Laravel 10 Restrict User Access From IP Address
Apr 27, 2023, Originally published at techvblogs.com ・3 min read
In this article, we will talk about Laravel 10 restricting user access from IP. You can see laravel 10 restrict ip address to access user. This article will give you a simple example of laravel 10 blocklist ip middleware. I explained step by step the laravel 10 middleware ip whitelist.
Sometimes, we want to restrict or block specific IP addresses from accessing our website. In this article, I will show how to create middleware and block IP addresses to access URLs.By restricting access based on IP address, website owners can ensure that only authorized users can access their site or service. This is especially useful for websites or services containing sensitive or confidential information or targeted at a specific geographic region. To implement IP address restrictions, website owners can use various tools and techniques, such as firewalls, access control lists, or web application firewalls. These tools can be configured to block access to a website or service from specific IP addresses or ranges of IP addresses or to allow access only from certain trusted IP addresses.
In this article, we will create one middleware as BlockIpMiddleware
, We will use that middleware on every secure API and URL. So see below the steps on how to complete this thing:
1. Install Laravel 10
First, start downloading or installing the new Laravel 10 setup in your terminal. Run the following command:
composer create-project --prefer-dist laravel/laravel <Your App Name>
2. Connect to the Database
In this step, Go to your project root directory, find the .env
file, and set up database credential as follow:
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=<Database Name>
DB_USERNAME=<Database Username>
DB_PASSWORD=<Database Password>
3. Create a Middleware
Next step, Create a middleware named class BlockIpMiddleware
. Run the following command:
php artisan make:middleware BlockIpMiddleware
Go to the app/Http/Middleware
folder and open the BlockIpMiddleware.php
file. Then update the following code into your BlockIpMiddleware.php
file:
<?php
namespace App\Http\Middleware;
use Closure;
class BlockIpMiddleware
{
// set IP addresses
public $blockIps = ['ip-addr-1', 'ip-addr-2', '127.0.0.1'];
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (in_array($request->ip(), $this->blockIps)) {
return response()->json([
'message' => "You don't have permission to access this website."
], 401);
}
return $next($request);
}
}
4. Register Middleware
Next step, register the middleware, so go to app/Http/
and open the Kernel.php
file. And register middleware as follow:
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
....
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
....
'blockIP' => \App\Http\Middleware\BlockIpMiddleware::class,
];
}
5. Use Middleware
In this step, Create one route and show you how to use middleware in the route file. Open routes/web.php
file and update following code:
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\UserController;
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
Route::middleware(['blockIP'])->group(function () {
Route::resource('users', UserController::class);
});
Thank you for reading this article.