Mod Security Whitelist

DWaters

• July 04, 2017 06:26

I'm getting a lot of false positives in Mod Security from my own IP, is it possible to whitelist my IP via WHM? I've read you can edit the files manually which I'd rather avoid.

• 

  cPanelMichael

  • July 04, 2017 15:33

  Hello, You can browse to "WHM >> ModSecurity Tools", click on "Rules List", then click "Edit Rules" if you want to add a new rule that whitelists your IP address. As far as the rule itself, you may find this thread helpful: Whitelist an IP address in Modsecurity Thank you.

  0
• 

  quizknows

  • July 04, 2017 18:23

  The method in that linked post is OK if you only have a specific IP or a couple of them to do. The "easiest" way I've found now is to just use a match from file rule, so that you effectively create an allow ip's file for modsecurity. You would want the rule to go in modsec2.user.conf most likely unless your hosting provider manages that file. The editor for custom rules in WHM should insert the rule into that file for you.
  #SecRule REMOTE_ADDR "@ipMatchFromFile /etc/apache2/conf.d/ip_whitelist.txt" "allow,nolog,id:11233445"
  Obviously you need to create the file /etc/apache2/conf.d/ip_whitelist.txt first (this file path is appropriate for ea4, if you're on EA3 place it where ever you see fit). In that file have one IP or cidr notation per line to allow. Restart apache to put the changes into effect.

  0

Please sign in to leave a comment.