Laravel 10 Restrict User Access From IP Address Tutorial
Apr 11, 2023 . Admin
Hi dev,
Hello, all! In this article, we will talk about laravel 10 restrict user access from ip. you can see laravel 10 restrict ip address to access user. This tutorial will give you a simple example of laravel 10 blacklist ip middleware. I explained simply step by step laravel 10 middleware ip whitelist.
Sometimes, we want to restrict or block specific IP addresses to access our website. in this tutorial I will show how to create middleware and block IP addresses to access URL.By restricting access based on IP address, website owners can ensure that only authorized users are able to access their site or service. This is especially useful for websites or services that contain sensitive or confidential information, or that are targeted at a specific geographic region. To implement IP address restrictions, website owners can use a variety of tools and techniques, such as firewalls, access control lists, or web application firewalls. These tools can be configured to block access to a website or service from specific IP addresses or ranges of IP addresses, or to allow access only from certain trusted IP addresses.
In this tutorial example, we will create one middleware as "BlockIpMiddleware" and we will use that middleware on every secure api and url. So just see bellow steps how to complete this things:
Step 1: Install LaravelThis step is not required; however, if you have not created the laravel app, then you may go ahead and execute the below command:
composer create-project laravel/laravel example-appStep 2: Create Middleware
In this step, open terminal and run below command to create BlockIpMiddleware middleware file, so let's run below command:
php artisan make:middleware BlockIpMiddleware
Now, it's created new BlockIpMiddleware.php file. you have to add block ips on $blockIps array list. let's update following code on this file.
app/Http/Middleware/BlockIpMiddleware.php<?php namespace App\Http\Middleware; use Closure; use Illuminate\Http\Request; use Symfony\Component\HttpFoundation\Response; class BlockIpMiddleware { public $blockIps = ['whitelist-ip-1', 'whitelist-ip-2', '127.0.0.1']; /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse */ public function handle(Request $request, Closure $next): Response { if (in_array($request->ip(), $this->blockIps)) { abort(403, "You are restricted to access the site."); } return $next($request); } }Step 3: Register Middleware
In this file, we need to register middleware on Kernel.php file. we will call blockIP of new created middleware. so let's update following file.
app/Http/Kernel.php<?php namespace App\Http; use Illuminate\Foundation\Http\Kernel as HttpKernel; class Kernel extends HttpKernel { .... /** * The application's route middleware. * * These middleware may be assigned to groups or used individually. * * @var array */ protected $routeMiddleware = [ .... 'blockIP' => \App\Http\Middleware\BlockIpMiddleware::class, ]; }Step 4: Use Middleware
In this step, we will create one route and show you how to use middleware in route file. so let's open your route file and update following code:
routes/web.php<?php use Illuminate\Support\Facades\Route; use App\Http\Controllers\RSSFeedController; use App\Http\Controllers\UserController; /* |-------------------------------------------------------------------------- | Web Routes |-------------------------------------------------------------------------- | | Here is where you can register web routes for your application. These | routes are loaded by the RouteServiceProvider within a group which | contains the "web" middleware group. Now create something great! | */ Route::middleware(['blockIP'])->group(function () { Route::resource('users', UserController::class); Route::resource('rss', RSSFeedController::class); });Run Laravel App:
All the required steps have been done, now you have to type the given below command and hit enter to run the Laravel app:
php artisan serve
Now, Go to your web browser, type the given URL and view the app output:
http://localhost:8000/users