How can I secure my IPN from bieng spoofed or secured?

Question

I have an IPN for Paypal. I have a simple NodeJS server using the express framework. I have a simple post wrapper for the handler url of the PayPal IPN.

I have a simple check for IP address to check if the POST request came from PayPal.

My problem is that if someone spoofs the IP Address and sends POST Requests to the IPN Handler, they can effect my back-end system as the IPN handler has functions that are determined from the POST data.

How can I make this more secure?

Thanks.

Answer 1

• IPN is a very old, very clunky service. You probably shouldn't be using it. There are invariably superior and more reliable ways to accomplish whatever it is you are trying to do with PayPal, including synchronous server-side capture or, only when necessary for certain asynchronous notifications, Webhooks
• But if, for some strange reason, you insist on integrating such an old service as a payment dependency, its architecture has a built in verification step where you post the IPN message back to PayPal to have it verified. See https://developer.paypal.com/docs/api-basics/notifications/ipn/IPNIntro/#ipn-protocol-and-architecture

Answer 2

Preventing IP spoofing isn't something you can do server side. What you could do potentially is implement mechanisms to asses whether or not an IP is valid and see where it potentially comes from. Afterwards you could limit the IP's themselves to whatever is acceptable for you solution.

The spoofing part is client-side, meaning that if the client uses a Proxy for example he could spoof the IP through that and you wouldn't be able to tell straight away.

Check out this short article for a bit of general idea (https://www.kaspersky.com/resource-center/threats/ip-spoofing)