Whitelisting IPs to be able to receive webhooks

Rmn_Ornk · August 21, 2023, 7:54am

Hi n8n community

How can I whitelist an IP in order to be able to receive webhook from a thirdparty to my n8n workflow?

Best regards,

EmeraldHerald · August 21, 2023, 2:30pm

Hi @Rmn_Ornk Welcome to the community

You could use a reverse proxy if you need this to be IP based - this would have to be handled before the request reaches n8n, essentially.

If you control the service that makes the request, the easiest solution would be adding authentication to the HTTP Request node. n8n checks then if the given user & password matches (Basic Auth) or a required header has the correct value (Header Auth). But since you mentioned third party, this may not be an option for you.

Rmn_Ornk · August 21, 2023, 2:57pm

Hi @EmeraldHerald and thanks a lot for taking the time to answer.

Yeah, it is a third party service that requires it to send webhooks so I may not go for the second option.

How would the first option work, and is there any documentation about it (I couldn’t find it)?

EmeraldHerald · August 21, 2023, 3:36pm

HI @Rmn_Ornk - no worries, I had a feeling that might be the case!

Can you tell me how you’ve installed n8n so I can get you the right information? This template would be helpful:

n8n version:
Database (default: SQLite):
n8n EXECUTIONS_PROCESS setting (default: own, main):
Running n8n via (Docker, npm, n8n cloud, desktop app):
Operating system:

Rmn_Ornk · August 21, 2023, 5:21pm

I’m using n8n cloud @EmeraldHerald - is it possible in this case?

EmeraldHerald · August 22, 2023, 8:33am

Hi @Rmn_Ornk - I’m afraid it wouldn’t be at this point in time You could however head over to our Feature Request section of the forum, since our product team reads it regularly, and it looks like this has been requested at least once: Feature to restrict webhook_url for n8n

You can upvote and add your use-case to the thread

Rmn_Ornk · August 22, 2023, 12:55pm

Ok @EmeraldHerald, thanks a lot for taking the time to answer me! I’ll reopen the topic on the product side then

BB9234movwZ4T5c · November 14, 2023, 5:06am

@Rmn_Ornk Feature to restrict webhook_url for n8n - Feature Requests - n8n is a different, but related, topic as it deals with the ability to login to the GUI using both the base_url and the webhook_url; n8n treats them as equal.

The best solution is to block all requests at the WAF or reverse proxy level. An alternative approach would be to include the whitelist in a Set node and, immediately after the webhook is called, use an IF node to check to see if the source IP is in the whitelist and, if it is not, return a 403 error. Alternatively, you could use a Filter node to only process requests that are in the whitelist which will lead to all other requests timing out. You would, of course, need to configure the webhook to respond using the ‘Respond to Webhook’ node.

MutedJam · November 21, 2023, 5:07am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.