Securing Requests

Reading Time: 1 minute

You can take a few extra steps to prevent malicious developers accessing your requests.

Table of Contents

Use HTTPS

Use (https://) instead of (http://) in your URL to ensure a more secure communication channel.

Set Up Your Firewall

Use the required firewall settings. See Firewall Settings.

Use a Token or Secure Key

In the URL, add a secret key to all requests received via a Webhook, for example: https://your-url/resource?secret-key=xxxxxxxxxxxxxx.
When your server receives a request, but the authorization fails, send a response back with the HTTP response code ‘401 Unauthorized’.

Enable HTTP Body Encryption

You can enable encryption in the HTTP body. Many cipher methods are available.

For decryption, you need:

  • The HTTP body (base64 encoded if encryption is enabled)
  • The selected cipher method
  • The secret key
  • The iv (if you enabled random initialization vector)

Tip: For an example decryption code, see Processing Webhook Requests.

Note: If you enable encryption, you must set up a secret key for encryption and decryption.

Use Random Initialization Vector

Random initialization vector is a commonly used technique. To use this technique, use the “iv” URL parameter. See To Use Dynamic URLs section.

Example URL: https://your-url/resource?iv=${iv}

Note: If you disable it, an empty initialization vector is used instead.


There are no comments yet.
Subscribe to our newsletter
or Contact us!
Please note that by subscribing to our newsletter, you agree to receive regular email messages from VCC Live® about service related news and updates. By subscribing to our newsletter, you also agree that VCC Live® will use your data in accordance with the applicable Privacy Policy until you unsubscribe from the newsletter.

Privacy Settings Center

Necessary

Necessary cookies are essential in order to navigate around a website and use its basic features. You must accept these cookies as the website cannot function properly without them.

__cfduid,debug,PHPSESSID

Marketing

Marketing cookies are used to track visitors across websites and deliver advertisements that are more relevant and engaging to you.

__atuvc,__atuvs,_at.cww,_hjIncludedInSample,_hjRecordingEnabled,ads/user-lists/#,at-lojson-cache-#,at-rand,bt2,di2,_fbp,IDE,lidc,loc,NID,ouid,r/collect,rc::a,rc::b,s,test_cookie,uid,uvc,vc,xtc

Statistics

Statistic cookies collect data to help us understand how visitors use our websites and are used to improve the user experience. These cookies don’t collect personal information and cannot identify visitors.

_ceg.s,_ceg.u,_ga,_gat,_gid,_gat_UA-1696494-11

Other

Other cookies are those cookies that do not fall into the categories above. These cookies are in the process of being classified.

loglevel,socketCluster.authToken,u,webchatClientId,webchatOpen