Laravel 7 Restrict IP Address From Accessing Website
Laravel 21-Jan-2021

Laravel 7 Restrict IP Address From Accessing Website

Laravel restrict/block IP address from accessing the website example, you will learn how to restrict or block a user by IP address for accessing the website.

Sometimes, you want to restrict users by specific IP addresses, So this tutorial will guide you step by step restrict users by specific IP addresses in laravel apps.

In this laravel restrict users by ip address, will create a custom middleware in laravel apps. This middleware filter users request by it’s ip address. If bad users request into your app this middleware block these user. This middleware allow only specific ip address users.

Laravel Restrict IP Addresses from Accessing Website

Just follow the below steps and restrict user by ip address in laravel app:

  • Download Laravel Setup
  • Configure .env file
  • Create a Middleware
  • Register the Middleware

Step 1: Download Laravel Setup

In this step, use the following command and download fresh laravel setup:

composer create-project --prefer-dist laravel/laravel blog

Step 2: Configure .env file

In this step, Go to your project root directory, find .env file and setup database credential as follow:

 DB_DATABASE=here your database name here
 DB_USERNAME=here database username here
 DB_PASSWORD=here database password here

Step 3: Create a Middleware

Next step, Run the following command to create a middleware named class BlockIpMiddleware:

php artisan make:middleware BlockIpMiddleware

Now, Go to app/Http/Middleware folder and open BlockIpMiddleware.php file. Then update the following code into your BlockIpMiddleware.php file:

namespace App\Http\Middleware;
use Closure;
class BlockIpMiddleware
    // set IP addresses
    public $blockIps = ['ip-addr-1', 'ip-addr-2', ''];
     * Handle an incoming request.
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
    public function handle($request, Closure $next)
        if (in_array($request->ip(), $this->blockIps)) {
            return response()->json(['message' => "You don't have permission to access this website."]);
        return $next($request);

Step 4: Register the Middleware

Next step, register the middleware, so go to app/Http/ and open Kernel.php file. And register middleware as follow:

protected $middlewareGroups = [
    'web' => [
    'api' => [


In this laravel block IP address example tutorial, you have learned how to block user by its IP address in laravel app.

If you have any questions or thoughts to share, use the comment form below to reach us.