The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Mod Security Whitelist

Discussion in 'Security' started by DWaters, Jul 4, 2017.

Tags:
  1. DWaters

    DWaters Registered

    Joined:
    Jun 30, 2017
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    United Kingdom
    cPanel Access Level:
    Root Administrator
    I'm getting a lot of false positives in Mod Security from my own IP, is it possible to whitelist my IP via WHM? I've read you can edit the files manually which I'd rather avoid.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,204
    Likes Received:
    1,297
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You can browse to "WHM >> ModSecurity Tools", click on "Rules List", then click "Edit Rules" if you want to add a new rule that whitelists your IP address. As far as the rule itself, you may find this thread helpful:

    Whitelist an IP address in Modsecurity

    Thank you.
     
    quizknows likes this.
  3. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    982
    Likes Received:
    75
    Trophy Points:
    78
    cPanel Access Level:
    DataCenter Provider
    The method in that linked post is OK if you only have a specific IP or a couple of them to do. The "easiest" way I've found now is to just use a match from file rule, so that you effectively create an allow ip's file for modsecurity.

    You would want the rule to go in modsec2.user.conf most likely unless your hosting provider manages that file. The editor for custom rules in WHM should insert the rule into that file for you.

    Code:
    #SecRule REMOTE_ADDR "@ipMatchFromFile /etc/apache2/conf.d/ip_whitelist.txt" "allow,nolog,id:11233445"
    
    Obviously you need to create the file /etc/apache2/conf.d/ip_whitelist.txt first (this file path is appropriate for ea4, if you're on EA3 place it where ever you see fit). In that file have one IP or cidr notation per line to allow. Restart apache to put the changes into effect.
     
Loading...

Share This Page