Question
How do I whitelist an IP in ModSecurity?
Answer
- Log in to SSH or Terminal as the
rootuser. -
Open the following file in a text editor:
# /etc/apache2/conf.d/modsec/modsec2.user.conf
-
Add one or more of the following example variants to the bottom of the file, but edit it to contain your desired IP address:
# Single IP example
# Allow unrestricted access from 192.0.2.1
SecRule REMOTE_ADDR "@ipMatch 192.0.2.1" "phase:1,id:200000001,nolog,allow"# Multi IP Example
# Allow unrestricted access from 192.0.2.1,192.0.2.2,198.51.100.0/24
SecRule REMOTE_ADDR "@ipMatch 192.0.2.1,192.0.2.2,198.51.100.0/24" "phase:1,id:200000001,nolog,allowNote: The IP format documentation can be found here: ModSecurity Reference Manual - @ipmatch.
-
Restart Apache:
# /scripts/restartsrv_apache --restart
Comments
0 comments
Article is closed for comments.