Reputation: 940
How to Whitelist an IP Address Using Mod_Security
I cannot access my magneto admin panel.I have added below code to .htaccess .syntax code is not working for me.please tell me how to disable the mod_security for my IP address.
syntax code:
SetEnvIfNoCase Remote_Addr ^208.xxx.xxx.103$ MODSEC_ENABLE=Off
**Error : **
Forbidden
You don't have permission to access /manage on this server.
Upvotes: 3
Views: 9858
Answers (2)
Reputation: 1164
It is important to know which phase you need to apply your rule. In my case, and maybe the most of the cases, you should user this command:
SecRule REMOTE_ADDR "@ipMatch 66.249.0.0/16" "id:26091975,phase:2,pass,nolog,allow,ctl:ruleEngine=Off"
You may notice that I am allowing Googlebot to access using a ip-block
You may read this official info to get more confident https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#ipMatch
I my particular case, I am using this command in: /usr/local/apache/conf/modsec2.user.conf
Upvotes: 6
Reputation: 612
if you decide to do with .htaccess per folder:
SetEnvIfNoCase Remote_Addr ^208\.xxx\.xxx\.103$ MODSEC_ENABLE=Off
If you decide to do with mod_security.conf per server:
SecRule REMOTE_ADDR "^208\.xxx\.xxx\.103$" phase:1,nolog,allow,ctl:ruleEngine=Off
Upvotes: 2
Related Questions
- How to whitelist Country for ModSecurity Rule?
- ModSecurity: Block all IPs except for a list of defined IPs
- ModSecurity Whitelisting for specific uri
- How to block by ip with Apache
- modsecurity whitelist ip range
- ModSecurity for URL Whitelisting
- IP Blacklisting Apache
- Block access from IP address in Apache2
- Mod Security2 deactivation rule only from a specified IP address
- Set an Apache IP Whitelist