Mod_Security whitelist

[jeffschips]

There are many tutorials out there that spell out how to whitelist an ip or ip range in mod_security, even some specifically for cpanel/WHM. But for whatever reason, they list files and directories that either don't exist on my standard whm/cpanel install or refer to methods that don't apply.

I'm simply looking for a workable method to whitelist google, msn legitimate bots as they crawl directories for information so my sites can make it into their index.

Any suggestions on how to whitelist these legitimate bots and/or ip ranges, would be appreciated. Thanks.

 

[Infopro]

Do you have ConfigServer firewall installed?
cPanel App Catalog :: Result for "ConfigServer Security and Firewall"
You might also find this app useful as well:
cPanel App Catalog :: ConfigServer ModSecurity Control

 

[jeffschips]

yes I do have configserver installed which I love. Does a great job. I will check but I don't believe I have legitimate bots firewalled there. I will check out that plugin - looks like the perfect tool. thanks.

 

[Infopro]

yes I do have configserver installed which I love.

An old post re: CSF, but valid all the same:
CSF blocking all bots (google, msn, yahoo etc.)¨ - ConfigServer Community Forum

 

[jeffschips]

I understand that I can put entries in csf firewall, but if the legitimate bot is whitelisted in csf, but crawl directories (which they do for indexing purposes) doesn't mod_security rule for directory listing kick in and then block it? That's what I'm seeing:

"error 403 950130:directory listing" <--- mod_security rule hit

 

[cPanelLauren]

Hi @jeffschips


This might get you headed in the right direction? Whitelist an IP address in Modsecurity