PHPackages mattitjaab/bad-ip-blocker - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. mattitjaab/bad-ip-blocker ActiveLibrary[Security](/categories/security) mattitjaab/bad-ip-blocker ========================= Block IPs based on a remote JSON file. v1.1.0(5mo ago)0136MITPHPPHP ^8.2 Since Jul 31Pushed 5mo agoCompare [ Source](https://github.com/MattitjaAB/bad-ip-blocker)[ Packagist](https://packagist.org/packages/mattitjaab/bad-ip-blocker)[ RSS](/packages/mattitjaab-bad-ip-blocker/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (4)Dependencies (2)Versions (5)Used By (0) Bad IP Blocker for Laravel ========================== [](#bad-ip-blocker-for-laravel) Block incoming requests from known bad IP addresses using a centralized JSON feed. This package fetches a list of bad IPs from a remote API hosted by [Mattitja AB](https://mattitja.se) and caches them locally. Requests from matching IPs are immediately blocked with a `418` response. Features -------- [](#features) - Automatically blocks known malicious IPs - Pulls IP list from a centralized JSON endpoint - Caches data locally to avoid repeated API calls - Designed to run globally across all routes Installation ------------ [](#installation) ``` composer require mattitjaab/bad-ip-blocker ``` Usage ----- [](#usage) ### Register as global middleware in Laravel 12 [](#register-as-global-middleware-in-laravel-12) Edit `bootstrap/app.php`: ``` use Mattitja\BadIpBlocker\Middleware\CheckBadIps; use Illuminate\Foundation\Configuration\Middleware; return Application::configure(basePath: dirname(__DIR__)) ->withRouting( web: __DIR__.'/../routes/web.php', api: __DIR__.'/../routes/api.php', ... ) ->withMiddleware(function (Middleware $middleware) { $middleware->append(CheckBadIps::class); }) ->create(); ``` This ensures the middleware runs globally on every incoming request. How it works ------------ [](#how-it-works) - On each request, the middleware checks if the client's IP exists in a cached JSON file. - If the cache is missing or older than one hour, it attempts to refresh from `https://bad-ip.mattitja.cloud/api/json`. - If the IP is found in the list, the request is blocked with a `418` response. Cache location -------------- [](#cache-location) Cached data is stored using Laravel's Cache facade (default: file driver): ``` storage/framework/cache/data/ ``` To clear the cache and force a refresh: ``` php artisan cache:forget bad-ip-blocker ``` Or clear all cache: ``` php artisan cache:clear ``` Example response when blocked ----------------------------- [](#example-response-when-blocked) ``` HTTP/1.1 418 Blocked Content-Type: text/plain Blocked. ``` Maintained by Mattitja AB ------------------------- [](#maintained-by-mattitja-ab) This package is maintained by [Mattitja AB](https://mattitja.se) and is intended for internal use across multiple projects. License ------- [](#license) MIT License © Mattitja AB ### Health Score 37 — LowBetter than 83% of packages Maintenance70 Regular maintenance activity Popularity10 Limited adoption so far Community6 Small or concentrated contributor base Maturity52 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~38 days Total 4 Last Release 169d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/2f056a6d34a58ca4e884445093eb513ee4ae7977ecdd937c099a3ea8399cac0d?d=identicon)[Mattitja](/maintainers/Mattitja) --- Top Contributors [![mathiaspalmqvist](https://avatars.githubusercontent.com/u/51116221?v=4)](https://github.com/mathiaspalmqvist "mathiaspalmqvist (12 commits)") ### Code Quality Code StyleLaravel Pint ### Embed Badge ![Health badge](/badges/mattitjaab-bad-ip-blocker/health.svg) ``` [![Health](https://phpackages.com/badges/mattitjaab-bad-ip-blocker/health.svg)](https://phpackages.com/packages/mattitjaab-bad-ip-blocker) ``` ### Alternatives [illuminate/encryption The Illuminate Encryption package. 9229.7M280](/packages/illuminate-encryption)[tzsk/otp A secure, database-free One-Time Password (OTP) generator and verifier for PHP and Laravel. 241641.4k1](/packages/tzsk-otp)[genealabs/laravel-governor Managing policy and control in Laravel. 201262.8k](/packages/genealabs-laravel-governor)[dgtlss/warden A Laravel package that proactively monitors your dependencies for security vulnerabilities by running automated composer audits and sending notifications via webhooks and email 8745.6k](/packages/dgtlss-warden)[ercsctt/laravel-file-encryption Secure file encryption and decryption for Laravel applications 642.6k](/packages/ercsctt-laravel-file-encryption)[laragear/poke Keep your forms alive, avoid TokenMismatchException by gently poking your Laravel app 2211.5k](/packages/laragear-poke) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)