ModSecurity2 - What is the right way of white listing IP's?

XxUnkn0wnxX

Member
Feb 3, 2014
22
0
1
cPanel Access Level
Website Owner
i have configured it like this as follows so far.

i have this in my user conf file at the top:
Include /usr/local/apache/conf/modsec2.whitelist.conf

then i have this in my white list conf:
# ConfigServer ModSecurity whitelist file
<LocationMatch .*>
SecRule REMOTE_ADDR "@pmFromFile /usr/local/apache/conf/whitelist.txt" "phase:1,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off,id:10341230"
</LocationMatch>

now i assume that <LocationMatch .*> apply's to everything yes? - if not what is the correct syntax to make it apply globally throughout all of mod security/apache?

and in my whitelist.txt i have the IP's going like this:
192.168.1.1,192.168.0.1,192.168.1.50

these are just sample IP's. but is it the correct format? or do i do an IP per a line?


i just need to white list some of the server Ip's that keep getting picked up as a false positive..
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
Format for @pmFromFile is one IP (or cidr range) per line.

You have to restart apache after making any changes. Yes, locationmatch .* applies to every request.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,225
463
Hello :)

Yes, as mentioned in the previous post, the format is a single IP/range, per line. Keep in mind that these IP addresses are no longer restricted by Mod_Security so you should ensure they are trusted users.

Thank you.