Drupal is a registered trademark of Dries Buytaert
Protected Pages 3.0.0 Major update available for module protected_pages (3.0.0). Commerce Core 3.3.8 Minor update available for module commerce (3.3.8). Search API HTML Element Filter 1.0.7 Minor update available for module search_api_html_element_filter (1.0.7). Layout Builder Reorder 2.0.1 Minor update available for module layout_builder_reorder (2.0.1). Ban 1.1.0 Minor update available for module ban (1.1.0). Field Formatter Range 2.0.0 Major update available for module field_formatter_range (2.0.0). Field Formatter Range 8.x-1.8 Minor update available for module field_formatter_range (8.x-1.8). Varbase Media Header 9.2.1 Minor update available for module varbase_media_header (9.2.1). Search API Solr 4.3.11 Module search_api_solr updated after 14 months of inactivity (4.3.11). Content Translation Redirect Module content_translation_redirect crossed 1,000 active installs.

Ban

1,359 sites Security covered
View on drupal.org

This module allows site administrators to block specific IP addresses from accessing the site. It is designed to be fast and lightweight, intercepting requests quickly to help mitigate attacks.

Ban was a core module from Drupal 8 to 11 and has moved to contrib for Drupal 12.

#1570102: [Policy] Deprecate Ban module

Ban allows administrators to ban visitors or requests to their site from individual IP addresses.
The Ban module is made to be extremely fast and lightweight, so that in cases of DDoS the Ban middleware intercepts fast and with little memory footprint.

Post-Installation

To ban an IP address

  1. Navigate to /admin/config/people/ban.
  2. Enter an IP address (for example, 10.0.0.1).
  3. Click Add.

Drupal will prevent you from banning your own IP address.

To remove the ban from an IP address in the UI

  1. Navigate to the ban page (see above).
  2. Beside an IP address, click Delete.

Ban Drush Commands

Available commands for the "ban" namespace:
  ban:ban        [ban-ban] Ban an IP address.
  ban:flush      [ban:unban-all|ban-flush|ban-unban-all] Unban all IP addresses.
  ban:list       [ban-list] List all banned IP addresses.
  ban:unban      [ban-unban] Unban a specific IP address.
  ban:unban-all  Unban all IP addresses.

Ban Drupal CLI Commands

Available commands for the "ban" namespace:
  dr:ban        [ban-ban] Ban an IP address.
  dr:flush      [ban:unban-all|ban-flush|ban-unban-all] Unban all IP addresses.
  dr:list       [ban-list] List all banned IP addresses.
  dr:unban      [ban-unban] Unban a specific IP address.
  dr:unban-all  Unban all IP addresses.

(>= 1.1.0 #3606943: Add dr support in Ban)

  • Perimeter module uses ban to block IPs that accessed configured URLs
  • Crowdsec module uses ban to ban IPs by attack signals
  • Autoban module allows automatizing IP ban using watchdog table by the module rules.
  • For more advanced features and sophisticated levels of IP based protection, it is also worth considering system installed alternatives such as fail2ban

Alternative modules

Activity

Total releases
7
First release
Jul 2025
Latest release
16 hours ago
Releases (12 mo)
7 ▲ from 0
Maintenance
Active

Release Timeline

Releases

Version Type Release date
1.1.0 Stable Jul 17, 2026
1.1.0-beta3 Pre-release May 7, 2026
1.1.0-beta2 Pre-release Apr 2, 2026
1.1.0-beta1 Pre-release Mar 19, 2026
1.1.x-dev Dev Feb 24, 2026
1.0.0 Stable Jul 30, 2025
1.0.x-dev Dev Jul 25, 2025