Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

moonming/a6-plugin-ip-restriction

Name: a6-plugin-ip-restriction
Author: moonming

skills/a6-plugin-ip-restriction/SKILL.md

npx skillsauth add moonming/a6 a6-plugin-ip-restriction

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

a6-plugin-ip-restriction

Overview

The ip-restriction plugin controls access to routes based on client IP address. Configure a whitelist (only listed IPs allowed) or a blacklist (listed IPs blocked). Supports individual IPs and CIDR ranges for both IPv4 and IPv6.

When to Use

Restrict API access to known IP ranges (office, VPN, partners)
Block malicious IPs or IP ranges
Limit admin endpoints to internal networks
Implement geo-based access control at the IP level

Plugin Configuration Reference (Route/Service)

| Field | Type | Required | Default | Description | |-------|------|----------|---------|-------------| | whitelist | array[string] | Conditional* | — | IPs/CIDR ranges allowed access | | blacklist | array[string] | Conditional* | — | IPs/CIDR ranges denied access | | message | string | No | "Your IP address is not allowed" | Error message (1–1024 chars) | | response_code | integer | No | 403 | HTTP status on denial (403 or 404) |

*Constraint: Exactly one of whitelist or blacklist is required. Cannot use both simultaneously.

How IP Matching Works

Whitelist: Request allowed only if client IP matches an entry. All others blocked.
Blacklist: Request blocked if client IP matches an entry. All others allowed.
CIDR support: Full support for CIDR notation (e.g., 192.168.1.0/24, 10.0.0.0/8, 2001:db8::/32).
IPv4 and IPv6: Both address families supported.
Default IP source: Uses $remote_addr (direct client IP from the TCP connection).

Step-by-Step: Whitelist an IP Range

1. Create a route with ip-restriction

a6 route create -f - <<'EOF'
{
  "id": "internal-api",
  "uri": "/admin/*",
  "plugins": {
    "ip-restriction": {
      "whitelist": [
        "10.0.0.0/8",
        "172.16.0.0/12",
        "192.168.0.0/16"
      ]
    }
  },
  "upstream": {
    "type": "roundrobin",
    "nodes": {
      "backend:8080": 1
    }
  }
}
EOF

2. Verify access

# From allowed IP (e.g., 10.0.1.5) → 200 OK
curl -i http://127.0.0.1:9080/admin/dashboard

# From blocked IP → 403 Forbidden
# {"message": "Your IP address is not allowed"}

Step-by-Step: Blacklist Specific IPs

a6 route create -f - <<'EOF'
{
  "id": "public-api",
  "uri": "/api/*",
  "plugins": {
    "ip-restriction": {
      "blacklist": [
        "203.0.113.0/24",
        "198.51.100.42"
      ],
      "message": "Access denied from your network",
      "response_code": 403
    }
  },
  "upstream": {
    "type": "roundrobin",
    "nodes": {
      "backend:8080": 1
    }
  }
}
EOF

Common Patterns

Real client IP behind a proxy (X-Forwarded-For)

By default, ip-restriction uses $remote_addr which is the direct client (often a load balancer). To use the real client IP, combine with the real-ip plugin:

{
  "plugins": {
    "real-ip": {
      "source": "http_x_forwarded_for",
      "trusted_addresses": ["10.0.0.0/8"]
    },
    "ip-restriction": {
      "whitelist": ["203.0.113.0/24"]
    }
  }
}

Critical: Always set trusted_addresses in real-ip to prevent IP spoofing. Only accept X-Forwarded-For from known proxy IPs.

Custom 404 response (hide endpoint existence)

{
  "plugins": {
    "ip-restriction": {
      "blacklist": ["0.0.0.0/0"],
      "whitelist": ["10.0.0.0/8"],
      "response_code": 404,
      "message": "Not found"
    }
  }
}

Note: You cannot actually use both whitelist and blacklist. Use whitelist alone to achieve the same effect — all IPs not in the whitelist are blocked.

IPv6 CIDR ranges

{
  "plugins": {
    "ip-restriction": {
      "whitelist": [
        "2001:db8::/32",
        "::1"
      ]
    }
  }
}

Troubleshooting

| Symptom | Cause | Fix | |---------|-------|-----| | Legitimate users blocked | Using $remote_addr behind proxy | Add real-ip plugin with trusted_addresses | | All users blocked on whitelist | Client IPs not in whitelist CIDR | Verify IP ranges with curl ifconfig.me from client | | Cannot use both whitelist and blacklist | Schema enforces oneOf | Use whitelist only (blocks all non-listed) | | IP restriction not working after change | IP matchers are LRU-cached | Update the route config to bust cache |

Config Sync Example

version: "1"
routes:
  - id: internal-api
    uri: /admin/*
    plugins:
      ip-restriction:
        whitelist:
          - "10.0.0.0/8"
          - "172.16.0.0/12"
    upstream_id: admin-upstream
upstreams:
  - id: admin-upstream
    type: roundrobin
    nodes:
      "backend:8080": 1

moonming/a6-plugin-ip-restriction

skills/a6-plugin-ip-restriction/SKILL.md

Skill for configuring the Apache APISIX ip-restriction plugin via the a6 CLI. Covers IP whitelist/blacklist setup on routes, CIDR range support, IPv4/IPv6, real client IP extraction behind proxies, custom error messages, and common operational patterns.

tools

Updated Apr 21, 2026

$ install --global

skillsauth

npx skillsauth add moonming/a6 a6-plugin-ip-restriction

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 30, 2026, 12:33 PM6.2s1 file scanned

SKILL.md

name:: a6-plugin-ip-restriction
description:: >-
version:: 1.0.0
author:: Apache APISIX Contributors
license:: Apache-2.0
category:: plugin
apisix_version:: >=3.0.0
plugin_name:: ip-restriction

a6-plugin-ip-restriction

Overview

When to Use

Restrict API access to known IP ranges (office, VPN, partners)
Block malicious IPs or IP ranges
Limit admin endpoints to internal networks
Implement geo-based access control at the IP level

Plugin Configuration Reference (Route/Service)

*Constraint: Exactly one of whitelist or blacklist is required. Cannot use both simultaneously.

How IP Matching Works

Whitelist: Request allowed only if client IP matches an entry. All others blocked.
Blacklist: Request blocked if client IP matches an entry. All others allowed.
CIDR support: Full support for CIDR notation (e.g., 192.168.1.0/24, 10.0.0.0/8, 2001:db8::/32).
IPv4 and IPv6: Both address families supported.
Default IP source: Uses $remote_addr (direct client IP from the TCP connection).

Step-by-Step: Whitelist an IP Range

1. Create a route with ip-restriction

a6 route create -f - <<'EOF'
{
  "id": "internal-api",
  "uri": "/admin/*",
  "plugins": {
    "ip-restriction": {
      "whitelist": [
        "10.0.0.0/8",
        "172.16.0.0/12",
        "192.168.0.0/16"
      ]
    }
  },
  "upstream": {
    "type": "roundrobin",
    "nodes": {
      "backend:8080": 1
    }
  }
}
EOF

2. Verify access

# From allowed IP (e.g., 10.0.1.5) → 200 OK
curl -i http://127.0.0.1:9080/admin/dashboard

# From blocked IP → 403 Forbidden
# {"message": "Your IP address is not allowed"}

Step-by-Step: Blacklist Specific IPs

a6 route create -f - <<'EOF'
{
  "id": "public-api",
  "uri": "/api/*",
  "plugins": {
    "ip-restriction": {
      "blacklist": [
        "203.0.113.0/24",
        "198.51.100.42"
      ],
      "message": "Access denied from your network",
      "response_code": 403
    }
  },
  "upstream": {
    "type": "roundrobin",
    "nodes": {
      "backend:8080": 1
    }
  }
}
EOF

Common Patterns

Real client IP behind a proxy (X-Forwarded-For)

By default, ip-restriction uses $remote_addr which is the direct client (often a load balancer). To use the real client IP, combine with the real-ip plugin:

{
  "plugins": {
    "real-ip": {
      "source": "http_x_forwarded_for",
      "trusted_addresses": ["10.0.0.0/8"]
    },
    "ip-restriction": {
      "whitelist": ["203.0.113.0/24"]
    }
  }
}

Critical: Always set trusted_addresses in real-ip to prevent IP spoofing. Only accept X-Forwarded-For from known proxy IPs.

Custom 404 response (hide endpoint existence)

{
  "plugins": {
    "ip-restriction": {
      "blacklist": ["0.0.0.0/0"],
      "whitelist": ["10.0.0.0/8"],
      "response_code": 404,
      "message": "Not found"
    }
  }
}

Note: You cannot actually use both whitelist and blacklist. Use whitelist alone to achieve the same effect — all IPs not in the whitelist are blocked.

IPv6 CIDR ranges

{
  "plugins": {
    "ip-restriction": {
      "whitelist": [
        "2001:db8::/32",
        "::1"
      ]
    }
  }
}

Troubleshooting

Config Sync Example

version: "1"
routes:
  - id: internal-api
    uri: /admin/*
    plugins:
      ip-restriction:
        whitelist:
          - "10.0.0.0/8"
          - "172.16.0.0/12"
    upstream_id: admin-upstream
upstreams:
  - id: admin-upstream
    type: roundrobin
    nodes:
      "backend:8080": 1

Related Skills

moonming/a6-shared

tools

VerifiedTrustedCommunity

Core skill for working with the a6 CLI — the Apache APISIX command-line tool. Provides project conventions, command patterns, architecture overview, and development workflow. Load this skill when working on a6 source code, adding new commands, writing tests, or modifying any a6 component.

SKILL.mdUpdated Apr 21, 2026

moonming/a6-recipe-multi-tenant

tools

VerifiedTrustedCommunity

Recipe skill for implementing multi-tenant API gateway patterns using the a6 CLI. Covers tenant isolation via Consumer Groups, host/path/header-based routing, per-tenant rate limiting, context forwarding with proxy-rewrite, and declarative config sync workflows for multi-tenant management.

SKILL.mdUpdated Apr 21, 2026

moonming/a6-recipe-multi-tenant

moonming/a6-recipe-mtls

tools

VerifiedTrustedCommunity

Recipe skill for configuring mutual TLS (mTLS) using the a6 CLI. Covers SSL certificate management, upstream mTLS to backend services, client certificate verification, and end-to-end mTLS setup from client through APISIX to upstream.

SKILL.mdUpdated Apr 21, 2026

moonming/a6-recipe-mtls

moonming/a6-recipe-health-check

tools

VerifiedTrustedCommunity

Recipe skill for configuring upstream health checks using the a6 CLI. Covers active health checks (HTTP probing), passive health checks (response analysis), combining both, configuring healthy/unhealthy thresholds, and monitoring upstream node status.

SKILL.mdUpdated Apr 21, 2026

moonming/a6-recipe-health-check

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/moonming/a6.git

# Copy into Claude Code skills folder (global)
cp -r a6/skills/a6-plugin-ip-restriction ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

moonming/a6

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT