hosted by liquidweb

Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : mod_security whitelist

Forum Jump

mod_security whitelist

Reply Post New Thread In Hosting Security and Technology Subscription
Send news tip View All Posts Thread Tools Search this Thread Display Modes
WHT Addict
Join Date: Oct 2005
Posts: 130

mod_security whitelist

googlebot always gets blocked.

[Tue Sep 23 03:02:37 2008] [error] [client] ModSecurity: Access denied with code 500 (phase 4). Pattern match "<b>Warning<\\/b>.{0,100}?:.{0,1000}?\\bon line\\b" at RESPONSE_BODY. [file "/usr/local/apache/conf/modsecurity/modsecurity_crs_50_outbound.conf"] [line "42"] [id "970009"] [msg "PHP Information Leakage"] [severity "WARNING"] [tag "LEAKAGE/ERRORS"] [hostname ""] [uri "/index.php"] [unique_id "wK49MEVIheIAAAF85nQAAAAd"]

How do i whitelist a range of IP or domain in mod_security?


__________________ - Mambo / Joomla Premiere Hosting (for all cms, blogs, forums)

Sponsored Links
Junior Guru Wannabe
Join Date: Sep 2008
Location: Bangalore
Posts: 77
My best solution is you just disable mod_security locally for this account alone using .htaccess file.

Just add the below in to it.

SecFilterEngine Off
SecAuditEngine Off

Security Ninja
Join Date: Mar 2003
Location: Canada
Posts: 8,826
If you're using mod_security v2, you can whitelist your website by adding the following entry to the mod_security configuration file:

SecRule SERVER_NAME "" phase:1,nolog,allow,ctl:ruleEngine=off

Patrick William | RACK911 Labs | Software Security Auditing
400+ Vulnerabilities Found - Get a Quote @ - Security notices for the hosting community.

Sponsored Links
WHT Addict
Join Date: Oct 2005
Posts: 130
sabarishks, That is your best solution? You probably don't own a server. There's no point for me installing mod_secutiry if i'm just gonna disable it in some accounts. Specially, that's the account that always get hacked.

Pat, thank for your help.

__________________ - Mambo / Joomla Premiere Hosting (for all cms, blogs, forums)

Last edited by Joomla; 09-23-2008 at 04:43 PM.
<insert something witty>
Join Date: Apr 2000
Location: California
Posts: 3,051
I wouldn't disable it for a site, though you can for some good reasons, and you should whitelist, maybe any spiders/bots by checking the USER_AGENT env var, which would make it easier. Exactly what is it flagging though? It looks like it was denying access to index.php, and regardless of it being a spider or not, this probably shouldn't be happening. If it's blocking a search engine spider, it might be blocking legitimate, normal users as well. What was in the body, "on line"?

WHT Addict
Join Date: Oct 2005
Posts: 130
I got the rules from I think their rules is a bit more restrictive. I've been trying to analyze the logs and I find a couple of false positives.

Do you have any example rules so I can quickly whitelist the spiders. It's just sometimes, mod_security syntax is sometimes difficult to follow.

__________________ - Mambo / Joomla Premiere Hosting (for all cms, blogs, forums)


Related posts from
Title Type Date Posted
Gartner: 75 Percent of Mobile Security Breaches through 2017 Result of App Misconfigurations Web Hosting News 2014-09-16 12:30:59
Bluebox Security Closes $18M Series B Funding Round Web Hosting News 2014-01-20 14:04:43
Trustwave Acquires Data Security Provider Application Security Inc. Web Hosting News 2013-11-11 12:49:52
Sophos Launches Cloud-Based Managed Security Service Web Hosting News 2013-10-29 17:53:59
WHMCS Security Issue Allows for Information Disclosure Web Hosting News 2013-10-25 09:30:46

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Log in with your username and password

Forgot Password?
WHT Host Brief Email:

We respect your privacy. We will never sell, rent, or give away your address to any outside party, ever.

Web Hosting News:
WHT Membership
WHT Membership



Welcome to

Create your username to jump into the discussion! is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.

(4 digit year)

Already a member?