diff --git a/README.md b/README.md
index cd75630..badcbde 100644
--- a/README.md
+++ b/README.md
@@ -22,6 +22,9 @@ Restrict access to any activity by ip-address. Most activities don't support thi
 3.  Go to Site Administrator > Notification
 4.  Install the plugin
 
+## TODO 
+- Behat tests ip validation
+
 ## Security
 
 If you discover any security related issues, please email [luuk@MFreak.nl](mailto:luuk@MFreak.nl) instead of using the issue tracker.
diff --git a/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form-debug.js b/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form-debug.js
index e158a39..d5e6156 100644
--- a/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form-debug.js
+++ b/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form-debug.js
@@ -63,7 +63,7 @@ M.availability_ipaddress.form.getValue = function(field, node) {
     "use strict";
     // Get field value.
     var value = node.one('input[name=' + field + ']').get('value');
-    Y.log('ip_address:', value);
+    Y.log('ip_address:' + value);
 
     // If it is not a valid positive number, return false.
     if (M.availability_ipaddress.validateIpaddress(value)) {
@@ -71,7 +71,6 @@ M.availability_ipaddress.form.getValue = function(field, node) {
         return value;
     }
 
-    Y.log('getValue failed:', value);
     return value;
 };
 
@@ -122,13 +121,20 @@ M.availability_ipaddress.form.getNode = function(json) {
  */
 M.availability_ipaddress.validateIpaddress = function(ipaddresses) {
     'use strict';
-
+    Y.log(ipaddresses);
     ipaddresses = ipaddresses.split(',');
     for (var i in ipaddresses) {
 
         // Test normal ip format.
-        if (new RegExp("(?:".concat(M.availability_ipaddress.v4, ")|(?:").concat(M.availability_ipaddress.v6, ")"), "g")
+        if (new RegExp(/^(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}$/gm)
             .test(ipaddresses[i])) {
+            Y.log('Correct ipv4');
+            continue;
+        }
+
+        if (new RegExp(M.availability_ipaddress.v6)
+            .test(ipaddresses[i])) {
+            Y.log('Correct ipv6');
             continue;
         }
 
@@ -136,17 +142,24 @@ M.availability_ipaddress.validateIpaddress = function(ipaddresses) {
         if (new RegExp("(?:".concat(M.availability_ipaddress.v4 + "\\/(3[0-2]|[12]?[0-9])", ")|(?:")
             .concat(M.availability_ipaddress.v6 + "\\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])", ")"), "g")
             .test(ipaddresses[i])) {
+            Y.log('Correct subnet');
             continue;
         }
 
-        Y.log('Incorrect ip', ipaddresses[i]);
+        Y.log('Incorrect ip');
         return false;
     }
 
-    Y.log('Valid ipaddresses', ipaddresses);
+    Y.log('Valid ipaddresses');
     return true;
 };
 
+/**
+ * FillValue
+ *
+ * @param {object} value
+ * @param {object} node
+ */
 M.availability_ipaddress.form.fillValue = function(value, node) {
     // This function gets passed the node (from above) and a value
     // object. Within that object, it must set up the correct values
@@ -156,6 +169,11 @@ M.availability_ipaddress.form.fillValue = function(value, node) {
     value.ipaddresses = this.getValue('ipaddresses', node);
 };
 
+/**
+ * FillErrors
+ * @param {object} errors
+ * @param {object} node
+ */
 M.availability_ipaddress.form.fillErrors = function(errors, node) {
     "use strict";
     var value = {};
diff --git a/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form-min.js b/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form-min.js
index 90afbe2..563db02 100644
--- a/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form-min.js
+++ b/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form-min.js
@@ -1 +1 @@
-YUI.add("moodle-availability_ipaddress-form",function(e,t){M.availability_ipaddress=M.availability_ipaddress||{},M.availability_ipaddress.v4="(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}",M.availability_ipaddress.v6="((?:[0-9a-fA-F]{1,4}:){7}(?:[0-9a-fA-F]{1,4}|:)|(?:[0-9a-fA-F]{1,4}:){6}(?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|:[0-9a-fA-F]{1,4}|:)|(?:[0-9a-fA-F]{1,4}:){5}(?::(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(:[0-9a-fA-F]{1,4}){1,2}|:)|(?:[0-9a-fA-F]{1,4}:){4}(?:(:[0-9a-fA-F]{1,4}){0,1}:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(:[0-9a-fA-F]{1,4}){1,3}|:)|(?:[0-9a-fA-F]{1,4}:){3}(?:(:[0-9a-fA-F]{1,4}){0,2}:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(:[0-9a-fA-F]{1,4}){1,4}|:)|(?:[0-9a-fA-F]{1,4}:){2}(?:(:[0-9a-fA-F]{1,4}){0,3}:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(:[0-9a-fA-F]{1,4}){1,5}|:)|(?:[0-9a-fA-F]{1,4}:){1}(?:(:[0-9a-fA-F]{1,4}){0,4}:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(:[0-9a-fA-F]{1,4}){1,6}|:)|(?::((?::[0-9a-fA-F]{1,4}){0,5}:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(?::[0-9a-fA-F]{1,4}){1,7}|:)))(%[0-9a-zA-Z]{1,})?",M.availability_ipaddress.form=e.Object(M.core_availability.plugin),M.availability_ipaddress.form.initInner=function(){"use strict";},M.availability_ipaddress.form.getValue=function(e,t){"use strict";var n=t.one("input[name="+e+"]").get("value");return M.availability_ipaddress.validateIpaddress(n)?n:n},M.availability_ipaddress.form.getNode=function(t){"use strict";var n,r,i,s;return s="ipaddresses"+M.availability_ipaddress.form.instId,M.availability_ipaddress.form.instId+=1,n="",n+='<span class="availability-group"><label for="'+s+'"><span class="p-r-1">'+M.util.get_string("title","availability_ipaddress")+" </span></label>",n+='<input type="text" placeholder="192.168.178.1,231.54.211.0/20,231.3.56.211" name="ipaddresses" id="'+s+'">',r=e.Node.create('<span class="form-inline">'+n+"</span>"),t.ipaddresses!==undefined&&r.one("input[name=ipaddresses]").set("value",t.ipaddresses),M.availability_ipaddress.form.addedEvents||(M.availability_ipaddress.form.addedEvents=!0,i=e.one(".availability-field"),i.delegate("valuechange",function(){M.core_availability.form.update()},".availability_ipaddress input[name=ipaddresses]")),r},M.availability_ipaddress.validateIpaddress=function(e){"use strict";e=e.split(",");for(var t in e){if((new RegExp("(?:".concat(M.availability_ipaddress.v4,")|(?:").concat(M.availability_ipaddress.v6,")"),"g")).test(e[t]))continue;if((new RegExp("(?:".concat(M.availability_ipaddress.v4+"\\/(3[0-2]|[12]?[0-9])",")|(?:").concat(M.availability_ipaddress.v6+"\\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])",")"),"g")).test(e[t]))continue;return!1}return!0},M.availability_ipaddress.form.fillValue=function(e,t){e.ipaddresses=this.getValue("ipaddresses",t)},M.availability_ipaddress.form.fillErrors=function(e,t){"use strict";var n={};this.fillValue(n,t),M.availability_ipaddress.validateIpaddress(n.ipaddresses)===!1&&e.push("availability_ipaddress:error_ipaddress")}},"@VERSION@",{requires:["base","node","event","moodle-core_availability-form"]});
+YUI.add("moodle-availability_ipaddress-form",function(e,t){M.availability_ipaddress=M.availability_ipaddress||{},M.availability_ipaddress.v4="(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}",M.availability_ipaddress.v6="((?:[0-9a-fA-F]{1,4}:){7}(?:[0-9a-fA-F]{1,4}|:)|(?:[0-9a-fA-F]{1,4}:){6}(?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|:[0-9a-fA-F]{1,4}|:)|(?:[0-9a-fA-F]{1,4}:){5}(?::(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(:[0-9a-fA-F]{1,4}){1,2}|:)|(?:[0-9a-fA-F]{1,4}:){4}(?:(:[0-9a-fA-F]{1,4}){0,1}:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(:[0-9a-fA-F]{1,4}){1,3}|:)|(?:[0-9a-fA-F]{1,4}:){3}(?:(:[0-9a-fA-F]{1,4}){0,2}:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(:[0-9a-fA-F]{1,4}){1,4}|:)|(?:[0-9a-fA-F]{1,4}:){2}(?:(:[0-9a-fA-F]{1,4}){0,3}:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(:[0-9a-fA-F]{1,4}){1,5}|:)|(?:[0-9a-fA-F]{1,4}:){1}(?:(:[0-9a-fA-F]{1,4}){0,4}:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(:[0-9a-fA-F]{1,4}){1,6}|:)|(?::((?::[0-9a-fA-F]{1,4}){0,5}:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])(?:\\.(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]|[0-9])){3}|(?::[0-9a-fA-F]{1,4}){1,7}|:)))(%[0-9a-zA-Z]{1,})?",M.availability_ipaddress.form=e.Object(M.core_availability.plugin),M.availability_ipaddress.form.initInner=function(){"use strict";},M.availability_ipaddress.form.getValue=function(e,t){"use strict";var n=t.one("input[name="+e+"]").get("value");return M.availability_ipaddress.validateIpaddress(n)?n:n},M.availability_ipaddress.form.getNode=function(t){"use strict";var n,r,i,s;return s="ipaddresses"+M.availability_ipaddress.form.instId,M.availability_ipaddress.form.instId+=1,n="",n+='<span class="availability-group"><label for="'+s+'"><span class="p-r-1">'+M.util.get_string("title","availability_ipaddress")+" </span></label>",n+='<input type="text" placeholder="192.168.178.1,231.54.211.0/20,231.3.56.211" name="ipaddresses" id="'+s+'">',r=e.Node.create('<span class="form-inline">'+n+"</span>"),t.ipaddresses!==undefined&&r.one("input[name=ipaddresses]").set("value",t.ipaddresses),M.availability_ipaddress.form.addedEvents||(M.availability_ipaddress.form.addedEvents=!0,i=e.one(".availability-field"),i.delegate("valuechange",function(){M.core_availability.form.update()},".availability_ipaddress input[name=ipaddresses]")),r},M.availability_ipaddress.validateIpaddress=function(e){"use strict";e=e.split(",");for(var t in e){if((new RegExp(/^(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}$/gm)).test(e[t]))continue;if((new RegExp(M.availability_ipaddress.v6)).test(e[t]))continue;if((new RegExp("(?:".concat(M.availability_ipaddress.v4+"\\/(3[0-2]|[12]?[0-9])",")|(?:").concat(M.availability_ipaddress.v6+"\\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])",")"),"g")).test(e[t]))continue;return!1}return!0},M.availability_ipaddress.form.fillValue=function(e,t){e.ipaddresses=this.getValue("ipaddresses",t)},M.availability_ipaddress.form.fillErrors=function(e,t){"use strict";var n={};this.fillValue(n,t),M.availability_ipaddress.validateIpaddress(n.ipaddresses)===!1&&e.push("availability_ipaddress:error_ipaddress")}},"@VERSION@",{requires:["base","node","event","moodle-core_availability-form"]});
diff --git a/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form.js b/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form.js
index 87d3f94..a60197d 100644
--- a/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form.js
+++ b/yui/build/moodle-availability_ipaddress-form/moodle-availability_ipaddress-form.js
@@ -118,12 +118,16 @@ M.availability_ipaddress.form.getNode = function(json) {
  */
 M.availability_ipaddress.validateIpaddress = function(ipaddresses) {
     'use strict';
-
     ipaddresses = ipaddresses.split(',');
     for (var i in ipaddresses) {
 
         // Test normal ip format.
-        if (new RegExp("(?:".concat(M.availability_ipaddress.v4, ")|(?:").concat(M.availability_ipaddress.v6, ")"), "g")
+        if (new RegExp(/^(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}$/gm)
+            .test(ipaddresses[i])) {
+            continue;
+        }
+
+        if (new RegExp(M.availability_ipaddress.v6)
             .test(ipaddresses[i])) {
             continue;
         }
@@ -141,6 +145,12 @@ M.availability_ipaddress.validateIpaddress = function(ipaddresses) {
     return true;
 };
 
+/**
+ * FillValue
+ *
+ * @param {object} value
+ * @param {object} node
+ */
 M.availability_ipaddress.form.fillValue = function(value, node) {
     // This function gets passed the node (from above) and a value
     // object. Within that object, it must set up the correct values
@@ -150,6 +160,11 @@ M.availability_ipaddress.form.fillValue = function(value, node) {
     value.ipaddresses = this.getValue('ipaddresses', node);
 };
 
+/**
+ * FillErrors
+ * @param {object} errors
+ * @param {object} node
+ */
 M.availability_ipaddress.form.fillErrors = function(errors, node) {
     "use strict";
     var value = {};
diff --git a/yui/src/form/js/form.js b/yui/src/form/js/form.js
index 325ba46..89af871 100644
--- a/yui/src/form/js/form.js
+++ b/yui/src/form/js/form.js
@@ -61,7 +61,7 @@ M.availability_ipaddress.form.getValue = function(field, node) {
     "use strict";
     // Get field value.
     var value = node.one('input[name=' + field + ']').get('value');
-    Y.log('ip_address:', value);
+    Y.log('ip_address:' + value);
 
     // If it is not a valid positive number, return false.
     if (M.availability_ipaddress.validateIpaddress(value)) {
@@ -69,7 +69,6 @@ M.availability_ipaddress.form.getValue = function(field, node) {
         return value;
     }
 
-    Y.log('getValue failed:', value);
     return value;
 };
 
@@ -120,13 +119,21 @@ M.availability_ipaddress.form.getNode = function(json) {
  */
 M.availability_ipaddress.validateIpaddress = function(ipaddresses) {
     'use strict';
-
+    Y.log(ipaddresses);
     ipaddresses = ipaddresses.split(',');
     for (var i in ipaddresses) {
 
         // Test normal ip format.
-        if (new RegExp("(?:".concat(M.availability_ipaddress.v4, ")|(?:").concat(M.availability_ipaddress.v6, ")"), "g")
+        // Strict ipv4 check.
+        if (new RegExp(/^(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}$/gm)
             .test(ipaddresses[i])) {
+            Y.log('Correct ipv4');
+            continue;
+        }
+
+        if (new RegExp(M.availability_ipaddress.v6)
+            .test(ipaddresses[i])) {
+            Y.log('Correct ipv6');
             continue;
         }
 
@@ -134,17 +141,24 @@ M.availability_ipaddress.validateIpaddress = function(ipaddresses) {
         if (new RegExp("(?:".concat(M.availability_ipaddress.v4 + "\\/(3[0-2]|[12]?[0-9])", ")|(?:")
             .concat(M.availability_ipaddress.v6 + "\\/(12[0-8]|1[01][0-9]|[1-9]?[0-9])", ")"), "g")
             .test(ipaddresses[i])) {
+            Y.log('Correct subnet');
             continue;
         }
 
-        Y.log('Incorrect ip', ipaddresses[i]);
+        Y.log('Incorrect ip');
         return false;
     }
 
-    Y.log('Valid ipaddresses', ipaddresses);
+    Y.log('Valid ipaddresses');
     return true;
 };
 
+/**
+ * FillValue
+ *
+ * @param {object} value
+ * @param {object} node
+ */
 M.availability_ipaddress.form.fillValue = function(value, node) {
     // This function gets passed the node (from above) and a value
     // object. Within that object, it must set up the correct values
@@ -154,6 +168,11 @@ M.availability_ipaddress.form.fillValue = function(value, node) {
     value.ipaddresses = this.getValue('ipaddresses', node);
 };
 
+/**
+ * FillErrors
+ * @param {object} errors
+ * @param {object} node
+ */
 M.availability_ipaddress.form.fillErrors = function(errors, node) {
     "use strict";
     var value = {};