On file modsec2.user.conf in cPanel we added following rules:
<LocationMatch .*>
SecRule REMOTE_ADDR "@pmFromFile /xxx/xxx/whitelist" "nolog,phase:1,allow,id:1000001"
</LocationMatch>
<LocationMatch .*>
# BUG - Login CMS cookie expired
SecRuleRemoveById 391213
</LocationMatch>...