For security, you should call outbound webhooks using a server dedicated to that... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

hathawsh on Sept 15, 2017 | parent | context | favorite | on: Malicious software libraries found in PyPI posing ...

For security, you should call outbound webhooks using a server dedicated to that purpose, where the main server and webhook caller are connected through an async message passing system such as RabbitMQ. That way you can maintain strict firewall rules on the main server.

anthony_barker on Sept 15, 2017 [–]

Aws Sqs write only queue for external facing servers is what we do. What worries me is not servers... It's admin/Dev machines...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact