ModSecurity - ByPass IP address in DirectAdmin GUI
- Open
- Subscribe
|
G |
George To |
Hello DA,
May I suggest to allow end-user to bypass (whitelist) some IP address for individual account for ModSecurity inside DirectAdmin GUI?
---
Basically, nowadays, I can use the following in custom HTTP configuration -
SecRule REMOTE_ADDR "@pmFromFile /usr/local/directadmin/data/users/xxxxxx/modsec-ip-whitelist.txt" "phase:1,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off,id:4992yyyy"
where
- xxxxxx = DA username ,
- yyyy = Linux UID of that user
4992yyyy (basically, make a custom rule id only, not special for 4992)
I add the the IPv4(s) into file modsec-ip-whitelist.txt
It is working fine in CentOS 7, CentOS 8 platform (Apache 2.4.x)
---
Notes:
- I use it for IPv4 , not sure IPv6
Reference: github.com/SpiderLabs/ModSecurity/issues/278
Thank you for your kind attention
Regards
George