ModSecurity
To add our IPs to the whitelist of ModSecurity, you can follow these steps.
Step 1: Identify the ModSecurity configuration file
ModSecurity is typically configured through the "modsecurity.conf" file or a separate configuration file specific to your web server (e.g., "httpd.conf" for Apache).
Locate the ModSecurity configuration file in your server's file system.
Step 2: Open the ModSecurity configuration file for editing
Use a text editor to open the ModSecurity configuration file.
Ensure you have sufficient privileges to edit the file.
Step 3: Find the SecRule directive related to IP whitelisting
Search for a section or directive that sets rules for IP whitelisting. This could be something like "SecRule REMOTE_ADDR".
Note the syntax and existing rules, as you will add your whitelist rules accordingly.
Step 4: Add IP addresses to the whitelist
Add a new line under the IP whitelisting directive to specify the IP address(es) you want to whitelist.
Use the appropriate syntax based on the existing rules. For example:
In the above example, "REMOTE_ADDR" represents the IP address being matched, and the IP addresses specified after "@ipMatch" are whitelisted.
Step 5: Save the ModSecurity configuration file
After adding the IP addresses to the whitelist, save the changes to the ModSecurity configuration file.
Step 6: Restart your web server
Restart your web server to apply the changes to ModSecurity.
The specific command to restart the web server varies depending on the operating system and web server software you are using. For example:
Step 7: Test the whitelist
Verify that the IP addresses you added to the whitelist are now exempt from ModSecurity rules.
Access your web application from the whitelisted IP addresses and ensure that ModSecurity does not block any legitimate requests.
Remember to exercise caution when modifying security configurations and thoroughly test the changes to ensure they align with your security requirements.
Last updated