How to whitelist IP address for ModSecurity

Follow

Comments

2 comments

  • Avatar
    Alban Staehli

    Would the below rule to whitelist IP and turn off all rules (meaning modsec is turned off for that particular IP) work as well?

    SecRule REMOTE_ADDR "^203\.0\.113\2$"
    phase:1,nolog,allow,ctl:ruleEngine=Off
  • Avatar
    Denis Bykov

    @Alban Staehli
    Starting from ModSecurity 2.7, IDs became mandatory.
    Apart from it, that is also a valid method:

    SecRule REMOTE_ADDR "^203\.0\.113\2$"
    id:88888,phase:1,nolog,allow,ctl:ruleEngine=Off

Please sign in to leave a comment.

Have more questions? Submit a request