Whitelisting an IP in Mod Security

At times, such as resolving a WordPress admin lockdown caused by a brute force attack, you may need to whitelist an IP within Mod Security. Whitelisting your IP will allow any requests from that particular IP that would normally be blocked by Mod Security to instead be allowed. In this article, we will show you how to whitelist an IP in Mod Security using the Modsec Manager in cPanel.

This article only applies to our Business Hosting, and Reseller Hosting plans.

    1. Log into cPanel.
    2. mod security 01 click modsec manager

      Once within cPanel, click on the Modsec Manager icon.

    3. mod security 02 enter ip

      You will then be on the Modsec Manager page. To whitelist your current IP, simply copy the IP labeled Your current IP is: and paste it into the text box. Once it is entered, click on the Add button.

    4. The Modsec Manager will now alert you that your IP has been successfully added to the whitelist.

Thoughts on “Whitelisting an IP in Mod Security

  • Everytime I whitelist an ip, I get the error Cannot restart apache. And the whitelisting does not seem to take effect for a long time – usually the next day it seems to be working. As I am traveling I need to whitelist new ips regularly and cannot wait a day each time. Can you help me understand why it doesn’t work right away or at least within a few minutes? 

    • If you are getting errors while whitelisting an IP, you will need to speak with our live technical support team. They have access to make immediate changes and can determine the cause of the problem.

  • As I mentioned above, the only option in modsecurity seems to be to turn mod security on or off for each domain.

    The instructions above talk about whitelisting an ip address. That doesn’t seem to be possible, or what am I not seeing?


    • I’m sorry. I missed the whitelist option at the bottom of the page for the Modsec Manager. Unfortunately, this option is not available on VPS or dedicated servers. If you wanted to whitelist an IP you would need to make custom changes via the command line( SSH access ).

  • I only see an option in cpanel to turn mod security on or off for each domain. I don’t see modsec manager. Is that because I’m on a VPS or is there another reason?

    And, if modsec manager isn’t available does that mean using SSH?


    • Jonathan, the Modsec Manager is only provided on our shared hosting platforms, but the functionality is the same between that and the ModSecurity icon on your VPS.

  • They can only be entered one at a time? Cloudflare recommended that I whitelist all of their IP addresses, and sent me a list of ranges – well over 200 – https://www.cloudflare.com/ips/


    • Yes, the tool in cPanel only allows you to add one IP address at a time. I recommend submitting a ticket request to live support, asking to whitelist the IP’s. They should be able to add them for you.

      Thank you,

Was this article helpful? Let us know!