diff --git a/web/app_dev.php b/web/app_dev.php
index 0ba2029..6b8d760 100644
--- a/web/app_dev.php
+++ b/web/app_dev.php
@@ -6,13 +6,7 @@
 
 // this check prevents access to debug front controllers that are deployed by accident to production servers.
 // feel free to remove this, extend it, or make something more sophisticated.
-if (!in_array(@$_SERVER['REMOTE_ADDR'], array(
-    '127.0.0.1',
-    '::1',
-))) {
-    header('HTTP/1.0 403 Forbidden');
-    exit('You (' . @$_SERVER['REMOTE_ADDR'] . ') are not allowed to access this file. Check '.basename(__FILE__).' for more information.');
-}
+require_once __DIR__.'/check_ip.php';
 
 require_once __DIR__.'/../app/bootstrap.php.cache';
 require_once __DIR__.'/../app/AppKernel.php';
diff --git a/web/check_ip.php b/web/check_ip.php
new file mode 100644
index 0000000..7240642
--- /dev/null
+++ b/web/check_ip.php
@@ -0,0 +1,11 @@
+<?php
+if (!in_array(@$_SERVER['REMOTE_ADDR'], array(
+    '127.0.0.1',
+    '::1',
+    '82.131.168.149', // Vörös Oroszlán - 2012 április 13.
+    '94.21.19.129',   // Otthon         - 2012 április 13.
+    '89.133.219.66',  // Brokernet      - 2012 április 17.
+))) {
+    header('HTTP/1.0 403 Forbidden');
+    exit('You (' . @$_SERVER['REMOTE_ADDR'] . ') are not allowed to access this file. Check '.basename(__FILE__).' for more information.');
+}
diff --git a/web/config.php b/web/config.php
index 8bb72e4..f2461c0 100644
--- a/web/config.php
+++ b/web/config.php
@@ -4,13 +4,7 @@ if (!isset($_SERVER['HTTP_HOST'])) {
     exit('This script cannot be run from the CLI. Run it from a browser.');
 }
 
-if (!in_array(@$_SERVER['REMOTE_ADDR'], array(
-    '127.0.0.1',
-    '::1',
-))) {
-    header('HTTP/1.0 403 Forbidden');
-    exit('You (' . @$_SERVER['REMOTE_ADDR'] . ') are not allowed to access this file. Check '.basename(__FILE__).' for more information.');
-}
+require_once __DIR__.'/check_ip.php';
 
 $majorProblems = array();
 $minorProblems = array();