PHPackages chrishardie/laravel-synced-ip-allowlist - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [HTTP & Networking](/categories/http) 4. / 5. chrishardie/laravel-synced-ip-allowlist ActiveLibrary[HTTP & Networking](/categories/http) chrishardie/laravel-synced-ip-allowlist ======================================= A Laravel package that provides HTTP middleware to allow access from a centralized list of IPs v0.1.0(11mo ago)011MITPHPPHP ^8.1CI failing Since Jun 1Pushed 5mo agoCompare [ Source](https://github.com/ChrisHardie/laravel-synced-ip-allowlist)[ Packagist](https://packagist.org/packages/chrishardie/laravel-synced-ip-allowlist)[ Docs](https://github.com/chrishardie/laravel-synced-ip-allowlist)[ GitHub Sponsors](https://github.com/ChrisHardie)[ RSS](/packages/chrishardie-laravel-synced-ip-allowlist/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (1)Dependencies (8)Versions (2)Used By (0) Laravel Synced IP Allowlist =========================== [](#laravel-synced-ip-allowlist) [![Latest Version on Packagist](https://camo.githubusercontent.com/c0f21ace638fd6de5db13998fcd46b2721d7b160229459bf32d462a943833971/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f63687269736861726469652f6c61726176656c2d73796e6365642d69702d616c6c6f776c6973742e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/chrishardie/laravel-synced-ip-allowlist)[![GitHub Tests Action Status](https://camo.githubusercontent.com/65f9ebe9a437f78f52486093e9180be75b260a9c145a742edfc07f4edb0d9555/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f63687269736861726469652f6c61726176656c2d73796e6365642d69702d616c6c6f776c6973742f72756e2d74657374732e796d6c3f6272616e63683d6d61696e266c6162656c3d7465737473267374796c653d666c61742d737175617265)](https://github.com/chrishardie/laravel-synced-ip-allowlist/actions?query=workflow%3Arun-tests+branch%3Amain)[![GitHub Code Style Action Status](https://camo.githubusercontent.com/429c7706361b641f1bd48e9b92a192f9378b81e75c9879d2b100431bf6a581aa/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f63687269736861726469652f6c61726176656c2d73796e6365642d69702d616c6c6f776c6973742f6669782d7068702d636f64652d7374796c652d6973737565732e796d6c3f6272616e63683d6d61696e266c6162656c3d636f64652532307374796c65267374796c653d666c61742d737175617265)](https://github.com/chrishardie/laravel-synced-ip-allowlist/actions?query=workflow%3A%22Fix+PHP+code+style+issues%22+branch%3Amain)[![Total Downloads](https://camo.githubusercontent.com/d8ee008615435f25416383eb630929a25c297cff7d4fef846d157e25d465d523/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f63687269736861726469652f6c61726176656c2d73796e6365642d69702d616c6c6f776c6973742e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/chrishardie/laravel-synced-ip-allowlist) A Laravel package that provides HTTP middleware to allow access from a centralized list of IPs Installation ------------ [](#installation) You can install the package via composer: ``` composer require chrishardie/laravel-synced-ip-allowlist ``` **Set Up Variables** If you haven't already, generate an encryption key to use across all apps retrieving the list of IP addresses. ``` php artisan key:generate --show base64:... ``` Copy the key to a secure location and store it in the `ALLOWED_IPS_KEY` environment variable, see below. Open `.env` and define these variables: ``` # The URL where the encrypted list of allowed IPs is publicized ALLOWED_IPS_URL="https://example.com/allowed-ips.txt" # Encryption key for securely publicizing the IP addresses allowed ALLOWED_IPS_KEY="base64:..." # An optional URL to redirect unauthorized users to ALLOWED_IPS_REDIRECT_URL="https://laravel.com/" ``` If you want to further change package behavior, you can optionally publish the config file with: ``` php artisan vendor:publish --tag="laravel-synced-ip-allowlist-config" ``` This is the contents of the published config file: ``` return [ // The URL where the encrypted list of IP addresses allowed in CIDR notation is available 'allowed_ips_url' => env('ALLOWED_IPS_URL', 'https://example.com/allowed-ips.txt'), // The encryption key for encrypting and decrypting the list of IP addresses 'allowed_ips_key' => env('ALLOWED_IPS_KEY', env('APP_KEY')), // The cache key used to store the list of allowed IP addresses 'allowed_ips_cache_key' => 'allowed-ips.cidrs', // An optional URL to redirect unauthorized users to instead of showing a 403 error 'unauthorized_redirect_url' => env('ALLOWED_IPS_REDIRECT_URL'), ]; ``` Usage ----- [](#usage) ### Encrypting and Publicizing Allowed IPs [](#encrypting-and-publicizing-allowed-ips) Encrypt your list of IP addresses: ``` php artisan ip-allowlist:encrypt ``` Paste or type in the list of IPs and get the encrypted result: ``` Enter allowed IPs/ranges (one per line). Finish input with CTRL+D (Linux/macOS) or CTRL+Z (Windows): # My first IP 12.34.56.78/32 # My second IP 98.76.54.32/32 Encrypted IP list: eyJpd... ``` Take the encrypted result and put it at a URL that will be accessible to the applications using this package, e.g. `https://example.com/allowed-ips.txt` ### Run Initial Sync [](#run-initial-sync) ``` php artisan ip-allowlist:sync ``` Result: ``` Fetching IP list from https://example.com/allowed-ips.txt Cached 2 CIDRs. ``` ### Future Syncs are Scheduled [](#future-syncs-are-scheduled) The sync process will run twice daily: ``` $ php artisan schedule:list | grep ip-allowlist 0 1,13 * * * php artisan ip-allowlist:sync ..... Next Due: 11 hours from now ``` ### Use the Middleware to Protect a Route [](#use-the-middleware-to-protect-a-route) In `bootstrap/app.php`, create or add to the list of available middleware aliases: ``` ... ->withMiddleware(function (Middleware $middleware) { $middleware->alias([ 'allowed-ips' => \ChrisHardie\SyncedIpAllowlist\Http\Middleware\RestrictByAllowedIps::class, ]); }) ... ``` Or, for older versions of Laravel, in `app/Http/Kernel.php`, add an entry to the list of named, available HTTP route middleware: ``` protected $routeMiddleware = [ 'allowed-ips' => \ChrisHardie\SyncedIpAllowlist\Http\Middleware\RestrictByAllowedIps::class, ]; ``` Then, in your routes file `routes/web.php`: ``` Route::middleware(['allowed-ips'])->group(function () { // Protected routes Route::get(...); Route::post(...); }); ``` Testing ------- [](#testing) ``` composer test ``` Changelog --------- [](#changelog) Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently. Credits ------- [](#credits) - [Chris Hardie](https://github.com/ChrisHardie) License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE.md) for more information. ### Health Score 28 — LowBetter than 54% of packages Maintenance61 Regular maintenance activity Popularity5 Limited adoption so far Community6 Small or concentrated contributor base Maturity35 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 346d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/1d92b67d645c17b1cda59ab8c5e1251b7e646e3a74ceecb63244f3c3fb82a9d9?d=identicon)[ChrisHardie](/maintainers/ChrisHardie) --- Top Contributors [![ChrisHardie](https://avatars.githubusercontent.com/u/311772?v=4)](https://github.com/ChrisHardie "ChrisHardie (9 commits)") --- Tags laravelChris Hardielaravel-synced-ip-allowlist ### Code Quality TestsPest Code StyleLaravel Pint ### Embed Badge ![Health badge](/badges/chrishardie-laravel-synced-ip-allowlist/health.svg) ``` [![Health](https://phpackages.com/badges/chrishardie-laravel-synced-ip-allowlist/health.svg)](https://phpackages.com/packages/chrishardie-laravel-synced-ip-allowlist) ``` ### Alternatives [omniphx/forrest A Laravel library for Salesforce 2724.4M8](/packages/omniphx-forrest)[sunchayn/nimbus A Laravel package providing an in-browser API client with automatic schema generation, live validation, and built-in authentication with a touch of Laravel-tailored magic for effortless API testing. 29428.0k](/packages/sunchayn-nimbus)[muhammadhuzaifa/telescope-guzzle-watcher Telescope Guzzle Watcher provide a custom watcher for intercepting http requests made via guzzlehttp/guzzle php library. The package uses the on\_stats request option for extracting the request/response data. The watcher intercept and log the request into the Laravel Telescope HTTP Client Watcher. 98239.8k1](/packages/muhammadhuzaifa-telescope-guzzle-watcher)[vormkracht10/laravel-mails Laravel Mails can collect everything you might want to track about the mails that has been sent by your Laravel app. 24149.7k](/packages/vormkracht10-laravel-mails)[pdphilip/cf-request Cloudflare Laravel Request 2725.6k1](/packages/pdphilip-cf-request)[api-platform/laravel API Platform support for Laravel 59126.4k6](/packages/api-platform-laravel) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)