Ignore specific rules for a group of IP addresses

Is it possible to ignore specific rules (OWASP CRS for ModSecurity on NGINX) for a specific group of whitelisted IPs?

Thanks

Solution

Yes. You can add IP Based whitelisting for specific rules in ModSecurity. Please refer to the doc from the link below:

https://www.modsecurity.org/CRS/Documentation/exceptions.html

and

https://malware.expert/tutorial/how-to-whitelist-ip-address-with-modsecurity/

nginx logging $request_body as hexadecimal
Laravel: file_put_contents() permission denied — correct storage/framework/cache permissions?
EventSource / Server-Sent Events through Nginx
How to set custom domain in Nexus Repo without port in URL
Django doesn't serve static files with NGINX + GUNICORN
How to run two commands on Dockerfile?
Nginx reload error in mac osx
node server not accessible in docker container on aws
Nginx 403 Forbidden for location and localhost
How to deploy Rails sqlite3 database with Capistrano?
Nginx - Wordpress redirect
How do you change the server header returned by nginx?
Response returned only after kernel.terminate event
Restricting access to static files in Django/Nginx
Nginx keeps hitting connection limit although I only use one connection
Nginx v1.25.1 http2 on; new recommendation creating another warn
Second nginx route doesn't work when there are two NextJs applications hosted
Remove a part of a log in Loki
nginx - nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
Error 404 when accessing API via Nginx and Express
How do I open another port in a docker nginx container (only in the container; so, NOT publishing which is the -p flag)?
docker private registry with nginx reverse proxy freeze when pushing
Load balancer on Nginx give 502 Bad Gateway
Gunicorn service stopping under supervisor with docker
nginx: use environment variables
Nginx rewrite and change timestamp format
how to serve a specific page for each domain name pointing to my nextjs app using nginx
How to redirect a web page with a Hash in URL NGINX Ubuntu Server
nginx "server_tokens off" does not remove the server header
Accessing just a specific folder should redirect