Whitelist rule with LocationMatch

Tutorial

Sometimes you need disable ModSecurity rules in specific url or program, because it causes false positives. This tutorial we show how you can whitelist rule or rules with apache LocationMatch directive. LocationMatch examples WordPress admin <locationmatch “/wp-(admin|login)/”> SecRuleRemoveById 150005 SecRuleRemoveById 150006 </locationmatch> phpmyadmin <locationmatch “/phpmyadmin/”> SecRuleRemoveById 150005 SecRuleRemoveById 150006 </locationmatch> Depend your server configuration, like … Read more

How to Whitelist IP Address with ModSecurity

Tutorial

If your business has a website, you may be familiar with the mod_security module for Apache Web servers. If you are new to ModSecurity, start by reading our comprehensive article: What is ModSecurity. Occasionally, you might need to bypass the module filters to accommodate a testing environment or to allow access for a particular IP … Read more

Find and disable ModSecurity rule with SecRuleRemoveById

Find and disable ModSecurity rule

In this article we show how to find and disable ModSecurity rule that might be causing 406 errors on your websites on either your VPS (Virtual Private Server) or dedicated server. The rules that ModSecurity uses can help block potential attack attempts from malicious users, but sometimes it can also block legitimate requests, and knowing … Read more

Whitelist ModSecurity Rule With ClamAV Scans

In this article I’m going to discuss how to find and Whitelist specific ModSecurity rules that might be causing 406 errors on your websites on either your VPS (Virtual Private Server) or dedicated server. The rules that ModSecurity uses can help block potential attack attempts from malicious users upload malware to servers, but sometimes it … Read more