HI Ryan,
  I appreciate your quick response and help.
 I am still not able to configure it properly.
Just like u said i added

SecFilterSelective REMOTE_HOST "^192\.168\.0\.94$" allow,pass
I tried putting it right below the SecFilterEnging and other places too. And i am getting this error in the log file. Maybe i am missing something.

Request: - - [25/Oct/2005:11:39:02 --0500] "GET /study_abroad/TMPzad38oxcyx.htm HTTP/1.1" 403 232
Handler: server-parsed
GET /study_abroad/TMPzad38oxcyx.htm HTTP/1.1
User-Agent: Contribute
Host: www.outreach.olemiss.edu
Cookie: phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bs%3A1%3A%223%22%3B%7D; PHPSESSID=59ded4be35990378545d942f2a11c0f9
mod_security-message: Access denied with code 403. Pattern match "/tmp" at THE_REQUEST
mod_security-action: 403

HTTP/1.1 403 Forbidden
Content-Length: 232

Could you help me?And Just for info i am trying to configure Macromedia Contribute.

Thanks a lot,


On 10/25/05, Ryan Barnett <rcbarnett@gmail.com> wrote:
Think of the mod_security directives (SecFilter|SecFilterSelective) as you would firewall rules in that the order in which they are specified in the httpd.conf file does matter.  Again, like firewall rules, once a filter matches the incoming HTTP request it will trigger the actions specified.  With this being said, if you want to "whitelist" an IP address to allow this client access, then add in a rule like this near the top of your Mod_Security directives -
SecFilterSelective REMOTE_HOST "^192\.168\.1\.100$" allow,pass
Add this just below the mod_security general directives (such as SecFilterEngine, etc....).
That should do it.

Ryan C. Barnett
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor: Securing Apache
Author: Preventing Web Attacks with Apache
On 10/25/05, Naveen Amradi <namradi@gmail.com > wrote:
HI All,

  Newbie of ModSecurity. I was wondering is there a way to
open up rules for certain ip addresses.

Thanks a gazillion!