Awesome Open Source
Awesome Open Source

Laravel Route Blocker

Block routes by IP

(inspired on Laravel Firewall)


Requirements

Laravel 5.x, 6.x, 7.x and 8.x


Installation

  1. To install through composer, run the following command from terminal:

    $ composer require skydiver/laravel-route-blocker
    
  2. Publish the config file:

    Run the following command to publish the package config file:

    $ php artisan vendor:publish --tag=LaravelRouteBlocker
    
Still using Laravel 5.4 or below?

Please add service provider to your config/app.php providers array:

'providers' => [
    ...
    Skydiver\LaravelRouteBlocker\LaravelRouteBlockerServiceProvider::class,
]

Usage

  1. Register middlewares in app/Http/Kernel.php on $routeMiddleware array:
        'blacklist' => \Skydiver\LaravelRouteBlocker\Middleware\BlacklistMiddleware::class,
        'whitelist' => \Skydiver\LaravelRouteBlocker\Middleware\WhitelistMiddleware::class,
    
  • Blacklist allows all traffic except matching rules.
  • Whitelist blocks all traffic except matching rules.
  • You can register both or just a single middleware.
  1. Create a config group on config/laravel-route-blocker.php and insert your allowed/blocked IPs:

        'whitelist' => [
            'my_group' => [
                '127.0.0.1',
                '192.168.17.0',
                '10.0.1.*'
            ],
            'another_group' => [
                '8.8.8.*'
            ],
        ],
        'blacklist' => [
            'blocked_ips' => [
                '127.0.0.1',
                '192.168.100.0',
            ],
            'blocked_ips2' => [
                '8.8.8.8',
            ],
        ],
    
    • You can create as many blacklist/whitelists groups as you wish and protect differents set of routes with differents IPs

    Also, you can configure to throw an HTTP status code or redirect to a custom URL:

    'redirect_to'      => '',   // URL TO REDIRECT IF BLOCKED (LEAVE BLANK TO THROW STATUS)
    'response_status'  => 403,  // STATUS CODE (403, 404 ...)
    'response_message' => ''    // MESSAGE (COMBINED WITH STATUS CODE)
    
  2. Put your protected routes inside a group and specify the whitelist parameter:

        // Only IPs matched on "my_group" will be allowed to access route
        Route::group(['middleware' => 'whitelist:my_group'], function() {
    
            Route::get('/demo', function () {
                return "DEMO";
            });
    
        });
    
        // Only IPs matched on "my_group" will be blocked to access route
        Route::group(['middleware' => 'blacklist:blocked_ips'], function() {
    
            Route::get('/private', function () {
                return "Private Page";
            });
    
        });
    

Artisan Commands

  • To get a list of current IPs groups run:

        $ php artisan route:blocks:groups
    
        +-----------------+--------------+-----------+
        | Group           | IP           | Type      |
        +-----------------+--------------+-----------+
        | allowed_group_1 | 127.0.0.1    | whitelist |
        | allowed_group_1 | 127.0.0.2    | whitelist |
        | allowed_group_1 | 192.168.17.0 | whitelist |
        | allowed_group_1 | 10.0.0.*     | whitelist |
        | allowed_group_2 | 8.8.8.8      | whitelist |
        | allowed_group_2 | 8.8.8.*      | whitelist |
        | allowed_group_2 | 8.8.4.4      | whitelist |
        | blocked_ips_1   | 127.0.0.1    | blacklist |
        | blocked_ips_1   | 127.0.0.2    | blacklist |
        | blocked_ips_1   | 192.168.17.0 | blacklist |
        | blocked_ips_1   | 10.0.0.*     | blacklist |
        | blocked_ips_2   | 8.8.8.8      | blacklist |
        | blocked_ips_2   | 8.8.8.*      | blacklist |
        | blocked_ips_2   | 8.8.4.4      | blacklist |
        +-----------------+--------------+-----------+
    

Testing

To manually run test suite:

vendor/bin/phpunit --verbose

Test files inside tests/Feature should be run by GitHub action only.

Related Awesome Lists
Top Programming Languages
Top Projects

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Php (289,823
Laravel (41,070
Security (31,926
Block (21,202
Routes (8,882
Firewall (3,258
Laravel Package (2,107
Blacklist (1,791
Whitelist (1,741
Ips (1,714
Ip Blacklist (11