Most of the time people want a username which is personal, and means something to them.

As developer, an admin or manager of any website, you would agree that sometimes, it’s important to be able to reserve certain names that you consider official. A good use case here is Twitter. No account names can contain Twitter or Admin unless they are official Twitter accounts.

Imagine you’re building an application that requires a dedicated URL like, but then, a user signups with a username ‘tailor’. This would result in conflict as the system could malfunction trying to determine which URL request to respond to. It becomes even more complicated when a user signs up on your application using words such as; Admin, User, Reset, etc as their usernames while creating a profile on your application.

Why don’t we secure these important words by preventing it users from being able to use them in the first place? In response to this, we created a package – Laravel Restricted which tells the application to index all the application’s route segments and restrict users from choosing them as a username.

How to setup

Install via composer composer require codulab/restricted

Add the following service provider to the array in: config/app.php


Publish the config

php artisan vendor:publish --tag=restricted_config

Now, you can simply add ‘restricted’ to your validations in the controller like so:

$this->validate($request, [
'name' => 'required|string|min:5',
'username' => 'required|restricted' // You’re restricting the username field.

You can also add a new validation message:

To view all the words you have ‘Restricted’, navigate to ‘public/restricted-usernames.txt’ file.

You should see this:

Now when you try to use one of the ‘Restricted’ usernames, you should see something similar to this:

    As far as your application requires a registration process, this package is a simple security measure to protect your website.

If you like Laravel Restricted, please STAR it, SHARE it with your friends, USE it and CONTRIBUTE to it.