crawl-webhook-errors | Stripe Developers | Page 1

thorny basinBOT Aug 29, 2023, 4:36 PM

#

quiet tendon Aug 29, 2023, 4:37 PM

#

Error Rate 57%

#

Some request pass

#

And others, like invoice.paid

response

HTTP status code
403 (Forbidden)
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
</body>
</html>

#

on our WAF, we just discovered that those request were blocked

hardy whale Aug 29, 2023, 4:38 PM

#

👋 @quiet tendon, this looks like a bug on your end where your own server (or Cloudflare or similar) is blocking those requests

quiet tendon Aug 29, 2023, 4:38 PM

#

yes correct

#

what are the stripe recommendation for this ?

#

do we open the endpoint to public and let the stripe verification key do it's job

#

or we whitelist ip set

#

https://stripe.com/docs/ips

hardy whale Aug 29, 2023, 4:39 PM

#

It's really up to you, there are many ways to do this so it's whatever you're most comfortable with. But the stricted is IP allow listing: https://stripe.com/docs/ips#webhook-notifications

quiet tendon Aug 29, 2023, 4:40 PM

#

is the ip list constently updated ?

#

or is it fixed for good good

#

I can you guys use
https://stripe.com/files/ips/ips_webhooks.json

hardy whale Aug 29, 2023, 4:47 PM

#

it's documented on that page

#

top of the page

You can subscribe to the API announce mailing list to be notified of any changes to our IP addresses. We provide seven days’ notice through that mailing list before making changes.

#

crawl-webhook-errors

quiet tendon Aug 29, 2023, 4:48 PM

#

oh perfect didnt saw that

#

nice it's going through now

#

thank!

#crawl-webhook-errors