PHPackages madmatt/silverstripe-iplists - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. madmatt/silverstripe-iplists ActiveSilverstripe-vendormodule[Security](/categories/security) madmatt/silverstripe-iplists ============================ Create allow and deny lists based on IP addresses 1.0.0(5y ago)31.0k2[1 issues](https://github.com/madmatt/silverstripe-iplists/issues)[1 PRs](https://github.com/madmatt/silverstripe-iplists/pulls)MITPHPCI failing Since Jul 22Pushed 2y ago2 watchersCompare [ Source](https://github.com/madmatt/silverstripe-iplists)[ Packagist](https://packagist.org/packages/madmatt/silverstripe-iplists)[ RSS](/packages/madmatt-silverstripe-iplists/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (7)Versions (2)Used By (0) IP allow/deny lists for SilverStripe ==================================== [](#ip-allowdeny-lists-for-silverstripe) This module provides the capability for administrators to define IP allow and deny lists, colloquially known as IP whitelist and blacklists. Installation ------------ [](#installation) ``` composer require madmatt/silverstripe-iplists vendor/bin/sake dev/build flush=1 ``` Visit `/admin/iplists` to define the allow and deny lists that you want. When *not* to use this module ----------------------------- [](#when-not-to-use-this-module) It's important to spell out when it's not a good idea to use this module. Specifically, it is not recommended to use this module to block IP addresses that are performing denial of service attacks on your website. This module hooks into Silverstripe CMS, meaning that the whole CMS and framework must boot before checking whether the IP address is allowed to access the website or not (so the website does 70% of the work it would do anyway). A much better way to block these attackers is to use a web application firewall such as Cloudflare, and block the offending IPs from accessing the entire website there. Configuration ------------- [](#configuration) By default, this module does not do anything beyond adding a new middleware into every request. This middleware does nothing on CLI. To have this module be useful, you need to configure one or more IP lists. Each IP list can contain multiple URI location rules, as well as both allow and deny rules to determine who can access the URI location rules you specify. You can configure lists in two different ways: in the CMS, and with developer-controlled YML files. ### CMS configuration [](#cms-configuration) IP lists can be managed in the CMS. As long as you're logged in as an `ADMIN`, you'll see an 'IP Lists' menu item, where you can create IP lists, add IPs to it, and configure them as needed. We recommend setting up an IP allowlist for `/admin` and `/Security` (if you don't need to allow the general public to login for anything) to ensure your CMS access is protected. ### YML configuration [](#yml-configuration) **Note:** YML configuration is not implemented yet. Use CMS configuration for now. This configuration API is likely to change, please don't trust the below. The intention with YML configuration is that these IP addresses are never (or 'very rarely') expected to change. For example, add the IP address of your office VPN here, but don't add your home IP - use the CMS interface for this so you can change it easily later. The below YML config fragment will (eventually) allow `127.0.0.1` and `10.0.0.2` access to login and view the SilverStripe CMS, and will deny `10.0.0.1` from viewing the website at all (despite the IP being in the allow list for the CMS, ``` Madmatt\IPLists\Model\IPList: admin_allowlist: routes: - /admin - /Security allow: - 127.0.0.1 - 10.0.0.1 - 10.0.0.2 wholesite_deny: routes: - / deny: - 10.0.0.1 ``` Why 'allow' and 'deny' instead of 'whitelist' and 'blacklist'? -------------------------------------------------------------- [](#why-allow-and-deny-instead-of-whitelist-and-blacklist) 1. Allow and Deny are more accurate terms than white and black. 2. Allow and Deny aren't racist terms. See also: 1. [Dan Williams' patch on the Linux Kernel Mailing List](https://lkml.org/lkml/2020/7/4/229) 2. [Google Developer documentation style guide](https://developers.google.com/style/word-list) 3. [Vince Cabansag - Creating inclusive naming conventions in technology](https://www.clockwork.com/news/creating-inclusive-naming-conventions-in-technology/) 4. [André Staltz on Twitter](https://twitter.com/andrestaltz/status/1030200563802230786) 5. [David Heinemeier Hansson & Rails codebase](https://github.com/rails/rails/issues/33677) ### Health Score 27 — LowBetter than 49% of packages Maintenance13 Infrequent updates — may be unmaintained Popularity19 Limited adoption so far Community9 Small or concentrated contributor base Maturity55 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 2120d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/a496a763166447513522eeff7b822da348a006ce474e5224b1fddbd839c736dc?d=identicon)[madmatt](/maintainers/madmatt) --- Top Contributors [![madmatt](https://avatars.githubusercontent.com/u/893117?v=4)](https://github.com/madmatt "madmatt (1 commits)") --- Tags securitysilverstripeIPcmsallowlistiplistsdenylist ### Code Quality TestsPHPUnit Code StylePHP\_CodeSniffer ### Embed Badge ![Health badge](/badges/madmatt-silverstripe-iplists/health.svg) ``` [![Health](https://phpackages.com/badges/madmatt-silverstripe-iplists/health.svg)](https://phpackages.com/packages/madmatt-silverstripe-iplists) ``` ### Alternatives [silverstripe/cms The SilverStripe Content Management System 5163.4M1.3k](/packages/silverstripe-cms)[bringyourownideas/silverstripe-maintenance Toolset to help with the day by day maintenance work. 32221.8k4](/packages/bringyourownideas-silverstripe-maintenance)[bringyourownideas/silverstripe-composer-security-checker Provides information if your SilverStripe application uses dependencies with known vulnerabilities. 11103.9k2](/packages/bringyourownideas-silverstripe-composer-security-checker)[feejin/silverstripe-securitytemplates Custom security templates to mirror CMS 128.1k1](/packages/feejin-silverstripe-securitytemplates) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)