The mod_security plugin for the Apache Web server is designed to facilitate system security by blocking suspicious or unauthorised requests to your server. IP addresses that are not white listed by mod_security will have security rules applied to them, causing the system to scrutinise their traffic and possibly deny access to files.
- Skill level:
- Moderately Easy
Other People Are Reading
Open the ".htaccess" file for the directory or website mod_security runs on in your preferred text editor. These files are stored within the secured directory of your site.
Open the Search function. Type "SecRule" and press "Enter."
Above the first "SecRule," or security rule, in your .htaccess file, add the following line of text:
SecRule REMOTE_ADDR "^192.168.0\101$" phase:1,nolog,allow,ctl:ruleEngine=Off
Replace "192.168.0.101" with the IP address you would like to white list. Be sure to add a backslash before each period in the address. For example, "127.0.0.1" should be typed as "127.0.0.1"
Repeat the whitelist action for any additional secured domains within their ".htaccess" file.
Tips and warnings
- You should white list system administrators, as they frequently need to perform tasks that mod_security will block.
- 20 of the funniest online reviews ever
- 14 Biggest lies people tell in online dating sites
- Hilarious things Google thinks you're trying to search for