The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ModSecurity2 - What is the right way of white listing IP's?

Discussion in 'Security' started by XxUnkn0wnxX, Jan 26, 2015.

  1. XxUnkn0wnxX

    XxUnkn0wnxX Member

    Joined:
    Feb 3, 2014
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    i have configured it like this as follows so far.

    i have this in my user conf file at the top:
    Include /usr/local/apache/conf/modsec2.whitelist.conf

    then i have this in my white list conf:
    # ConfigServer ModSecurity whitelist file
    <LocationMatch .*>
    SecRule REMOTE_ADDR "@pmFromFile /usr/local/apache/conf/whitelist.txt" "phase:1,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off,id:10341230"
    </LocationMatch>

    now i assume that <LocationMatch .*> apply's to everything yes? - if not what is the correct syntax to make it apply globally throughout all of mod security/apache?

    and in my whitelist.txt i have the IP's going like this:
    192.168.1.1,192.168.0.1,192.168.1.50

    these are just sample IP's. but is it the correct format? or do i do an IP per a line?


    i just need to white list some of the server Ip's that keep getting picked up as a false positive..
     
    #1 XxUnkn0wnxX, Jan 26, 2015
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    971
    Likes Received:
    71
    Trophy Points:
    78
    cPanel Access Level:
    DataCenter Provider
    Format for @pmFromFile is one IP (or cidr range) per line.

    You have to restart apache after making any changes. Yes, locationmatch .* applies to every request.
     
    #2 quizknows, Jan 26, 2015
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    35,630
    Likes Received:
    1,138
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    Yes, as mentioned in the previous post, the format is a single IP/range, per line. Keep in mind that these IP addresses are no longer restricted by Mod_Security so you should ensure they are trusted users.

    Thank you.
     
    #3 cPanelMichael, Jan 27, 2015
(You must log in or sign up to post here.)
Loading...
Similar Threads - ModSecurity2 right white
  1. pronesco

    Error: cURL error 77: Problem with the SSL CA cert (path? access rights?)

    pronesco, Jun 13, 2017, in forum: General Discussion
    Replies:
    3
    Views:
    58
    cPanelMichael
    Jun 14, 2017
  2. AndyB78

    Copyright protecting a plugin

    AndyB78, Jun 10, 2017, in forum: cPanel Developers
    Replies:
    3
    Views:
    58
    Infopro
    Jun 10, 2017
  3. Jack Abbott

    Right way to remove Outlook duplicates?

    Jack Abbott, May 5, 2017, in forum: E-mail Discussions
    Replies:
    2
    Views:
    91
    Sydney Barrett
    May 9, 2017
  4. hexa-hm

    SOLVED WebHost Manager - Custom Right Frame UI CSS

    hexa-hm, Apr 21, 2017, in forum: User Experience
    Replies:
    2
    Views:
    120
    hexa-hm
    Apr 21, 2017
  5. Yukinarija

    Viable HTTPS caching options right now?

    Yukinarija, Nov 2, 2016, in forum: Workarounds and Optimization
    Replies:
    4
    Views:
    348
    cPanelMichael
    Nov 3, 2016

Share This Page