Skip to content

skydiver/laravel-route-blocker

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Laravel Route Blocker

Block routes by IP

(inspired on Laravel Firewall)


Requirements

Laravel 5.x, 6.x, 7.x and 8.x


Installation

  1. To install through composer, run the following command from terminal:

    $ composer require skydiver/laravel-route-blocker
  2. Publish the config file:

    Run the following command to publish the package config file:

    $ php artisan vendor:publish --tag=LaravelRouteBlocker
Still using Laravel 5.4 or below?

Please add service provider to your config/app.php providers array:

'providers' => [
    ...
    Skydiver\LaravelRouteBlocker\LaravelRouteBlockerServiceProvider::class,
]

Usage

  1. Register middlewares in app/Http/Kernel.php on $routeMiddleware array:
        'blacklist' => \Skydiver\LaravelRouteBlocker\Middleware\BlacklistMiddleware::class,
        'whitelist' => \Skydiver\LaravelRouteBlocker\Middleware\WhitelistMiddleware::class,
    
  • Blacklist allows all traffic except matching rules.
  • Whitelist blocks all traffic except matching rules.
  • You can register both or just a single middleware.
  1. Create a config group on config/laravel-route-blocker.php and insert your allowed/blocked IPs:

        'whitelist' => [
            'my_group' => [
                '127.0.0.1',
                '192.168.17.0',
                '10.0.1.*'
            ],
            'another_group' => [
                '8.8.8.*'
            ],
        ],
        'blacklist' => [
            'blocked_ips' => [
                '127.0.0.1',
                '192.168.100.0',
            ],
            'blocked_ips2' => [
                '8.8.8.8',
            ],
        ],
    
    • You can create as many blacklist/whitelists groups as you wish and protect differents set of routes with differents IPs

    Also, you can configure to throw an HTTP status code or redirect to a custom URL:

    'redirect_to'      => '',   // URL TO REDIRECT IF BLOCKED (LEAVE BLANK TO THROW STATUS)
    'response_status'  => 403,  // STATUS CODE (403, 404 ...)
    'response_message' => ''    // MESSAGE (COMBINED WITH STATUS CODE)
    
  2. Put your protected routes inside a group and specify the whitelist parameter:

        // Only IPs matched on "my_group" will be allowed to access route
        Route::group(['middleware' => 'whitelist:my_group'], function() {
    
            Route::get('/demo', function () {
                return "DEMO";
            });
    
        });
    
        // Only IPs matched on "my_group" will be blocked to access route
        Route::group(['middleware' => 'blacklist:blocked_ips'], function() {
    
            Route::get('/private', function () {
                return "Private Page";
            });
    
        });
    

Artisan Commands

  • To get a list of current IPs groups run:

        $ php artisan route:blocks:groups
    
        +-----------------+--------------+-----------+
        | Group           | IP           | Type      |
        +-----------------+--------------+-----------+
        | allowed_group_1 | 127.0.0.1    | whitelist |
        | allowed_group_1 | 127.0.0.2    | whitelist |
        | allowed_group_1 | 192.168.17.0 | whitelist |
        | allowed_group_1 | 10.0.0.*     | whitelist |
        | allowed_group_2 | 8.8.8.8      | whitelist |
        | allowed_group_2 | 8.8.8.*      | whitelist |
        | allowed_group_2 | 8.8.4.4      | whitelist |
        | blocked_ips_1   | 127.0.0.1    | blacklist |
        | blocked_ips_1   | 127.0.0.2    | blacklist |
        | blocked_ips_1   | 192.168.17.0 | blacklist |
        | blocked_ips_1   | 10.0.0.*     | blacklist |
        | blocked_ips_2   | 8.8.8.8      | blacklist |
        | blocked_ips_2   | 8.8.8.*      | blacklist |
        | blocked_ips_2   | 8.8.4.4      | blacklist |
        +-----------------+--------------+-----------+
    

Testing

To manually run test suite:

vendor/bin/phpunit --verbose

Test files inside tests/Feature should be run by GitHub action only.