Restrict logins by IP or allow local IP login only #3265

New Issue

OVERLORD · 2026-02-05T06:12:57+03:00

OVERLORD commented

2026-02-05 06:12:57 +03:00

Originally created by @nekonoire on GitHub (Oct 12, 2022).

Describe the feature you'd like

Hello! I want to start off by saying that BookStack has been absolutely fantastic for my documentation use so far, both for my personal use and for my company's internal team.

One feature I would like to request is the ability to restrict logins by IP, or only allow local IP logins. The use case here is that I have a public BookStack Instance that have Public Access enabled, for quickly sharing documentations with other people. From public url, the BookStack login page is accessible. If BookStack can restrict the login by IP, it would add additional security by only allowing local logins.

Describe the benefits this would bring to existing BookStack users

If BookStack can restrict the login by IP, it would add additional security by only allowing local logins. This way, any attempts to login from the public url can be automatically denied.

Can the goal of this request already be achieved via other means?

Not sure. Perhaps a workaround can be denying the /login page all together within Apache/NGINX for the public url?

Have you searched for an existing open/closed issue?

I have searched for existing issues and none cover my fundemental request

How long have you been using BookStack?

0 to 6 months

Additional context

No response

Originally created by @nekonoire on GitHub (Oct 12, 2022). ### Describe the feature you'd like Hello! I want to start off by saying that BookStack has been absolutely fantastic for my documentation use so far, both for my personal use and for my company's internal team. One feature I would like to request is the ability to restrict logins by IP, or only allow local IP logins. The use case here is that I have a public BookStack Instance that have Public Access enabled, for quickly sharing documentations with other people. From public url, the BookStack login page is accessible. If BookStack can restrict the login by IP, it would add additional security by only allowing local logins. ### Describe the benefits this would bring to existing BookStack users If BookStack can restrict the login by IP, it would add additional security by only allowing local logins. This way, any attempts to login from the public url can be automatically denied. ### Can the goal of this request already be achieved via other means? Not sure. Perhaps a workaround can be denying the /login page all together within Apache/NGINX for the public url? ### Have you searched for an existing open/closed issue? - [X] I have searched for existing issues and none cover my fundemental request ### How long have you been using BookStack? 0 to 6 months ### Additional context _No response_

OVERLORD added the 🔨 Feature Request label 2026-02-05 06:12:57 +03:00

OVERLORD closed this issue

2026-02-05 06:12:59 +03:00

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#3265