Facebook Messenger Webhook源IP白名单 [英] Facebook Messenger webhook source IP whitelist
问题描述
我正在Facebook Messenger上创建聊天机器人.我已经配置了一个可以正常工作的webhook. 有没有办法将源IP列表添加到防火墙上的白名单?我的安全团队对打开整个Internet的网络挂钩感到不舒服.
I am creating a chatbot on Facebook Messenger. I have configured a webhook which is working fine. Is there a way to get the list of source IPs to whitelist on my firewall? My security team is not comfortable in opening the webhook to the entire internet.
我们确实打算使用X-Hub HMAC验证,但是将源IP限制为有限数量的IP或IP范围或域将使安全人员远离我.
We do plan to use the X-Hub HMAC validation, however restricting the source IP to a a finite number of IP or IP ranges or Domain would keep the security guys off me.
推荐答案
Facebook通过可以这样查询的终结点发布其IP地址列表:
Facebook publish their list of IP addresses via an endpoint that can be queried like this:
whois -h whois.radb.net -- '-i origin AS32934' | grep ^route
但是请注意,它们的IP地址经常更改,因此您需要将API与防火墙集成.
Note however that their IP addresses change frequently, so you'll need to integrate the API with your firewall.
有关更多信息,请访问Facebook网站: https://developers.facebook. com/docs/graph-api/webhooks#access
More info is available on Facebook's site: https://developers.facebook.com/docs/graph-api/webhooks#access
这篇关于Facebook Messenger Webhook源IP白名单的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!