Cloudflare, I lost: • Anycast edge routing • Automated bot filtering • DDoS mitigation • Hidden origin IP • Edge caching • Layer-7 attack protection

This meant that if I exposed my home IP directly, it would quickly become a target and any attack would hit my household connection and hardware.

So I needed a new “front layer” that: • Sat outside my home network • Masked my real IP • Filtered all incoming traffic • Stopped attacks before they reached my house • Was lightweight enough to self-manage

Deploying Safeline WAF on a remote VPS became the perfect solution.

Creating a Secure Front Layer on a Hetzner VPS

Instead of exposing my homelab directly, I deployed Safeline WAF on a Hetzner VPS, which now acts as the public-facing entry point for all my services.

How the architecture works:

1. All external traffic hits the Hetzner VPS first The VPS has a public IP and runs Safeline WAF + a reverse proxy. 2. Safeline filters, analyses and sanitises requests Malicious traffic never reaches my home. 3. Only clean traffic is forwarded to my homelab Through an encrypted tunnel (WireGuard), the backend services remain fully hidden. 4. My real home IP is completely protected Nobody scanning the services ever sees it only the Hetzner VPS.

This setup essentially recreates the “origin shielding” that Cloudflare provided, but without relying on a third-party network or giving up control.

How Safeline WAF Performs as a Remote Shield

My Home IP Stays Completely Hidden

The biggest benefit of placing Safeline on a VPS is that:

• Scanners

• Bots

• Attackers

• Vulnerability crawlers

  …never touch my home connection.

All they ever see is the Hetzner IP, which filters everything through Safeline before forwarding anything to my private network.

If someone tries to attack it, it’s the VPS getting the hits not my house.

Safeline Handles Attacks Far From My Homelab

Since Safeline blocks malicious traffic right at the VPS: • My home bandwidth isn’t consumed • My self-hosted apps remain calm and responsive • My ISP never sees attack patterns • My homelab hardware isn’t stressed

Cloudflare used to do this at a global scale now Safeline does it on my own infrastructure.

Lightweight Enough for a Small VPS

Even with increased direct traffic: • No high CPU spikes • No RAM explosions • No delays in forwarding clean requests

Safeline is efficient enough to run on a small Hetzner VPS without issues.

Complete Control, Without External Dependencies

By using my own VPS: • No reliance on Cloudflare • No vendor lock-in • No “hidden rules” • No unexpected throttling • No external outages affecting my setup

Safeline works predictably, and I control everything from end to end.

A Clean, Stable Setup Without Cloudflare

While many people depend entirely on Cloudflare to protect their self-hosted apps, moving away from it didn’t break anything for me. Instead, it made my setup more resilient and more under my control.

With Safeline running on a Hetzner VPS: • My services stayed online • My real home IP stayed hidden • Malicious traffic got filtered at the edge • My homelab stayed lightweight and protected • I avoided Cloudflare outages, routing issues, or dependency risks

It’s a self-hosted approach that gives you the same benefits Cloudflare provides but fully under your control.

If You’re Dropping Cloudflare, This Hybrid VPS + Safeline Setup Is a Game-Changer

You get: • Real IP masking • Layer-7 protection • Full transparency • Strong filtering • Low resource usage • Independent infrastructure • Zero third-party dependency

A clean, powerful and reliable way to run a modern homelab with true self-hosting principles.

Documentation & Support

SafeLine Website: https://ly.safepoint.cloud/ShZAy9x

Official Docs: https://docs.waf.chaitin.com/en/home

SafeLine Demo: https://demo.waf.chaitin.com:9443

Community Discord: https://discord.gg/dy3JT7dkmY

• What is Filament? Filament is a lightweight admin panel and form builder designed specifically for Laravel applications. It simplifies creating admin dashboards and managing resources without needing to write much custom code.

• Why Use Filament? For anyone who needs a user-friendly backend to manage data and settings, Filament offers a fast, developer-friendly solution. It’s particularly valuable for creating CRUD interfaces, handling complex forms, and adding various widgets with minimal setup.

•What Will This Guide Cover? This post will guide readers through setting up Filament in Laravel from scratch in under five minutes, providing them with a functional admin panel they can build upon.

Set the Stage

Before diving into the steps, let’s quickly set up our environment to make sure everything runs smoothly.

• Docker & Laravel Sail

Instead of configuring a local web server manually, we’ll use Docker and Laravel Sail. This approach simplifies the setup, especially for developers working in different environments, as Docker ensures a consistent environment across all setups. Sail, Laravel’s official Docker environment, gives us a ready-to-go Laravel setup with just a few commands.

• Composer & Filament

Once our Laravel project is up and running with Sail, we’ll add Filament using Composer. This step is straightforward, thanks to Laravel’s package management. By the end, you’ll have a fully functional admin panel accessible through a single URL.

In the next steps, I’ll guide you through setting up a Laravel project with Docker and installing Filament—all in under five minutes!

Step 1: Creating a Laravel Project with Sail

1. Installing Laravel with Sail

Start by explaining how to set up a new Laravel project with Sail in a single command. Using curl, we’ll download and configure Laravel with Docker support:

curl -s "https://laravel.build/my-project" | bash

This command creates a new directory named project-name and sets up Laravel along with Docker containers needed for development, like MySQL, Redis, and others.

2. Navigating to the Project Directory

Once the project is set up, navigate to the project’s directory:

cd my-project

3. Starting Sail

To bring up the development environment, use the following command:

./vendor/bin/sail up

This command initializes the Docker containers, so your Laravel application will be available on http://127.0.0.1

4. Confirming Everything is Running

Once Sail has started, you can verify the setup by opening http://127.0.0.1 in your browser. You should see the default Laravel welcome page, confirming that Sail and Docker are up and running correctly.

This step-by-step guide will make it easy for readers to get a Laravel project running with Sail, creating a smooth foundation for the next steps with Filament.

Step 2: Installing Filament in Your Laravel Project

Now that we have our Laravel project running with Sail, let’s add Filament to get a basic admin panel up and running.

1. Installing Filament

We’ll use Composer to install Filament. In the project’s root directory, run the following command:

./vendor/bin/sail composer require filament/filament

This will download and install Filament, making it ready to be configured in our Laravel app.

Create Your First Filament Panel

./vendor/bin/sail artisan filament:install

2. Setting Up the Database

Since Filament requires a database connection, make sure your database is set up and that migrations have been run. In a new terminal, run:

./vendor/bin/sail artisan migrate

This will create all necessary tables for Laravel, including those needed for Filament’s authentication.

3. Creating Your First Admin User

Filament requires an admin user to log into the dashboard. You can create one with the following command:

./vendor/bin/sail artisan make:filament-user

This command will prompt you to enter the email, name, and password for your new admin user.

4. Accessing the Filament Admin Panel

Now, with your admin user created, open your browser and go to http://127.0.0.1/admin. Use the email and password you just set up to log in, and you’ll have access to the Filament admin dashboard.

This guide helps readers get Filament installed and configured quickly, leading to a fully functional admin panel that they can start exploring right away.