Laravel 9 Restrict User Access From IP Address

Laravel 9 Restrict User Access From IP Address

Laravel 9 restrict/block user access from IP address. In this tutorial, we will learn how to restrict or block a user by IP address for accessing the website.

Sometimes, you want to restrict users by specific IP addresses, So this tutorial will guide you step by step restrict users by specific IP addresses in laravel apps.

In this laravel restrict users by ip address, will create a custom middleware in laravel apps. This middleware filter users request by it’s ip address. If bad users request into your app this middleware block these user. This middleware allow only specific ip address users.

Restrict User Access from IP Address in Laravel 9

Use following steps and implement restrict user by ip address in laravel 9 app:

  • Install Laravel 9 App
  • Connecting App to Database
  • Create a Middleware
  • Register the Middleware

Step 1: Install Laravel 9 App

In this step, use the following command and download fresh laravel setup:

composer create-project --prefer-dist laravel/laravel blog

Step 2: Connecting App to Database

In this step, Go to your project root directory, find .env file and setup database credential as follow:

 DB_DATABASE=here your database name here
 DB_USERNAME=here database username here
 DB_PASSWORD=here database password here

Step 3: Create a Middleware

Next step, Run the following command to create a middleware named class BlockIpMiddleware:

php artisan make:middleware BlockIpMiddleware

Now, Go to app/Http/Middleware folder and open BlockIpMiddleware.php file. Then update the following code into your BlockIpMiddleware.php file:

namespace App\Http\Middleware;
use Closure;
class BlockIpMiddleware
    // set IP addresses
    public $blockIps = ['ip-addr-1', 'ip-addr-2', ''];
     * Handle an incoming request.
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
    public function handle($request, Closure $next)
        if (in_array($request->ip(), $this->blockIps)) {
            return response()->json(['message' => "You don't have permission to access this website."]);
        return $next($request);

Step 4: Register the Middleware

Next step, register the middleware, so go to app/Http/ and open Kernel.php file. And register middleware as follow:

protected $middlewareGroups = [
    'web' => [
    'api' => [


In this laravel block IP address example tutorial, you have learned how to block user by its IP address in laravel app.

Recommended Laravel Tutorials

If you have any questions or thoughts to share, use the comment form below to reach us.


Greetings, I'm Devendra Dode, a full-stack developer, entrepreneur, and the proud owner of My passion lies in crafting informative tutorials and offering valuable tips to assist fellow developers on their coding journey. Within my content, I cover a spectrum of technologies, including PHP, Python, JavaScript, jQuery, Laravel, Livewire, CodeIgniter, Node.js, Express.js, Vue.js, Angular.js, React.js, MySQL, MongoDB, REST APIs, Windows, XAMPP, Linux, Ubuntu, Amazon AWS, Composer, SEO, WordPress, SSL, and Bootstrap. Whether you're starting out or looking for advanced examples, I provide step-by-step guides and practical demonstrations to make your learning experience seamless. Let's explore the diverse realms of coding together.

Leave a Reply

Your email address will not be published. Required fields are marked *