Whitelist IP in ModSecurity on VPS or Dedicated Server

Margaret H.
  • Updated
Follow

Whitelisting an IP address in ModSecurity, also known as Mod Security or ModSec, can be beneficial for various reasons. By whitelisting an IP, you explicitly allow requests originating from that specific address to bypass ModSecurity's security rules and restrictions.

This can be necessary in cases where you trust the source and want to ensure uninterrupted access for legitimate users or authorized systems. Whitelisting can prevent false positives, reduce the likelihood of blocking legitimate traffic, and provide a smoother user experience while maintaining a high level of security for other untrusted sources. However, it's essential to carefully consider the potential risks and thoroughly evaluate the trustworthiness of the IP address before adding it to the whitelist.

This guide covers whitelisting an IP in ModSecurity on VPS or dedicated hosting.  As this does require root access, this option is not available on our Shared, WordPress, or Shared Reseller hosting.

Related Articles

Disable ModSecurity Rule
Unlocking WordPress Dashboard when Locked Out by ModSecurity
WordPress Elementor Server Error 406
 

Whitelist IP

IMPORTANT: This solution will require root access. If this needs to be obtained, follow the guide on requesting root access.

  1. SSH into the server as root
  2. Edit /etc/apache2/conf.d/modsec/modsec2.user.conf with your preferred text editor
    TIP: To edit the file using nano, use nano /etc/apache2/conf.d/modsec/modsec2.user.conf.
    NOTE: On CWP servers, edit /usr/local/apache/conf.d/mod_security.conf.

  3. Add the following to the file on its own line

    SecRule REMOTE_ADDR "@ipMatch 12.34.56.78" "phase:1,id:200000001,nolog,allow"

    REPLACE: 12.34.56.78 with the IP to whitelist.  
    TIP: If you're unsure of the IP to whitelist, have the target user or device visit inmotionhosting.com/ip and give you their IP.
    NOTE: If more than one IP needs to be whitelisted, it can be added to the ipMatch list by adding a comma followed by the second IP.
    EXAMPLE: In this example, we're whitelisting IPs 12.34.56.78 and 78.56.34.12.

    SecRule REMOTE_ADDR "@ipMatch 12.34.56.78,78,56,34,12" "phase:1,id:200000001,nolog,allow"
  4. Save and close the file
    TIP: To save and exit the file on nano, type <Ctrl+X> to exit followed by <Y> to save.

  5. Restart Apache by running

    /scripts/restartsrv_apache --restart

    NOTE: On CWP servers, restart Apache with systemctl apache restart.

Comments

0 comments

Article is closed for comments.