На laravel я сделал так:
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
class ipAssesMiddleware
{
// Not Blocked IP addresses
public $restrictedIp = [
['149.154.160.0', '149.154.175.255'],
['91.108.4.0', '91.108.7.255']
];
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$asses = false;
$reqIp = ip2long($request->ip());
foreach ($this->restrictedIp as $item => $value){
if ($reqIp >= ip2long($value[0]) && $reqIp <= ip2long($value[1])){
$asses = true;
}
}
if ($asses === false) {
return response()->json(['message' => "You are not allowed to access this site."], '403');
}
return $next($request);
}
}