Here’s a simple PHP OOP-based class that you can use in a custom Drupal 10 module to implement IP blocking and whitelisting, along with a form to manage IPs.
1. Define the PHP Class (IPManager.php)
Put this in your module’s src/Service/IPManager.php.
PHPnamespace Drupal\your_module\Service;
use Symfony\Component\HttpFoundation\RequestStack;
class IPManager {
protected $requestStack;
// Define allowed and blocked IPs for simplicity.
protected $whitelist = ['127.0.0.1']; // Add your trusted IPs here.
protected $blacklist = ['192.168.1.10']; // Add blocked IPs here.
public function __construct(RequestStack $request_stack) {
$this->requestStack = $request_stack;
}
public function getClientIp() {
return $this->requestStack->getCurrentRequest()->getClientIp();
}
public function isWhitelisted(): bool {
return in_array($this->getClientIp(), $this->whitelist);
}
public function isBlacklisted(): bool {
return in_array($this->getClientIp(), $this->blacklist);
}
public function checkAccess(): bool {
if ($this->isWhitelisted()) {
return true;
}
if ($this->isBlacklisted()) {
return false;
}
return true; // Default allow
}
}
2. Register the Service (your_module.services.yml)
YAMLservices:
your_module.ip_manager:
class: Drupal\your_module\Service\IPManager
arguments: ['@request_stack']
3. Create a Simple Form to Manage IPs
Put this in src/Form/IPAccessForm.php:
PHPnamespace Drupal\your_module\Form; use Drupal\Core\Form\FormBase; use Drupal\Core\Form\FormStateInterface; class IPAccessForm extends FormBase { public function getFormId() { return 'ip_access_form'; } public function buildForm(array $form, FormStateInterface $form_state) { $form['whitelist'] = [ '#type' => 'textarea', '#title' => $this->t('Whitelisted IPs'), '#default_value' => '127.0.0.1', '#description' => $this->t('Enter one IP per line.'), ]; $form['blacklist'] = [ '#type' => 'textarea', '#title' => $this->t('Blacklisted IPs'), '#default_value' => '192.168.1.10', '#description' => $this->t('Enter one IP per line.'), ]; $form['submit'] = [ '#type' => 'submit', '#value' => $this->t('Save IPs'), ]; return $form; } public function submitForm(array &$form, FormStateInterface $form_state) { // For demo purposes, just show a message. Save to config for real use. $whitelist = $form_state->getValue('whitelist'); $blacklist = $form_state->getValue('blacklist'); \Drupal::messenger()->addStatus($this->t('Saved IP settings.')); } }4. Route and Menuyour_module.routing.yml:YAMLyour_module.ip_access_form: path: '/admin/config/ip-access' defaults: _form: '\Drupal\your_module\Form\IPAccessForm' _title: 'IP Access Settings' requirements: _permission: 'administer site configuration'5. Use the IP Check in a Controller or Event SubscriberExample use in a controller: PHP$ipManager = \Drupal::service('your_module.ip_manager'); if (!$ipManager->checkAccess()) { throw new \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException(); }