blockip icon indicating copy to clipboard operation
blockip copied to clipboard

Block requests from specified IPs in Laravel.


Latest Version on Packagist Software License Build Status

Block requests from specified IPs quick and easy in Laravel. Highly customizable.

Version Compatibility

Laravel blockip
5.3.x 1.x.x
5.4.x 2.x.x
5.5/5.6/5.7/5.8 3.x.x
^6.0 4.x.x
^7.0 5.x.x
^8.0 6.x.x


Via Composer

$ composer require olssonm/blockip

Add the service provider to the providers array in config/app.php (auto-detection also available in newer Laravel-versions).


    'providers' => [


This backage sets up the blockip-middleware for use in your application. All routes that uses the middlareware is protected from unwanted requests.

Use in a group


    Route::group(['middleware' => 'blockip'], function() {
        Route::get('/', ['as' => 'start', 'uses' => 'StartController@index']);
        Route::get('/page', ['as' => 'page', 'uses' => 'StartController@page']);

Singe route


    Route::get('/', [
        'as' => 'start',
        'uses' => 'StartController@index',
        'middleware' => 'blockip'


Run the command $ php artisan vendor:publish --provider="Olssonm\Blockip\BlockipServiceProvider" to publish the packages configuration. In config/blockip.php you can edit your settings:


return [

    // IPs to block
    'ips' => [
        '',   // an example of a single IP
        ''      // an example of an IP-range with CIDR-notation

    // Message for blocked requests
    'error_message'     => '401 Unauthorized.',

    // Uncomment to use a view instead of plaintext message
    // 'error_view'     => 'blockip::default',

    // Environments where the middleware is active
    'envs'              => [

    // Main handler for the getIp(), getIpsToBlock() and getError-methods().
    // Check the documentation on how to customize this to your liking.
    'handler'           => Olssonm\Blockip\Handlers\BlockipHandler::class,


Everything here is pretty much self explanatory, but because the blockip-handler is customizable you can pretty much change every aspect of the middleware.

If you want to write your own handler, you should implement the Olssonm\Blockip\Handlers\BaseHandler-interface, like so:


use Olssonm\Blockip\Handlers\BaseHandler;

class MyHandler implements BaseHandler {

     * @return string
    public function getIp() {
        // Method to retrieve the request IP

     * @return array
    public function getIpsToBlock() {
        // Method to set what IPs to be blocked

     * @return response
    public function getError() {
        // Method to set the response

Using the system you have the ability to for example make your getIpsToBlock()-method check IPs from an API, your getError() return a JSON-response etc. etc.

Note: the default handler already checks for the special HTTP_CF_CONNECTING_IP-header when using the Cloudflare CDN.


$ composer test


$ phpunit

Laravel always runs in the "testing" environment while running tests. Make sure that testing is set in the envs-array in blockip.php.


The MIT License (MIT). Please see License File for more information.

© 2021 Marcus Olsson.