How to whitelist IP address mod_security CentOS 6

Question

Is it possible to white list an IP address in mod_security?

I found white ist whole domain name in mod_security. But I want to white list only the administrator IP.

OS: CentOS 6 Server: Apache httpd 2.15 Mod Security: Version 2.7

score 6 · Accepted Answer · edited Jul 01 '16 at 02:18

6

Found the way.

vim /etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_10_whitelist.conf

And add this line:

SecRule REMOTE_ADDR "^192\.168\.50\.1$" phase:1,log,allow,ctl:ruleEngine=Off,id:999945

edited Jul 01 '16 at 02:18

techraf

9,141
11
44
62

answered Jun 25 '14 at 11:39

Kasun

784
2
5
13

score 1 · Answer 2 · answered Jan 17 '19 at 15:43

I use modsec version 3 and in my case there wasn't a modsec configuration file in the location /etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_10_whitelist.conf but there was one in:

/etc/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf

in this file the following example is given:

# ModSec Rule Exclusion: Disable Rule Engine for known ASV IP
SecRule REMOTE_ADDR "@ipMatch 192.168.1.100" \
    "phase:1,id:1000,pass,nolog,ctl:ruleEngine=Off"

score 0 · Answer 3 · answered Jun 15 '17 at 09:43

0

If you are under a load Balancer use:

SecRule REQUEST_HEADERS:X-Forwarded-For "@Contains 37.161.74.122" phase:1,nolog,allow,pass,ctl:ruleEngine=off,id:1

answered Jun 15 '17 at 09:43

Sebastien Horin

101
1

How to whitelist IP address mod_security CentOS 6

3 Answers3