Sign In
Access your IPWhois.net account
No account? Create one
Home / Blacklist / Docs / PHP / Laravel Integration

PHP / Laravel Integration

PHP functions and Laravel middleware. Step-by-step setup guide with code examples.
186,817 IPs 8,269 reports Free API
Quick Install
PHP 7.4+ Laravel Symfony CodeIgniter Apache Nginx

Sign in to get your API key for 1,000 req/day and profile attribution.

Download the guard file into your project:

curl -sL https://bl.ipwhois.net/api/php/plugin -o ipwhois-guard.php

Zero dependencies. Uses file_get_contents or curl. File-based cache in /tmp. Works with any PHP framework or standalone.

Requires: PHP 7.4+ curl or allow_url_fopen
What does it do?

A single PHP file that checks IPs against the IPWhois.net Blacklist with file-based caching (1 hour TTL). Include it at the top of any PHP script or use it as Laravel/Symfony middleware.

Block
Returns 403 for blacklisted IPs. Works standalone or as framework middleware.
Report
Report malicious IPs back to the blacklist via ipwhois_report() function.
Standalone PHP
ipwhois-guard.php
<?php function ipwhois_get_ip(): string { if (!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) return $_SERVER['HTTP_CF_CONNECTING_IP']; if (!empty($_SERVER['HTTP_X_REAL_IP'])) return $_SERVER['HTTP_X_REAL_IP']; if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) return trim(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])[0]); return $_SERVER['REMOTE_ADDR'] ?? ''; } function ipwhois_check(string $ip, int $min_confidence = 90): ?array { $cache_dir = sys_get_temp_dir() . '/ipwhois_cache'; if (!is_dir($cache_dir)) @mkdir($cache_dir, 0755, true); $cache_file = $cache_dir . '/' . md5($ip) . '.json'; if (file_exists($cache_file) && (time() - filemtime($cache_file)) < 3600) { $cached = json_decode(file_get_contents($cache_file), true); if ($cached && !empty($cached['listed']) && ($cached['confidence'] ?? 0) >= $min_confidence) return $cached; return null; } $ctx = stream_context_create(['http' => ['timeout' => 3]]); $json = @file_get_contents( 'https://bl.ipwhois.net/api/check?ip=' . urlencode($ip), false, $ctx); if ($json === false) return null; $data = json_decode($json, true); @file_put_contents($cache_file, $json); return (!empty($data['listed']) && ($data['confidence'] ?? 0) >= $min_confidence) ? $data : null; } function ipwhois_report(string $ip, string $type = 'brute-force', string $msg = ''): void { $ch = curl_init('https://bl.ipwhois.net/api/report'); curl_setopt_array($ch, [ CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query([ 'ip' => $ip, 'type' => $type, 'message' => $msg, 'source' => 'waf' ]), CURLOPT_RETURNTRANSFER => true, CURLOPT_TIMEOUT => 5, ]); curl_exec($ch); curl_close($ch); }

Usage

require_once 'ipwhois-guard.php'; $ip = ipwhois_get_ip(); $threat = ipwhois_check($ip); if ($threat) { http_response_code(403); die('Access denied.'); } // Report failed login after 5 attempts if (session_status() === PHP_SESSION_NONE && !defined('IS_CRAWLER')) session_start(); $_SESSION['login_fails'] = ($_SESSION['login_fails'] ?? 0) + 1; if ($_SESSION['login_fails'] >= 5) { ipwhois_report($ip, 'brute-force', 'PHP login: ' . $_SESSION['login_fails'] . ' failed'); }
Laravel Middleware
app/Http/Middleware/IPWhoisGuard.php
<?php namespace App\Http\Middleware; use Closure; use Illuminate\Http\Request; use Illuminate\Support\Facades\Cache; use Illuminate\Support\Facades\Http; class IPWhoisGuard { public function handle(Request $request, Closure $next) { $ip = $request->ip(); $data = Cache::remember("ipwhois_bl_{$ip}", 3600, function () use ($ip) { try { return Http::timeout(3)->get('https://bl.ipwhois.net/api/check', ['ip' => $ip])->json(); } catch (\Exception $e) { return ['listed' => false]; } }); if (!empty($data['listed']) && ($data['confidence'] ?? 0) >= 90) { abort(403, 'Access denied.'); } return $next($request); } }

Register in bootstrap/app.php (Laravel 11+):

->withMiddleware(function (Middleware $middleware) { $middleware->alias([ 'ipwhois' => \App\Http\Middleware\IPWhoisGuard::class, ]); })
Route::middleware('ipwhois')->group(function () { Route::post('/login', [AuthController::class, 'login']); Route::get('/admin', [AdminController::class, 'index']); });
Troubleshooting
  • allow_url_fopen disabled: Replace file_get_contents with curl in the check function.
  • Cache not writable: Ensure PHP can write to /tmp/ipwhois_cache/ or change $cache_dir.
  • Behind Cloudflare: The ipwhois_get_ip() function handles HTTP_CF_CONNECTING_IP automatically.
  • Behind load balancer: Configure trusted proxies in Laravel's TrustProxies middleware.
  • Symfony: Create an EventSubscriber on kernel.request and call ipwhois_check().