haxneeraj / laraguard-ip
A Laravel middleware to guard your application via IP and country-level control.
Requires
- php: >=8.0
- ext-json: *
Requires (Dev)
- guzzlehttp/guzzle: ^7.0
- guzzlehttp/psr7: ^2.0
- illuminate/console: ^9.0 || ^10.0 || ^11.0 || ^12.0
- illuminate/database: ^9.0 || ^10.0 || ^11.0 || ^12.0
- illuminate/http: ^9.0 || ^10.0 || ^11.0 || ^12.0
- illuminate/support: ^9.0 || ^10.0 || ^11.0 || ^12.0
- larastan/larastan: ^2.9
- laravel/pint: ^1.16
- mockery/mockery: ^1.7
- orchestra/testbench: ^8.18
- phpunit/phpunit: ^10.5
- symfony/http-foundation: ^5.0 || ^6.0 || ^7.0
Suggests
- illuminate/console: For command line integration
- illuminate/database: For exception handling and DB checks
- illuminate/http: For HTTP request handling
- illuminate/support: Required for Laravel integration
- symfony/http-foundation: For response and request objects
README
๐ซ Laraguard-IP
A powerful Laravel package to protect your application using IP-based, country-based, and spam-blacklist-based middleware.
Created with โค๏ธ by Neeraj Saini (opens in new tab)
โจ Features
- โ IP Whitelist Only Mode
- ๐ Country Whitelist Mode (GeoIP-based) (COMING SOON)
- โ Spam Protection using blocklists (like AbuseIPDB)
- ๐ง IP compression & JSON-based caching
- ๐ก๏ธ Middleware-based access control
- ๐ ๏ธ Artisan command to fetch & cache spam IPs
๐ฆ Installation
composer require haxneeraj/laraguard-ip
๐ Configuration
1. Add the Service Provider
Add the service provider to the config/app.php file (this step may be optional if you're using Laravel's package auto-discovery):
For Laravel 10 and below:
'providers' => [ // Other service providers... Haxneeraj\LaraguardIp\Providers\LaraguardIpServiceProvider::class, ],
For Laravel 11:
Add the service provider to the bootstrap/providers.php file (this step may be optional if you're using Laravel's package auto-discovery):
return [ // Other service providers... Haxneeraj\LaraguardIp\Providers\LaraguardIpServiceProvider::class, ];
2. Publish the config file
php artisan vendor:publish --provider="Haxneeraj\LaraguardIp\Providers\LaraguardIpServiceProvider" --tag=config
This will create a config file at:
config/laraguard-ip.php
๐งน Middleware Usage
The middleware is automatically registered via the package's service provider.
You can directly use it in your routes like this:
Apply to Routes
Route::middleware(['laraguard-ip'])->group(function () { // Protected routes });
โ๏ธ Configuration Options
Here's a summary of available config values:
| Key | Description | Default |
|---|---|---|
laraguardip_spam_protection |
Enable blocklist protection | false |
whitelist_only_access |
Only allow IPs in whitelist_ips |
false |
country_whitelist_only |
Only allow from country_whitelist |
false |
whitelist_ips |
Safe IPs | ['127.0.0.1'] |
country_whitelist |
Allowed ISO country codes | ['IN', 'US'] |
sources |
Blocklist sources (URL) | AbuseIPDB |
path |
Blocklist storage path | storage/framework/cache/laraguard-ip.json |
compress |
Enable IP compression | true |
๐ Fetch & Cache Blacklist IPs
You can fetch and store the latest spam IPs from the defined sources:
php artisan laraguardip:update
- Downloads IPs from
config('laraguard-ip.sources') - Saves to
laraguard-ip.json - Caches the list forever using Laravel's Cache
โ How It Works
- โ Denies access if IP is not whitelisted (if enabled)
- ๐ Blocks requests from unwanted countries (if enabled)
- โ Checks IPs against blacklist
- ๐ Cache and config driven โ no DB required
๐งช Example .env
LARAGUARDIP_SPAM_PROTECTION=true LARAGUARDIP_WHITELIST_ONLY=false LARAGUARDIP_COUNTRY_WHITELIST_ONLY=false LARAGUARDIP_STORAGE_PATH=framework/cache/laraguard-ip.json LARAGUARDIP_STORAGE_COMPRESS=true
๐งช Tests
This package comes with feature and unit tests to ensure everything works smoothly.
๐ Run Tests
composer test
๐ง Want to Contribute?
Pull requests are welcome! Feel free to fork, raise issues or drop ideas.
๐ License
MIT ยฉ Neeraj Saini (opens in new tab)