Just need pointed in the right direction.
I need to manage whitelisting of IP’s on multiple servers for ModSecurity. As whitelists grow, I’d rather have a single .txt file to maintain where each modsec instance checks against it and executes the whitelist. I need to add 100’s of IP’s now on 30 servers, and I don’t see updating that to each one. Hopefully that makes sense.
Currently the below works on each server, but is there a way to put a reference to a file we’ll call /file/location/whitelist.txt (that I can maintain from one spot) in here instead of all the IP’s listed individually on each server?
SecRule REMOTE_ADDR “@ipMatch xx.xx.xx.xx,xx.xx.xx.xx,xx.xx.xx.xx,xx.xx.xx.xx,xx.xx.xx.xx.xx,xx.xx.xx.xx,xx.xx.xx.xx,xx.xx.xx.xx,xx.xx.xx.xx”
“id:10001,
phase:1,
pass,
nolog,
ctl:ruleEngine=Off”
