diff --git a/fabfile/locale.py b/fabfile/locale.py
index 7c577b3d8a..4b653d9490 100644
--- a/fabfile/locale.py
+++ b/fabfile/locale.py
@@ -34,7 +34,7 @@ def pull():
 def compile():
     """Compile po files.
     """
-    local('django-admin.py compilemessages && cd seahub/two_factor && django-admin.py compilemessages')
+    local('django-admin.py compilemessages && pushd seahub/two_factor && django-admin.py compilemessages && popd && pushd seahub/trusted_ip && django-admin.py compilemessages')
 
 ########## utility functions
 def _inplace_change(filename, old_string, new_string):
diff --git a/seahub/auth/middleware.py b/seahub/auth/middleware.py
index a5a9b1a491..ebf7f92829 100644
--- a/seahub/auth/middleware.py
+++ b/seahub/auth/middleware.py
@@ -1,15 +1,6 @@
 # Copyright (c) 2012-2016 Seafile Ltd.
-import json
-
 from django.contrib import auth
 from django.core.exceptions import ImproperlyConfigured
-from django.core.urlresolvers import reverse
-from django.http import HttpResponse, HttpResponseRedirect, HttpResponseForbidden
-from django.shortcuts import render_to_response
-
-from seahub.utils.ip import get_remote_ip
-from seahub.trusted_ip.models import TrustedIP
-from seahub.settings import ENABLE_LIMIT_IPADDRESS, TRUSTED_IP_LIST
 
 
 class LazyUser(object):
@@ -20,23 +11,6 @@ class LazyUser(object):
         return request._cached_user
 
 
-class LimitIpMiddleware(object):
-    def process_request(self, request):
-        ip = get_remote_ip(request)
-        if ENABLE_LIMIT_IPADDRESS:
-            if not TrustedIP.objects.match_ip(ip) and ip not in TRUSTED_IP_LIST:
-                if "api2/" in request.path or "api/v2.1/" in request.path:
-                    return HttpResponse(
-                        json.dumps({"err_msg": "you can't login, because IP \
-                                    address was not in range"}),
-                        status=403,
-                        content_type='application/json; charset=utf-8'
-                    )
-                else:
-                    return render_to_response('403_trusted_ip.html', status=403)
-        return None
-
-
 class AuthenticationMiddleware(object):
     def process_request(self, request):
         assert hasattr(request, 'session'), "The Django authentication middleware requires session middleware to be installed. Edit your MIDDLEWARE_CLASSES setting to insert 'django.contrib.sessions.middleware.SessionMiddleware'."
diff --git a/seahub/settings.py b/seahub/settings.py
index 5c1888a24e..1611977ff3 100644
--- a/seahub/settings.py
+++ b/seahub/settings.py
@@ -113,7 +113,6 @@ MIDDLEWARE_CLASSES = (
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
-    'seahub.auth.middleware.LimitIpMiddleware',
     'seahub.auth.middleware.AuthenticationMiddleware',
     'seahub.base.middleware.BaseMiddleware',
     'seahub.base.middleware.InfobarMiddleware',
@@ -122,6 +121,7 @@ MIDDLEWARE_CLASSES = (
     'seahub.base.middleware.UserPermissionMiddleware',
     'termsandconditions.middleware.TermsAndConditionsRedirectMiddleware',
     'seahub.two_factor.middleware.OTPMiddleware',
+    'seahub.trusted_ip.middleware.LimitIpMiddleware',
 )
 
 SITE_ROOT_URLCONF = 'seahub.urls'
@@ -179,6 +179,7 @@ LANGUAGES = (
 LOCALE_PATHS = (
     os.path.join(PROJECT_ROOT, 'locale'),
     os.path.join(PROJECT_ROOT, 'seahub/two_factor/locale'),
+    os.path.join(PROJECT_ROOT, 'seahub/trusted_ip/locale'),
 )
 
 TEMPLATE_CONTEXT_PROCESSORS = (
diff --git a/seahub/templates/js/sysadmin-templates.html b/seahub/templates/js/sysadmin-templates.html
index 3adfba0436..9b4f74f68c 100644
--- a/seahub/templates/js/sysadmin-templates.html
+++ b/seahub/templates/js/sysadmin-templates.html
@@ -210,9 +210,7 @@
             </li>
             <% } %>
             <% if (app.pageOptions.is_pro & app.pageOptions.enable_limit_ipaddress) { %>
-            <li class="tab <% if (cur_tab == 'settings') { %> ui-state-active <% } %>">
-                <a href="#device-trusted-ip/" class="a">{% trans "Trusted IP Address" %}</a>
-            </li>
+            {% include "trusted_ip/sysadmin-templates_tab.html" %}
             <% } %>
         </ul>
     </div>
@@ -222,7 +220,7 @@
                 <th width="22%">{% trans "User" %}</th>
                 <th width="17%">{% trans "Platform" %} / {% trans "Version" %}</th>
                 <th width="22%">{% trans "Device Name" %}</th>
-                <th width="17%">{% trans "IP Address" %}</th>
+                <th width="17%">{% trans "IP" %}</th>
                 <th width="17%">{% trans "Last Access" %}</th>
                 <th width="5%"></th>
             </tr>
@@ -266,9 +264,7 @@
                 <a href="#device-errors/" class="a">{% trans "Errors" %}</a>
             </li>
             <% if (app.pageOptions.is_pro & app.pageOptions.enable_limit_ipaddress) { %>
-            <li class="tab <% if (cur_tab == 'settings') { %> ui-state-active <% } %>">
-                <a href="#device-trusted-ip/" class="a">{% trans "Trusted IP Address" %}</a>
-            </li>
+            {% include "trusted_ip/sysadmin-templates_tab.html" %}
             <% } %>
         </ul>
         <button id="clean-device-errors" class="fright hide"><span class="vam">{% trans "Clean" %}</span></button>
@@ -306,57 +302,7 @@
     <td><time title='<%- time %>'><%- time_from_now %></time></td>
 </script>
 
-<script type="text/template" id="device-trusted-ipaddresses-tmpl">
-    <div class="hd ovhd">
-        <ul class="tab-tabs-nav fleft">
-            <li class="tab <% if (cur_tab == 'desktop') { %> ui-state-active <% } %>">
-                <a href="#desktop-devices/" class="a">{% trans "Desktop" %}</a>
-            </li>
-            <li class="tab <% if (cur_tab == 'mobile') { %> ui-state-active <% } %>">
-                <a href="#mobile-devices/" class="a">{% trans "Mobile" %}</a>
-            </li>
-            <% if (is_pro) { %>
-            <li class="tab <% if (cur_tab == 'errors') { %> ui-state-active <% } %>">
-                <a href="#device-errors/" class="a">{% trans "Errors" %}</a>
-            </li>
-            <% } %>
-            <li class="tab <% if (cur_tab == 'settings') { %> ui-state-active <% } %>">
-                <a href="#device-trusted-ip/" class="a">{% trans "Trusted IP Address" %}</a>
-            </li>
-        </ul>
-        <div class="js-op-for-all fright">
-           <button id="add-trusted-ip-btn">{% trans "Add IP Address" %}</button>
-        </div>
-    </div>
-    <table class="hide">
-        <thead>
-            <tr>
-                <th width="80%">{% trans "IP Address" %}</th>
-                <th width="20%"></th>
-            </tr>
-        </thead>
-        <tbody>
-        </tbody>
-    </table>
-    <span class="loading-icon loading-tip"></span>
-    <div class="empty-tips hide">
-        <h2 class="alc">{% trans "No Trusted IP Address" %}</h2>
-    </div>
-</script>
-
-<script type="text/template" id="add-trusted-ipaddress-form-tmpl">
-    <form id="add-trusted-ip-form" class="hide">{% csrf_token %}
-        <h3>{% trans "Add Trusted IP Address" %}</h3>
-        <input name="ipaddress" id="ipaddress" class="input" /><br />
-        <p class="error hide"></p>
-        <button id="add-ip-form-btn">{% trans "Submit" %}</button>
-    </form>
-</script>
-
-<script type="text/template" id="device-trusted-ipaddress-item-tmpl">
-    <td><%- ip %></td>
-    <td><a href="#" class="sf2-icon-delete sf2-x trusted-ip-delete-btn op-icon vh" title="{% trans "Delete" %}" aria-label="{% trans "Delete" %}"></a></td>
-</script>
+{% include "trusted_ip/sysadmin-templates_trusted_ip.html" %}
 
 <script type="text/template" id="user-info-popup-tmpl">
     <div class="outer-caret up-outer-caret"><div class="inner-caret"></div></div>
diff --git a/seahub/trusted_ip/locale/zh_CN/LC_MESSAGES/django.po b/seahub/trusted_ip/locale/zh_CN/LC_MESSAGES/django.po
new file mode 100644
index 0000000000..636b9f3bcd
--- /dev/null
+++ b/seahub/trusted_ip/locale/zh_CN/LC_MESSAGES/django.po
@@ -0,0 +1,73 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2017-09-18 16:33+0800\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#: templates/trusted_ip/403_trusted_ip.html:5
+#: templates/trusted_ip/403_trusted_ip.html:8
+msgid "The server understood the request, but is refusing to fulfill it."
+msgstr "服务器已收到请求，但拒绝继续执行。"
+
+#: templates/trusted_ip/403_trusted_ip.html:10
+msgid "Sorry, but your IP address is not in trusted IP address range."
+msgstr "你的 IP 不在可信 IP 地址范围。"
+
+#: templates/trusted_ip/403_trusted_ip.html:12
+msgid "Please contact the webmaster."
+msgstr "请联系系统管理员。"
+
+#: templates/trusted_ip/sysadmin-templates_tab.html:3
+#: templates/trusted_ip/sysadmin-templates_trusted_ip.html:17
+msgid "Trusted IP Address"
+msgstr "可信 IP 地址"
+
+#: templates/trusted_ip/sysadmin-templates_trusted_ip.html:6
+msgid "Desktop"
+msgstr ""
+
+#: templates/trusted_ip/sysadmin-templates_trusted_ip.html:9
+msgid "Mobile"
+msgstr ""
+
+#: templates/trusted_ip/sysadmin-templates_trusted_ip.html:13
+msgid "Errors"
+msgstr ""
+
+#: templates/trusted_ip/sysadmin-templates_trusted_ip.html:21
+msgid "Add IP Address"
+msgstr "增加 IP 地址"
+
+#: templates/trusted_ip/sysadmin-templates_trusted_ip.html:27
+msgid "IP Address"
+msgstr "IP 地址"
+
+#: templates/trusted_ip/sysadmin-templates_trusted_ip.html:36
+msgid "No Trusted IP Address"
+msgstr "无可信任 IP 地址"
+
+#: templates/trusted_ip/sysadmin-templates_trusted_ip.html:42
+msgid "Add Trusted IP Address"
+msgstr "增加可信 IP 地址"
+
+#: templates/trusted_ip/sysadmin-templates_trusted_ip.html:45
+msgid "Submit"
+msgstr ""
+
+#: templates/trusted_ip/sysadmin-templates_trusted_ip.html:51
+msgid "Delete"
+msgstr ""
diff --git a/seahub/trusted_ip/middleware.py b/seahub/trusted_ip/middleware.py
new file mode 100644
index 0000000000..0d42ad7e27
--- /dev/null
+++ b/seahub/trusted_ip/middleware.py
@@ -0,0 +1,28 @@
+# Copyright (c) 2012-2016 Seafile Ltd.
+import json
+
+from django.http import HttpResponse
+from django.shortcuts import render_to_response
+
+from seahub.utils.ip import get_remote_ip
+from seahub.trusted_ip.models import TrustedIP
+from seahub.settings import ENABLE_LIMIT_IPADDRESS, TRUSTED_IP_LIST
+
+
+class LimitIpMiddleware(object):
+    def process_request(self, request):
+        if not ENABLE_LIMIT_IPADDRESS:
+            return None
+
+        ip = get_remote_ip(request)
+        if not TrustedIP.objects.match_ip(ip) and ip not in TRUSTED_IP_LIST:
+            if "api2/" in request.path or "api/v2.1/" in request.path:
+                return HttpResponse(
+                    json.dumps({"err_msg": "you can't login, because IP \
+                    address was not in range"}),
+                    status=403,
+                    content_type='application/json; charset=utf-8'
+                )
+            else:
+                return render_to_response('trusted_ip/403_trusted_ip.html',
+                                          status=403)
diff --git a/seahub/templates/403_trusted_ip.html b/seahub/trusted_ip/templates/trusted_ip/403_trusted_ip.html
similarity index 100%
rename from seahub/templates/403_trusted_ip.html
rename to seahub/trusted_ip/templates/trusted_ip/403_trusted_ip.html
diff --git a/seahub/trusted_ip/templates/trusted_ip/sysadmin-templates_tab.html b/seahub/trusted_ip/templates/trusted_ip/sysadmin-templates_tab.html
new file mode 100644
index 0000000000..cd203b0506
--- /dev/null
+++ b/seahub/trusted_ip/templates/trusted_ip/sysadmin-templates_tab.html
@@ -0,0 +1,4 @@
+{% load i18n %}
+<li class="tab <% if (cur_tab == 'settings') { %> ui-state-active <% } %>">
+    <a href="#device-trusted-ip/" class="a">{% trans "Trusted IP Address" %}</a>
+</li>
diff --git a/seahub/trusted_ip/templates/trusted_ip/sysadmin-templates_trusted_ip.html b/seahub/trusted_ip/templates/trusted_ip/sysadmin-templates_trusted_ip.html
new file mode 100644
index 0000000000..1b8323da1d
--- /dev/null
+++ b/seahub/trusted_ip/templates/trusted_ip/sysadmin-templates_trusted_ip.html
@@ -0,0 +1,52 @@
+{% load i18n %}
+<script type="text/template" id="device-trusted-ipaddresses-tmpl">
+    <div class="hd ovhd">
+        <ul class="tab-tabs-nav fleft">
+            <li class="tab <% if (cur_tab == 'desktop') { %> ui-state-active <% } %>">
+                <a href="#desktop-devices/" class="a">{% trans "Desktop" %}</a>
+            </li>
+            <li class="tab <% if (cur_tab == 'mobile') { %> ui-state-active <% } %>">
+                <a href="#mobile-devices/" class="a">{% trans "Mobile" %}</a>
+            </li>
+            <% if (is_pro) { %>
+            <li class="tab <% if (cur_tab == 'errors') { %> ui-state-active <% } %>">
+                <a href="#device-errors/" class="a">{% trans "Errors" %}</a>
+            </li>
+            <% } %>
+            <li class="tab <% if (cur_tab == 'settings') { %> ui-state-active <% } %>">
+                <a href="#device-trusted-ip/" class="a">{% trans "Trusted IP Address" %}</a>
+            </li>
+        </ul>
+        <div class="js-op-for-all fright">
+           <button id="add-trusted-ip-btn">{% trans "Add" %}</button>
+        </div>
+    </div>
+    <table class="hide">
+        <thead>
+            <tr>
+                <th width="80%">{% trans "IP Address" %}</th>
+                <th width="20%"></th>
+            </tr>
+        </thead>
+        <tbody>
+        </tbody>
+    </table>
+    <span class="loading-icon loading-tip"></span>
+    <div class="empty-tips hide">
+        <h2 class="alc">{% trans "No Trusted IP Address" %}</h2>
+    </div>
+</script>
+
+<script type="text/template" id="add-trusted-ipaddress-form-tmpl">
+    <form id="add-trusted-ip-form" class="hide">{% csrf_token %}
+        <h3>{% trans "Add Trusted IP Address" %}</h3>
+        <input name="ipaddress" id="ipaddress" class="input" /><br />
+        <p class="error hide"></p>
+        <button id="add-ip-form-btn">{% trans "Submit" %}</button>
+    </form>
+</script>
+
+<script type="text/template" id="device-trusted-ipaddress-item-tmpl">
+    <td><%- ip %></td>
+    <td><a href="#" class="sf2-icon-delete sf2-x trusted-ip-delete-btn op-icon vh" title="{% trans "Delete" %}" aria-label="{% trans "Delete" %}"></a></td>
+</script>
diff --git a/static/scripts/sysadmin-app/views/device-trusted-ipaddress.js b/static/scripts/sysadmin-app/views/device-trusted-ipaddress.js
index ae14971940..5451845dda 100644
--- a/static/scripts/sysadmin-app/views/device-trusted-ipaddress.js
+++ b/static/scripts/sysadmin-app/views/device-trusted-ipaddress.js
@@ -24,7 +24,7 @@ define([
         deleteIP: function() {
             var _this = this;
             var ip = this.model.get('ip');
-            var popupTitle = gettext("Delete IP Address");
+            var popupTitle = gettext("Delete");
             var popupContent = gettext("Are you sure you want to delete %s ?").replace('%s', '<span class="op-target ellipsis ellipsis-op-target" title="' + Common.HTMLescape(ip) + '">' + Common.HTMLescape(ip) + '</span>');
             var yesCallback = function() {
                 $.ajax({
