web application firewall

Whitelist Scanner IP in Apache Modsecurity

Whitelisting scanner IP in modesecurity is very important, because at times Apache Modsecurity rejects scanner requests and result failing on Vulnerability Scanning.

In order to
Whitelist, we need to add below line in modsecurity.conf

[button color=”” size=”” type=”square_outlined” target=”” link=””]SecRule REMOTE_ADDR “@ipMatch 192.168.1.0/20” “id:1,phase:1,nolog,allow,ctl:ruleEngine=Off”[/button]

The above line will allow whole subnet of 254 of the IP range. We can change the IP according to our requirement.

Leave a Reply

Your email address will not be published.


*