How To Restrict User Access From IP Address In Laravel 9

In this article, we will see how to restrict user access from IP addresses in laravel 9. Here, we will learn how to block IP addresses in laravel 7, laravel 8, and laravel 9. Sometimes we are required to restrict or block users using IP addresses or block from selected countries at that time you can create a blocklist of IP addresses or only allow a whitelist of IP addresses.

We use middleware to restrict or block the user's IP address in laravel 7, laravel 8, and laravel 9.

So, let's see the laravel 9 restrict user access using IP address, laravel 9 block countries, laravel 9 block IP address, and laravel restrict IP address.

In this step, we will install the laravel 9 application using the following command.

composer create-project laravel/laravel laravel_9_IP_Address

Now, we will create a BlockIPAddressMiddleware file using the following command.

php artisan make:middleware BlockIPAddressMiddleware

Now, open the app/Http/Middleware/BlockIPAddressMiddleware.php file and update the below code.

<?php
  
namespace App\Http\Middleware;
  
use Closure;
use Illuminate\Http\Request;
  
class BlockIPAddressMiddleware
{
    public $blockIPs = ['Block-IP-1', 'Block-IP-2', 'Block-IP-3'];
  
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
     */
    public function handle(Request $request, Closure $next)
    {
        if (in_array($request->ip(), $this->blockIPs)) {
            abort(403, "You are restricted to access the site.");
        }
  
        return $next($request);
    }
}

In this step, we will register the middleware file to the kernel.php file. So, add the following code to that file.

app/Http/Kernel.php

<?php
  
namespace App\Http;
  
use Illuminate\Foundation\Http\Kernel as HttpKernel;
  
class Kernel extends HttpKernel
{
    ....
  
    /**
     * The application's route middleware.
     *
     * These middleware may be assigned to groups or used individually.
     *
     * @var array
     */
    protected $routeMiddleware = [
        ....
        'blockIPAddress' => \App\Http\Middleware\BlockIPAddressMiddleware::class,
    ];
}

Now, we will use the BlockIPAddressMiddleware in the route file. So, update the web.php file.

routes/web.php

<?php
  
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\UserController;  
use App\Http\Controllers\PostController;
   
/*
|--------------------------------------------------------------------------
| Web Routes
|--------------------------------------------------------------------------
|
| Here is where you can register web routes for your application. These
| routes are loaded by the RouteServiceProvider within a group which
| contains the "web" middleware group. Now create something great!
|
*/
    
Route::middleware(['blockIPAddress'])->group(function () {
    Route::resource('users', UserController::class);
    Route::resource('post', PostController::class);
});

Now, run the laravel 9 restrict user access from the IP address using the following command.

php artisan serve

Output:

You might also like:

• Read Also: How To Get Client IP Address In Laravel 9
• Read Also: Laravel 9 Create Middleware For XSS Protection
• Read Also: Laravel 9 Multiple Authentication Using Middleware
• Read Also: Laravel 9 Multiple Authentication Using Middleware