diff --git a/module/ModuleStore/Admin/Controller/ModuleStoreController.php b/module/ModuleStore/Admin/Controller/ModuleStoreController.php
index f9595d966c4f456fb761c3c84abe9afb719d319d..c5d3ab2bedd2aeeb6946259f20c2f44aa3194136 100644
--- a/module/ModuleStore/Admin/Controller/ModuleStoreController.php
+++ b/module/ModuleStore/Admin/Controller/ModuleStoreController.php
@@ -12,6 +12,7 @@ use ModStart\Core\Input\InputPackage;
 use ModStart\Core\Input\Response;
 use ModStart\Core\Util\CRUDUtil;
 use ModStart\Core\Util\FileUtil;
+use ModStart\Core\Util\ReUtil;
 use ModStart\Form\Form;
 use ModStart\Module\ModuleManager;
 use ModStart\Repository\RepositoryUtil;
@@ -34,6 +35,30 @@ class ModuleStoreController extends Controller
         return Response::generateSuccessData(ModuleStoreUtil::all());
     }
 
+    private function moduleOperateCheck($module)
+    {
+        BizException::throwsIf('当前环境禁止「模块管理」相关操作', config('env.MS_MODULE_STORE_DISABLE', false));
+        $whitelist = config('env.MS_MODULE_WHITELIST', '');
+        if (empty($whitelist)) {
+            return;
+        }
+        $whitelist = array_map(function ($v) {
+            return trim($v);
+        }, explode(',', $whitelist));
+        $whitelist = array_filter($whitelist);
+        if (empty($whitelist)) {
+            return;
+        }
+        $passed = false;
+        foreach ($whitelist as $item) {
+            if (ReUtil::isWildMatch($item, $module)) {
+                $passed = true;
+                break;
+            }
+        }
+        BizException::throwsIf('只允许操作模块:' . join(',', $whitelist), !$passed);
+    }
+
     private function doFinish($msgs)
     {
         return Response::generateSuccessData([
@@ -72,7 +97,7 @@ class ModuleStoreController extends Controller
         $version = $dataInput->getTrimString('version');
         BizException::throwsIfEmpty('module为空', $module);
         BizException::throwsIfEmpty('version为空', $version);
-        BizException::throwsIf('当前环境禁止「模块管理」相关操作', config('env.MS_MODULE_STORE_DISABLE', false));
+        $this->moduleOperateCheck($module);
         switch ($step) {
             default:
                 $ret = ModuleManager::disable($module);
@@ -93,8 +118,7 @@ class ModuleStoreController extends Controller
         $version = $dataInput->getTrimString('version');
         BizException::throwsIfEmpty('module为空', $module);
         BizException::throwsIfEmpty('version为空', $version);
-        BizException::throwsIf('当前环境禁止「模块管理」相关操作', config('env.MS_MODULE_STORE_DISABLE', false));
-
+        $this->moduleOperateCheck($module);
         switch ($step) {
             default:
                 $ret = ModuleManager::enable($module);
@@ -117,8 +141,7 @@ class ModuleStoreController extends Controller
         BizException::throwsIfEmpty('module为空', $module);
         BizException::throwsIfEmpty('version为空', $version);
         BizException::throwsIf('系统模块不能动态配置', ModuleManager::isSystemModule($module));
-        BizException::throwsIf('当前环境禁止「模块管理」相关操作', config('env.MS_MODULE_STORE_DISABLE', false));
-
+        $this->moduleOperateCheck($module);
         if ($isLocal) {
             switch ($step) {
                 default:
@@ -159,7 +182,7 @@ class ModuleStoreController extends Controller
         $version = $dataInput->getTrimString('version');
         BizException::throwsIfEmpty('module为空', $module);
         BizException::throwsIfEmpty('version为空', $version);
-        BizException::throwsIf('当前环境禁止「模块管理」相关操作', config('env.MS_MODULE_STORE_DISABLE', false));
+        $this->moduleOperateCheck($module);
 
         switch ($step) {
             case 'installModule':
@@ -238,7 +261,7 @@ class ModuleStoreController extends Controller
         BizException::throwsIfEmpty('module为空', $module);
         BizException::throwsIfEmpty('version为空', $version);
         BizException::throwsIf('系统模块不能动态配置', ModuleManager::isSystemModule($module));
-        BizException::throwsIf('当前环境禁止「模块管理」相关操作', config('env.MS_MODULE_STORE_DISABLE', false));
+        $this->moduleOperateCheck($module);
 
         if ($isLocal) {
             switch ($step) {
diff --git a/module/ModuleStore/Docs/release/1.4.0.md b/module/ModuleStore/Docs/release/1.4.0.md
new file mode 100644
index 0000000000000000000000000000000000000000..3513d808088d38dbfdc7a4ee5f4572e201447e62
--- /dev/null
+++ b/module/ModuleStore/Docs/release/1.4.0.md
@@ -0,0 +1,3 @@
+
+
+- 新增：模块白名单安装控制
diff --git a/module/ModuleStore/config.json b/module/ModuleStore/config.json
index af6a8e517495ef63904275f018abb152b1c669ad..ab9e6c607ba1ce7f32a9d3b59f12a1f5d24963d2 100644
--- a/module/ModuleStore/config.json
+++ b/module/ModuleStore/config.json
@@ -8,7 +8,7 @@
     "Vendor:>=1.4.0"
   ],
   "modstartVersion": ">=1.8.0",
-  "version": "1.3.0",
+  "version": "1.4.0",
   "author": "官方",
   "description": "提供各种各样的应用模块，方便应用快速集成"
 }