Post

Replies

Boosts

Views

Activity

Why do I need to whitelist Apple IP addresses on server
Hi all, I'm in the process of configuring Apple Pay for payments on an ecommerce site and I've come across the following documentation: Setting Up Your Server | Apple Developer Documentation It mentions the following in a yellow highlighted note Use a strict allow list for Apple IP addresses and domains provided in Listing 1. Do not allow your server to access any other IP addresses or domains. My first question is why does my server need to set a strict allowed list when the domain name apple-pay-gateway.apple.com is publicly accessible? My second question is that my web server is hosted on Vercel and I assume that there are no IP restrictions on any outbound requests. If there were restrictions where would I apply this whitelisting? Thanks for your help.
1
0
149
2w