diff --git a/apps/audits/signals_handler.py b/apps/audits/signals_handler.py
index 4ba7e8408..362bd4c11 100644
--- a/apps/audits/signals_handler.py
+++ b/apps/audits/signals_handler.py
@@ -15,7 +15,7 @@ from rest_framework.request import Request
 
 from assets.models import Asset, SystemUser
 from authentication.signals import post_auth_failed, post_auth_success
-from authentication.utils import check_different_city_login
+from authentication.utils import check_different_city_login_if_need
 from jumpserver.utils import current_request
 from users.models import User
 from users.signals import post_user_change_password
@@ -304,7 +304,7 @@ def generate_data(username, request, login_type=None):
 @receiver(post_auth_success)
 def on_user_auth_success(sender, user, request, login_type=None, **kwargs):
     logger.debug('User login success: {}'.format(user.username))
-    check_different_city_login(user, request)
+    check_different_city_login_if_need(user, request)
     data = generate_data(user.username, request, login_type=login_type)
     data.update({'mfa': int(user.mfa_enabled), 'status': True})
     write_login_log(**data)
diff --git a/apps/authentication/utils.py b/apps/authentication/utils.py
index 0e1dd5e9c..6dc3866fe 100644
--- a/apps/authentication/utils.py
+++ b/apps/authentication/utils.py
@@ -5,6 +5,7 @@ from Cryptodome.PublicKey import RSA
 from Cryptodome.Cipher import PKCS1_v1_5
 from Cryptodome import Random
 
+from django.conf import settings
 from .notifications import DifferentCityLoginMessage
 from audits.models import UserLoginLog
 from audits.const import DEFAULT_CITY
@@ -51,7 +52,10 @@ def rsa_decrypt(cipher_text, rsa_private_key=None):
     return message
 
 
-def check_different_city_login(user, request):
+def check_different_city_login_if_need(user, request):
+    if not settings.SECURITY_CHECK_DIFFERENT_CITY_LOGIN:
+        return
+
     ip = get_request_ip(request) or '0.0.0.0'
 
     if not (ip and validate_ip(ip)):
diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py
index b525dff3c..662c91fba 100644
--- a/apps/jumpserver/conf.py
+++ b/apps/jumpserver/conf.py
@@ -311,6 +311,7 @@ class Config(dict):
         'SECURITY_WATERMARK_ENABLED': True,
         'SECURITY_MFA_VERIFY_TTL': 3600,
         'SECURITY_SESSION_SHARE': True,
+        'SECURITY_CHECK_DIFFERENT_CITY_LOGIN': True,
         'OLD_PASSWORD_HISTORY_LIMIT_COUNT': 5,
         'CHANGE_AUTH_PLAN_SECURE_MODE_ENABLED': True,
         'USER_LOGIN_SINGLE_MACHINE_ENABLED': False,
diff --git a/apps/jumpserver/settings/custom.py b/apps/jumpserver/settings/custom.py
index b01e976f1..bc483cb79 100644
--- a/apps/jumpserver/settings/custom.py
+++ b/apps/jumpserver/settings/custom.py
@@ -61,6 +61,7 @@ SECURITY_DATA_CRYPTO_ALGO = CONFIG.SECURITY_DATA_CRYPTO_ALGO
 SECURITY_INSECURE_COMMAND = CONFIG.SECURITY_INSECURE_COMMAND
 SECURITY_INSECURE_COMMAND_LEVEL = CONFIG.SECURITY_INSECURE_COMMAND_LEVEL
 SECURITY_INSECURE_COMMAND_EMAIL_RECEIVER = CONFIG.SECURITY_INSECURE_COMMAND_EMAIL_RECEIVER
+SECURITY_CHECK_DIFFERENT_CITY_LOGIN = CONFIG.SECURITY_CHECK_DIFFERENT_CITY_LOGIN
 
 # Terminal other setting
 TERMINAL_PASSWORD_AUTH = CONFIG.TERMINAL_PASSWORD_AUTH
diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po
index b7912c24a..d4b50cb47 100644
--- a/apps/locale/zh/LC_MESSAGES/django.po
+++ b/apps/locale/zh/LC_MESSAGES/django.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: JumpServer 0.3.3\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2021-11-05 11:41+0800\n"
+"POT-Creation-Date: 2021-11-08 15:08+0800\n"
 "PO-Revision-Date: 2021-05-20 10:54+0800\n"
 "Last-Translator: ibuler <ibuler@qq.com>\n"
 "Language-Team: JumpServer team<ibuler@qq.com>\n"
@@ -3416,6 +3416,17 @@ msgstr "会话分享"
 msgid "Enabled, Allows user active session to be shared with other users"
 msgstr "开启后允许用户分享已连接的资产会话给它人，协同工作"
 
+#: settings/serializers/security.py:144
+msgid "Remote Login Protection"
+msgstr "异地登录保护"
+
+#: settings/serializers/security.py:145
+msgid ""
+"The system determines whether the login IP address belongs to a common login "
+"city. If the account is logged in from a common login city, the system sends "
+"a remote login reminder"
+msgstr "根据登录IP是否所属常用登录城市进行判断，若账号在非常用城市登录，会发送异地登录提醒"
+
 #: settings/serializers/sms.py:7
 msgid "Label"
 msgstr "标签"
diff --git a/apps/settings/serializers/security.py b/apps/settings/serializers/security.py
index 06e5038fb..51d03eab5 100644
--- a/apps/settings/serializers/security.py
+++ b/apps/settings/serializers/security.py
@@ -140,3 +140,8 @@ class SecuritySettingSerializer(SecurityPasswordRuleSerializer, SecurityAuthSeri
         required=True, label=_('Session share'),
         help_text=_("Enabled, Allows user active session to be shared with other users")
     )
+    SECURITY_CHECK_DIFFERENT_CITY_LOGIN = serializers.BooleanField(
+        required=False, label=_('Remote Login Protection'),
+        help_text=_('The system determines whether the login IP address belongs to a common login city. '
+                    'If the account is logged in from a common login city, the system sends a remote login reminder')
+    )