How to block IP addresses from accessing the application

How to block IP addresses from accessing the application

Middleware is a kind of rule which we enforce as per our requirement. Laravel has built-in middleware like Auth. We can create our own middleware as per the requirements and rules and block IP addresses from accessing the application.

Sometimes we need to validate the IP address in the application. We know that these days DDoS attacks are common on servers. Though most of the hosting provider provides the DDoS protection, Even some CDN provider also providing the DDoS protection on their plan.

We can block the user IP in different way like from the hosting panel or from the .htaccess in apache. In Laravel we can also block the user IP from accessing our application using the middleware and applying some rules in it.

You can restrict bad visitors by IP address or you can allow some specific IP address in PHP Laravel. You can perform this activity by creating middleware in the Laravel application.

By Laravel middleware you can form some rules on the routes of the application like Auth check, trim data, particular country visitors check, etc.

Create Middleware “IpCheckMiddleware” to block IP addresses from accessing the application

Let’s create a IpCheckMiddleware middleware using PHP artisan command.

php  artisan make:middleware IpCheckMiddleware

Now let’s configure the conditions and rules we want in our IpCheckMiddleware middleware. We have written below simple code to check the IP address in an array using in_array() method.


namespace App\Http\Middleware;
use Closure;
class IpCheckMiddleware
    public $restrictIps = ['' , '104.333.191.20'];
     * Handle an incoming request.
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
    public function handle($request, Closure $next)
        if (in_array($request->ip(), $this->restrictIps)) {
            return response()->json(['Your IP is blacklisted.']);
        return $next($request);

We need to registered this middleware in app/Http/Kernel.php

protected $routeMiddleware = [   
    'restrictIpAddress' => \App\Http\Middleware\IpCheckMiddleware::class,

Middleware has registered, you can use this middleware in the route of application.

Now you can define your middleware in route or you can call this in the particular controller constructor method.

Route::middleware(['restrictIpAddress'])->group(function () {
    //  your route code 

Conclusion :

Laravel is very useful in everything for PHP developers. It has a large community, so things always get easy when it comes to developing something in Laravel.

In the above article, we can see how easy it is to block IP addresses from accessing the application. Even we can generate the block IP list dynamic and block the real-time user on some specific condition.

For example, if we have to block the users from some particular contry then we can make check in middleware to check the country and if the users IP is from some particular country then we can block and perform some activity on that user.

You can also check How to use Session in Laravel