ban

Ban was a core module from Drupal 8 to 11 and has moved to contrib for Drupal 12.

#1570102: [Policy] Deprecate Ban module

Ban allows administrators to ban visitors or requests to their site from individual IP addresses.
The Ban module is made to be extremely fast and lightweight, so that in cases of DDoS the Ban middleware intercepts fast and with little memory footprint.

Post-Installation

To ban an IP address

1. Navigate to /admin/config/people/ban.
2. Enter an IP address (for example, 10.0.0.1).
3. Click Add.

Drupal will prevent you from banning your own IP address.

To remove the ban from an IP address in the UI

1. Navigate to the ban page (see above).
2. Beside an IP address, click Delete.

Ban Drush Commands

Available commands for the "ban" namespace:
  ban:ban        [ban-ban] Ban an IP address.
  ban:flush      [ban:unban-all|ban-flush|ban-unban-all] Unban all IP addresses.
  ban:list       [ban-list] List all banned IP addresses.
  ban:unban      [ban-unban] Unban a specific IP address.
  ban:unban-all  Unban all IP addresses.

Additional modules & libraries

• Perimeter module uses ban to block IPs that accessed configured URLs
• Crowdsec module uses ban to ban IPs by attack signals
• Autoban module allows automatizing IP ban using watchdog table by the module rules.
• For more advanced features and sophisticated levels of IP based protection, it is also worth considering system installed alternatives such as fail2ban

Alternative modules

• Advanced Ban is not built upon Ban and provides advanced features like banning IP-ranges, configuring the ban message etc. - please note that this comes at a cost of performance, especially in cases of DDoS - for details see #2972332: Introduce the ability to use CIDR Notation to ban IP-Ranges