Security Measures: Difference between revisions
Line 25: | Line 25: | ||
=Encryption= | =Encryption= | ||
{{NotificationBox|title=IMPORTANT|text=All communication must be done over HTTPS. The Barion system only supports TLS v1.1 / v1.2|color=#FF7A3D}} | {{NotificationBox|title=IMPORTANT|text=All communication must be done over HTTPS. The Barion system only supports TLS v1.1 / v1.2|color=#FF7A3D}} | ||
{{NotificationBox|title=WARNING|text=TLS 1.0 will be switched off on the 25th of July 2018 on the live servers, switch to TLS 1.1 / 1.2 now!|color=#FF0000}} |
Revision as of 12:01, 18 July 2018
Security Measures
Introduction
This page lists different measures we take to maintain security and service levels. Please read carefully and follow the instructions, especially where changes may happen any time. If you do not update your settings when a change occurs, you might risk your Barion implementation's ability to work properly or at all.
Callback
It makes sense to limit the range of IP addresses where the merchant's server accepts callback requests from, although you must be aware that the IP addresses can change.
The callback request currently originate from the following IP addresses:
- 13.79.241.141
- 40.69.88.149
- 40.69.88.240
- 52.164.220.205
- 52.169.80.55
- 195.56.171.161
If the IP address changes, we publish the list of new IP addresses here and notify our developers and merchants in the Facebook group (See: Getting support) and in a newsletter, sent to the merchant's e-mail used at registration.
Barion API Calls
We recommend that you use Domain Name Service (DNS) results to determine the IP addresses of our API servers. We may change records we do not provide notification of changes.