An administrator can set a list of allowed and/or blocked IP addresses in Administration > Site administration > Security > IP blocker.
- By default, entries in the blocked list are processed first, but checking the box Allowed list will be processed first reverses this order.
- Each entry in the allowed or blocked list goes on one line, with either the full IP address, partial address or range. Blank lines or domain names written as text (like moodle.org) are ignored.
- If you're having difficulty with partial addresses remove the final dot; use (192.168 ) instead of as shown in the screenshot above.
Be aware that with any entries in the Allowed IP List, the effect is to allow ONLY those IP addresses and block all others. Exercise care with this setting, as it is possible to lock yourself out of Moodle.
If there are entries present in the Blocked IP List, any hosts for which Moodle cannot determine the IP address will be blocked by default. For example, hosts that are behind a web proxy server which does not pass the HTTP headers containing the remote IP address information. In this case Moodle cannot determine the host's IP address with which to compare against the Blocked IP List, so the host is blocked by default. A suggested workaround may be to change the Logged IP address source (getremoteaddrconf setting within Site administration > Server > HTTP > Reverse Proxy) from the default to "REMOTE_ADDR" which will log the IP address of the proxy server instead of the host behind it.
- Locked myself out forum discussion for details of what to do if you have inadvertently locked yourself out