Ticket Example : KQX-970-16301

A web application firewall (WAF) is an application firewall for HTTP applications. It applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. While proxies generally protect clients, WAFs protect servers.In order to whitelist an IP address in WAF server, you must first login to WAF server by SSH.

First, in order to check which user resides in the WAF server, you can execute


cd /etc/httpd/conf/vhosts


Then type the following line to go to check the specific whitelist directory


Cd /etc/modsecurity.d/owasp-modsecurity-crs/whitelist/100001/


Then add the IP address in the text file below


Cat list.txt


restart the service each time you make changes to the file
httpd -k graceful