Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Mandrill Webhooks - Security

Tags:

security

ip

mandrill

For security purposes, I try to allow only Mandrill's IP(s) to access these urls.

Does anyone know them?

like image 748
devside Avatar asked Apr 26 '13 10:04

devside

1 Answers

Mandrill's signature is located in the HTTP response header: Authenticating-webhook-requests

In the request header find: X-Mandrill-Signature. This is a base64 of the hashcode, signed using web-hook key. This key is secret to your webhook only.

like image 158
devside Avatar answered Oct 02 '22 23:10

devside
Sign in to Comment

Related questions

Md5 Alternative in PHP? [closed]
Understanding Python Pickle Insecurity
Symfony & Guard: "The security token was removed due to an AccountStatusException"
How To Tell What Files IE Thinks Are "nonsecure"?
When would you use SSL for a website?
Is it safe to allow users to edit css?
Where is Microsoft.Sharepoint.IdentityModel.dll
ASP.Net MVC & WebAPI encryption
Secure Password Generation With Random Chars
What is the most secure way store keys in React Native
How do you support a web app with hashed or encrypted passwords?
Can the "x-requested-with" http header be spoofed?
Can I avoid all SQL-injection attacks by using parameters?
Store a Password Securely
How to compare SSL certificates using AFNetworking
How do I create a web application where I do not have access to the data?
Python Applications: Can You Secure Your Code Somehow?
Is it good style to call bash commands within a Python script using os.system("bash code")? [closed]
Does salt need to be random to secure a password hash?
Is Spring - SpEL vulnerable?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!