Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Facebook Messenger webhook source IP whitelist

I am creating a chatbot on Facebook Messenger. I have configured a webhook which is working fine. Is there a way to get the list of source IPs to whitelist on my firewall? My security team is not comfortable in opening the webhook to the entire internet.

We do plan to use the X-Hub HMAC validation, however restricting the source IP to a a finite number of IP or IP ranges or Domain would keep the security guys off me.

like image 677
Cylon Devil Avatar asked Mar 10 '23 14:03

Cylon Devil


1 Answers

Facebook publish their list of IP addresses via an endpoint that can be queried like this:

whois -h whois.radb.net -- '-i origin AS32934' | grep ^route  

Note however that their IP addresses change frequently, so you'll need to integrate the API with your firewall.

More info is available on Facebook's site: https://developers.facebook.com/docs/graph-api/webhooks#access

like image 120
Sam H Avatar answered Mar 23 '23 04:03

Sam H