To add our IPs to the whitelist of ModSecurity, you can follow these steps.

Step 1: Identify the ModSecurity configuration file

  • ModSecurity is typically configured through the "modsecurity.conf" file or a separate configuration file specific to your web server (e.g., "httpd.conf" for Apache).

  • Locate the ModSecurity configuration file in your server's file system.

Step 2: Open the ModSecurity configuration file for editing

  • Use a text editor to open the ModSecurity configuration file.

  • Ensure you have sufficient privileges to edit the file.

Step 3: Find the SecRule directive related to IP whitelisting

  • Search for a section or directive that sets rules for IP whitelisting. This could be something like "SecRule REMOTE_ADDR".

  • Note the syntax and existing rules, as you will add your whitelist rules accordingly.

Step 4: Add IP addresses to the whitelist

  • Add a new line under the IP whitelisting directive to specify the IP address(es) you want to whitelist.

  • Use the appropriate syntax based on the existing rules. For example:

    SecRule REMOTE_ADDR "@ipMatch" "id:12345, phase:1, allow, t:none, nolog"
    SecRule REMOTE_ADDR "@ipMatch" "id:67890, phase:1, allow, t:none, nolog"

    In the above example, "REMOTE_ADDR" represents the IP address being matched, and the IP addresses specified after "@ipMatch" are whitelisted.

Step 5: Save the ModSecurity configuration file

  • After adding the IP addresses to the whitelist, save the changes to the ModSecurity configuration file.

Step 6: Restart your web server

  • Restart your web server to apply the changes to ModSecurity.

  • The specific command to restart the web server varies depending on the operating system and web server software you are using. For example:

    sudo service apache2 restart  # For Apache on Ubuntu

Step 7: Test the whitelist

  • Verify that the IP addresses you added to the whitelist are now exempt from ModSecurity rules.

  • Access your web application from the whitelisted IP addresses and ensure that ModSecurity does not block any legitimate requests.

Remember to exercise caution when modifying security configurations and thoroughly test the changes to ensure they align with your security requirements.

Last updated

All rights reserved © Akatop Technologies