The following section explains how to add requests that match certain conditions to the Allowlist.

Custom Rule Syntax:

SecRule 'Variable "@match criteria"' "id:4000104,phase:1,t:none,pass,ctl:ruleEngine=off,chain" SecRule REMOTE_ADDR "@ipMatch 10.0.0.0/8" "t:none"

Example:

In this example, all requests from 10.0.0.0/8 to all URLs starting with /admin are added to Allowlist. As two conditions need to be fulfilled, a chain rule is used.

SecRule REQUEST_URI "@beginsWith /admin" "id:4000104,phase:1,t:none,pass,ctl:ruleEngine=off,chain" SecRule REMOTE_ADDR "@ipMatch 10.0.0.0/8" "t:none"