diff --git a/perimeter.permissions.yml b/perimeter.permissions.yml
new file mode 100644
index 0000000000000000000000000000000000000000..1c9b539f2522a187c4457b47913e70280683f1a1
--- /dev/null
+++ b/perimeter.permissions.yml
@@ -0,0 +1,4 @@
+bypass perimeter defence rules:
+  title: 'Bypass Perimeter Defence ban rules'
+  description: 'Allow users to bypass the rules defined by Perimeter Defence module.'
+  restrict access: true
diff --git a/src/EventSubscriber/PerimeterSubscriber.php b/src/EventSubscriber/PerimeterSubscriber.php
index 970fc0ccdd7cacc9999773107d95c44144dc48c3..fedd27c3f1184d952b1f8557ca89c3d67f375546 100644
--- a/src/EventSubscriber/PerimeterSubscriber.php
+++ b/src/EventSubscriber/PerimeterSubscriber.php
@@ -40,6 +40,9 @@ class PerimeterSubscriber implements EventSubscriberInterface {
    * On page not found events, ban the IP if the request is suspicious.
    */
   public function handleBannedUrls(Event $event) {
+    if (\Drupal::currentUser()->hasPermission('bypass perimeter defence rules')) {
+      return;
+    }
     $exception = $event->getException();
     if ($exception instanceof NotFoundHttpException) {
       $request_path = $event->getRequest()->getPathInfo();