Laravel 10 Restrict User Access From IP Address - TechvBlogs

Laravel 10 Restrict User Access From IP Address

In this article, You will learn How to Restrict User Access from IP Addresses in Laravel 10.

Smit Pipaliya - Author - TechvBlogs
Smit Pipaliya

11 months ago

TechvBlogs - Google News

In this article, we will talk about Laravel 10 restricting user access from IP. You can see laravel 10 restrict ip address to access user. This article will give you a simple example of laravel 10 blocklist ip middleware. I explained step by step the laravel 10 middleware ip whitelist.

Sometimes, we want to restrict or block specific IP addresses from accessing our website. In this article, I will show how to create middleware and block IP addresses to access URLs.By restricting access based on IP address, website owners can ensure that only authorized users can access their site or service. This is especially useful for websites or services containing sensitive or confidential information or targeted at a specific geographic region. To implement IP address restrictions, website owners can use various tools and techniques, such as firewalls, access control lists, or web application firewalls. These tools can be configured to block access to a website or service from specific IP addresses or ranges of IP addresses or to allow access only from certain trusted IP addresses.
In this article, we will create one middleware as BlockIpMiddleware, We will use that middleware on every secure API and URL. So see below the steps on how to complete this thing:

1. Install Laravel 10

First, start downloading or installing the new Laravel 10 setup in your terminal. Run the following command:

composer create-project --prefer-dist laravel/laravel <Your App Name>

2. Connect to the Database

In this step, Go to your project root directory, find the .env file, and set up database credential as follow:

DB_DATABASE=<Database Name>
DB_USERNAME=<Database Username>
DB_PASSWORD=<Database Password>

3. Create a Middleware

Next step, Create a middleware named class BlockIpMiddleware. Run the following command:

php artisan make:middleware BlockIpMiddleware

Go to the app/Http/Middleware folder and open the BlockIpMiddleware.php file. Then update the following code into your BlockIpMiddleware.php file:

namespace App\Http\Middleware;
use Closure;
class BlockIpMiddleware
    // set IP addresses
    public $blockIps = ['ip-addr-1', 'ip-addr-2', ''];

     * Handle an incoming request.
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
    public function handle($request, Closure $next)
        if (in_array($request->ip(), $this->blockIps)) {
            return response()->json([
              'message' => "You don't have permission to access this website."
            ], 401);

        return $next($request);

4. Register Middleware

Next step, register the middleware, so go to app/Http/ and open the Kernel.php file. And register middleware as follow:

namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
     * The application's route middleware.
     * These middleware may be assigned to groups or used individually.
     * @var array
    protected $routeMiddleware = [
        'blockIP' => \App\Http\Middleware\BlockIpMiddleware::class,

5. Use Middleware

In this step, Create one route and show you how to use middleware in the route file. Open routes/web.php file and update following code:

use Illuminate\Support\Facades\Route;

use App\Http\Controllers\UserController;
| Web Routes
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
Route::middleware(['blockIP'])->group(function () {
    Route::resource('users', UserController::class);

Thank you for reading this article.

If you have any queries or doubts about this topic please feel free to contact us. We will try to reach you.

Comments (0)


Note: All Input Fields are required.