IP Restrictor

Restrict what IP addresses can access the Craft CMS control panel and front-end


IP Restrictor requires PHP 8.0.2 or greater and Craft CMS 4.0.0 or 5.0.0 or greater.



1. Open your terminal and go to your Craft project:

cd /path/to/project

2. Then tell Composer to load the plugin:

composer require jrrdnx/craft-ip-restrictor

3. In the Control Panel, go to Settings -> Plugins and click the "Install" button for IP Restrictor.


Visit the IP Restrictor page in the Plugin Store in your control panel and click the Install button.

Plugin Settings

Plugin settings can be managed through Settings > Plugins > IP Restrictor, or you can copy the `config.php` file from the package root to your craft/config/ directory as `ip-restrictor.php`. This file is multi-environment aware just like Craft's `general.php` so you can have different values for different environments.

Two fields exist for each of the following settings, one for the control panel and one for the front-end:


Allows you to quickly enable/disable the restriction of IP addresses that can access the control panel or front-end. Helpful to disable on dev or staging environments but enable on production.


A list of IP addresses and/or CIDR blocks to whitelist for access to the control panel or front-end.

Restriction method

Determines what happens to users who do not meet the IP requirements to access the control panel or front-end:

  • Redirect URL: users will be redirected to another URL (this can be a page on the current site or a third-party URL altogether).
  • Template: renders the content of the specified template