Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Mod_Security whitelist

Discussion in 'Security' started by jeffschips, Apr 16, 2019.

  1. jeffschips

    jeffschips Well-Known Member

    Joined:
    Jun 5, 2016
    Messages:
    63
    Likes Received:
    7
    Trophy Points:
    8
    Location:
    new york
    cPanel Access Level:
    Root Administrator
    There are many tutorials out there that spell out how to whitelist an ip or ip range in mod_security, even some specifically for cpanel/WHM. But for whatever reason, they list files and directories that either don't exist on my standard whm/cpanel install or refer to methods that don't apply.

    I'm simply looking for a workable method to whitelist google, msn legitimate bots as they crawl directories for information so my sites can make it into their index.

    Any suggestions on how to whitelist these legitimate bots and/or ip ranges, would be appreciated. Thanks.
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,947
    Likes Received:
    485
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. jeffschips

    jeffschips Well-Known Member

    Joined:
    Jun 5, 2016
    Messages:
    63
    Likes Received:
    7
    Trophy Points:
    8
    Location:
    new york
    cPanel Access Level:
    Root Administrator
    yes I do have configserver installed which I love. Does a great job. I will check but I don't believe I have legitimate bots firewalled there. I will check out that plugin - looks like the perfect tool. thanks.
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,947
    Likes Received:
    485
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. jeffschips

    jeffschips Well-Known Member

    Joined:
    Jun 5, 2016
    Messages:
    63
    Likes Received:
    7
    Trophy Points:
    8
    Location:
    new york
    cPanel Access Level:
    Root Administrator
    I understand that I can put entries in csf firewall, but if the legitimate bot is whitelisted in csf, but crawl directories (which they do for indexing purposes) doesn't mod_security rule for directory listing kick in and then block it? That's what I'm seeing:

    "error 403 950130:directory listing" <--- mod_security rule hit
     
  6. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,473
    Likes Received:
    505
    Trophy Points:
    263
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice