Messente avatar logo

How to Whitelist IP Address Range for Messente API

- 5 MIN READ - 27 Aug 2014

How to Whitelist IP Address Range for Messente API

Dynamic IP addresses are the number one enemy for web service providers. Some third party services may require you to whitelist your IP address, which may cause failed API calls in case you forget to update the list when required. What a hassle.

Fret no more – as of today you can specify IP address range using CIDR notation feature just added to Messente API settings!

IP Address Format of CIDR Notation

I am pretty sure you have seen IP address ranges in the format of 192.168.2.0/24, but what does that mean?

Technically it means, that 24 bit of the address in the IP address must match the same as 192.168.2.0. In this example, the IP address range is from 192.168.2.0 to 192.168.2.255.

Another example: if you added 192.168.2.0/25 to Messente API Whitelisted IP addresses list, then the allowed IP range would be just 192.168.2.0 to 192.168.2.127.

Still sounds too complicated? You can simply use a CIDR Utility Tool to calculate the CIDR notation for your IP address ranges.

Whitelisting Range of IP Addresses

Most cloud web service providers also share their public IP address ranges already as CIDR notations, so you can just copy-paste the list to Messente API settings.

Here is a short list of some of the most popular cloud web service providers and their public IP address ranges:

Limitations and Workaround

Using CIDR IP address format, you can not always specify your required range of IP addresses as one line.

For example, if you wanted to whitelist IP address range of 192.168.2.12 to 192.168.2.34, then you would need to add three CIDR notations:

At least you won’t have to insert all 23 IP addresses separately

Also, you can simply just use the CIDR Utility Tool mentioned above to calculate the ranges for you.

Disabling IP Address Validation

We strongly suggest you to get a fixed public IP address if possible. However, if you really-really want to disable the IP address validation (we really strongly suggest against doing this), you could add “0.0.0.0/0″ to the allowed IP address list.

If you still want to disable the IP address validation – at least make sure you use HTTPS for communication. This way you make it pretty hard for anyone to sniff at your traffic.

Jaanus Rõõmus

Jaanus Rõõmus - CTO

Jaanus is co-founder and CTO of Messente and makes sure its wheels keep spinning and Messente always has a full tank of fuel.

Startup Conferences: What’s the point? (Slush 2017)

20 Oct 2017

With Slush coming up in about a month, it’s a good time ponder the purpose of large startup conferences. Many entrepreneurs head to conferences, like Slush, around the world and throughout the year looking for investments from venture capitalists and angel investors, yet there’s a lot more to gain from startup conferences. Think about it: there will be over 17,000 motivated and creative people in one place at one time. Get creative and gain as much as you can out of the experience.

Yuriy Mikitchenko

Yuriy Mikitchenko

The economics behind undelivered, failed SMS messages    

17 Oct 2017

The cost and full impact of undelivered or failed messages isn’t immediately clear. The financial impact is not simply the combination of the failed SMS and the cost to resend the message, which isn’t very much at times. There are other indirect costs that result from undelivered SMS messages that matter from a financial perspective. Let’s take a deeper look into the ripple effect of undelivered messages, which make the reasons behind our focus on SMS delivery quality even more clear.

Here are a few examples.

Uku Tomikas

Uku Tomikas

Fraud and Security: 2FA Considerations for PSD2

10 Oct 2017

The second Payment Services Directive (PSD2) is less than three months away from enforcement. While the regulation’s text is lengthy, a key component of the law is its extended reach in comparison to the first directive. PSD2 applies to all payment service providers and affiliates, including account information service providers and payment initiation service providers. In addition, the law applies when at least one part of the transaction is in the European Union. This means that payment service providers and their affiliates outside of the EU must comply with the law when the payer is in the EU. The additional geographical reach guarantees the same level of security expectations for all EU residents regardless of the location of the payment service provider.

Raili Liiva

Raili Liiva

Start sending messages to

for € N/A

Contact us