How to whitelist a specific URI in ModSecurity - Knowledgebase - Licenceman

How to whitelist a specific URI in ModSecurity Print

Scenario

While working with ModSecurity you may find it more convenient to whitelist a specific URI instead of allowing an IP address or disabling a rule completely. You can do this by editing just one configuration file on the system

Procedure

Ensure you have SSH access as the root user, as that will be required to make these changes
Use grep or another search function to locate the error in the Apache log (/etc/apache2/logs/error_log) to ensure you are whitelisting the correct URI. You'll want to note the URI and the ID number of the rule that was tripped.
Edit (or create the file if it does not yet exist) /etc/apache2/conf.d/whitelist.conf and add the following data where "/path/index.php"is the specific file you're working with:
- ```
<LocationMatch "/path/index.php">
SecRuleRemoveById 20002221
</LocationMatch>
```
Ensure the whitelist is correctly configured by running the following command:
- ```
apachectl -t
```
As long as the command from step 4 returns "Syntax OK" you are ready to restart Apache with this command and then your rule is in place:
- ```
/scripts/restartsrv_httpd
```

Was this answer helpful?

Knowledgebase

Categories

Categories

Tag Cloud

Support

How to whitelist a specific URI in ModSecurity Print

Scenario

Procedure

Was this answer helpful?

Related Articles

Tag Cloud

Support

Knowledgebase

Categories

Categories

Tag Cloud

Support

How to whitelist a specific URI in ModSecurity Print

Scenario

Procedure

Was this answer helpful?

Related Articles

Tag Cloud

Support

Generate Password