Whitelisting Multiple IPs with Mod_Security

Whitelisting Multiple IPs in ModSecurity

 

If ModSecurity is blocking legitimate requests from specific IP addresses, you can whitelist those IPs so their traffic bypasses the web application firewall rules.

 

Method: .htaccess

Add the following to your .htaccess file to disable ModSecurity for specific IPs:

<IfModule mod_security2.c>
SecRule REMOTE_ADDR "@ipMatch 1.2.3.4,5.6.7.8,9.10.11.12" "id:1000001,phase:1,allow,nolog"
</IfModule>

 

Replace the IP addresses with the ones you want to whitelist. Separate multiple IPs with commas.

 

Server-Level (Root Access Required)

For server-wide whitelisting, add the rule to /etc/apache2/conf.d/modsec/modsec2.user.conf and restart Apache. This is a server administrator task. If you are on shared hosting, contact support and provide the IP addresses you need whitelisted along with the URL that is being blocked.

  • 2 Users Found This Useful

Was this answer helpful?

Related Articles

CSF Error: *WARNING* Binary location for [HOST] [/usr/bin/host] in /etc/csf/csf-conf is either incorrect, is not installed or is not executable

During a CSF start or restart you may encounter this error. This is a result of /usr/bin/host...

Failed to start tailwatchd - Unit tailwatchd service entered failed state

Failed to start tailwatchd. Unit tailwatchd.service entered failed state.  tailwatchd.service...

How to convert InnoDB to MyISAM

Although at times faster, you will find InnoDB a very large headache when it comes to table...

Remount /tmp with exec permission

Remounting /tmp With Execute Permission   On some cPanel servers, the /tmp partition is...

FSCK Options and Maintenance

Provided below are some useful commands pertaining to FSCK. Update commands to your environment /...



Save 30% on web hosting - Use coupon code Hosting30