Security Considerations
- Nathaniel Halbrooks
IP ACLs
Zapier infrastructure runs on top of AWS services, so that if you want to limit the IP addresses accessing your PBX on the API port, you can enable a whitelist allowing requests going to your API port (same as PBX GUI - Admin GUI port) with these sources IPs (click on expand):
15.230.56.104/31
52.93.127.163/32
3.2.0.0/24
15.230.137.0/24
52.4.0.0/14
50.16.0.0/15
52.95.208.0/22
52.93.127.169/32
52.94.244.0/22
64.252.69.0/24
15.230.56.130/31
52.93.50.128/32
52.93.50.140/31
52.95.41.0/24
176.32.125.244/31
3.4.0.0/24
52.93.91.102/32
13.34.29.224/27
13.248.124.0/24
18.232.0.0/14
150.222.2.0/24
52.93.50.136/31
52.93.50.166/31
54.156.0.0/14
54.236.0.0/15
99.150.8.0/21
15.230.130.0/24
52.93.50.146/31
52.93.50.156/31
52.93.127.124/32
52.144.193.128/26
107.20.0.0/14
15.230.40.0/24
52.93.50.174/31
15.230.56.90/31
52.93.51.28/32
52.93.91.101/32
15.230.66.0/26
52.46.252.0/22
52.93.50.142/31
150.222.227.0/24
13.34.29.128/27
52.119.206.0/23
176.32.125.230/31
52.93.127.218/32
205.251.244.0/23
52.93.50.178/31
52.93.50.188/31
52.93.236.0/24
54.239.98.0/24
176.32.125.228/31
13.34.30.128/27
54.144.0.0/14
15.230.56.190/31
52.93.127.69/32
75.101.128.0/17
176.32.125.234/31
52.144.192.0/26
13.34.30.160/27
67.202.0.0/18
54.226.0.0/15
162.250.237.0/24
15.230.56.94/31
64.187.128.0/20
99.82.188.0/22
15.230.18.0/24
52.93.127.201/32
150.222.79.0/24
3.224.0.0/12
15.230.56.92/31
52.93.50.162/31
52.93.50.184/31
52.144.192.192/26
54.221.0.0/16
54.240.202.0/24
15.230.56.134/31
52.95.63.0/24
52.93.126.215/32
52.93.127.217/32
68.66.112.0/20
54.239.112.0/24
34.192.0.0/12
52.95.216.0/22
52.119.232.0/21
54.231.244.0/22
150.222.99.0/24
150.222.218.0/24
176.32.125.250/31
52.93.127.167/32
54.239.108.0/22
64.252.68.0/24
52.93.50.148/31
52.94.68.0/24
99.77.191.0/24
15.230.56.102/31
15.230.56.152/31
44.192.0.0/11
15.230.56.156/31
52.93.50.129/32
54.239.8.0/21
207.171.176.0/20
162.250.238.0/23
150.222.100.0/24
15.230.56.168/31
52.93.50.130/32
13.34.30.96/27
52.93.127.219/32
13.34.29.96/27
52.93.127.18/32
176.32.125.252/31
15.230.56.140/31
205.251.246.0/24
15.230.56.120/31
23.20.0.0/14
52.46.168.0/23
52.93.91.115/32
64.252.64.0/24
3.4.1.0/24
72.21.192.0/19
15.230.56.124/31
15.230.56.172/31
54.231.0.0/17
52.93.126.123/32
52.94.124.0/22
52.93.50.176/31
54.240.216.0/22
99.82.166.0/24
52.93.91.96/32
52.93.91.105/32
52.44.0.0/15
13.34.30.64/27
15.230.56.184/31
52.93.91.111/32
52.93.123.255/32
15.230.56.106/31
15.230.56.186/31
205.251.247.0/24
15.193.6.0/24
52.93.127.182/32
52.90.0.0/15
52.93.91.114/32
13.34.30.0/27
52.0.0.0/15
15.230.56.170/31
52.54.0.0/15
52.93.3.0/24
52.93.50.182/31
52.119.196.0/22
52.93.91.100/32
150.222.71.0/24
52.93.50.190/31
13.34.29.160/27
15.230.56.86/31
99.77.129.0/24
99.82.171.0/24
15.230.56.72/31
52.144.200.64/26
13.34.31.64/27
15.230.56.108/31
35.153.0.0/16
52.144.192.128/26
52.216.0.0/15
162.250.236.0/24
52.46.250.0/23
150.222.205.0/24
15.230.56.98/31
15.230.56.178/31
52.93.91.112/32
52.200.0.0/13
15.230.56.128/31
34.224.0.0/12
13.34.31.96/27
15.230.56.114/31
52.93.127.221/32
52.144.195.0/26
52.93.50.164/31
52.93.64.0/24
13.34.29.64/27
15.230.56.154/31
50.19.0.0/16
150.222.73.0/24
15.221.4.0/23
15.230.56.110/31
52.93.127.172/32
3.2.3.0/24
15.230.38.0/24
15.230.56.76/31
52.93.127.68/32
174.129.0.0/16
52.95.255.80/28
150.222.87.0/24
15.230.65.192/26
18.208.0.0/13
52.95.245.0/24
99.77.187.0/24
176.32.125.254/31
176.32.125.236/31
52.93.91.108/32
52.93.127.122/32
99.82.167.0/24
52.93.50.180/31
184.72.128.0/17
205.251.248.0/24
15.230.56.182/31
15.230.56.66/31
15.230.56.126/31
54.80.0.0/13
15.230.142.0/24
52.20.0.0/14
52.94.201.0/26
15.230.56.150/31
54.242.0.0/15
216.182.238.0/23
99.83.101.0/24
150.222.224.0/24
13.34.31.32/27
52.94.192.0/22
15.230.56.78/31
52.95.52.0/22
52.93.254.0/24
99.82.175.0/24
99.83.88.0/21
52.119.214.0/23
208.86.88.0/23
15.230.56.142/31
54.208.0.0/15
99.83.64.0/21
15.221.24.0/21
150.222.237.0/24
15.230.56.100/31
52.93.127.180/32
15.230.56.64/31
15.230.56.84/31
52.93.50.144/31
52.94.224.0/20
99.77.128.0/24
15.230.56.82/31
150.222.226.0/24
54.152.0.0/16
176.32.125.240/31
54.240.208.0/22
52.70.0.0/15
52.94.248.0/28
52.119.212.0/23
52.93.50.168/31
52.93.127.19/32
52.93.127.216/32
99.77.254.0/24
13.248.103.0/24
15.230.56.176/31
176.32.125.232/31
3.5.0.0/18
15.177.64.0/23
52.86.0.0/15
52.93.91.113/32
52.93.97.0/24
15.230.56.252/31
52.93.127.162/32
205.251.224.0/22
15.230.56.112/31
54.172.0.0/15
52.93.127.200/32
18.204.0.0/14
52.93.91.110/32
54.88.0.0/14
99.78.192.0/22
52.95.62.0/24
15.230.56.136/31
52.93.50.134/31
52.93.127.183/32
3.2.2.0/24
52.93.50.131/32
64.252.66.0/24
150.222.110.0/24
3.3.5.0/24
52.2.0.0/15
52.93.127.125/32
176.32.96.0/21
184.72.64.0/18
13.248.108.0/24
52.95.108.0/23
52.144.193.0/26
52.93.123.136/32
52.95.48.0/22
54.240.232.0/22
150.222.143.0/24
52.119.224.0/21
216.182.232.0/22
15.230.56.138/31
15.230.56.118/31
150.222.223.0/24
15.230.65.128/26
15.230.145.0/24
52.93.50.138/31
52.93.50.152/31
199.127.232.0/22
99.82.176.0/21
204.236.192.0/18
35.168.0.0/13
72.44.32.0/19
52.93.51.29/32
52.93.1.0/24
52.93.50.160/31
52.93.50.132/31
150.222.236.0/24
3.4.2.0/24
13.34.31.0/27
52.46.170.0/23
54.92.128.0/17
54.239.0.0/28
99.77.151.0/24
216.182.224.0/21
52.93.91.98/32
54.204.0.0/15
15.230.56.148/31
54.196.0.0/15
176.32.125.226/31
52.94.252.0/23
15.230.35.0/24
52.93.249.0/24
207.171.160.0/20
15.230.56.166/31
13.34.30.32/27
15.230.56.132/31
52.72.0.0/15
52.93.126.212/32
176.32.125.192/27
176.32.125.238/31
15.230.56.146/31
54.160.0.0/13
15.230.56.254/31
52.93.127.164/32
54.234.0.0/15
52.92.16.0/20
172.96.97.0/24
52.93.126.122/32
52.94.254.0/23
52.93.127.185/32
15.230.56.164/31
3.208.0.0/12
15.221.0.0/24
15.230.56.70/31
52.93.91.103/32
176.32.124.128/25
184.73.0.0/16
54.174.0.0/15
52.93.4.0/24
52.93.59.0/24
54.224.0.0/15
99.82.165.0/24
52.93.50.194/31
3.80.0.0/12
15.230.56.68/31
15.230.56.174/31
52.93.50.154/31
52.93.126.213/32
52.144.200.128/26
54.240.196.0/24
150.222.66.0/24
52.93.127.165/32
13.34.29.192/27
176.32.125.246/31
15.230.56.116/31
150.222.222.0/24
52.93.127.181/32
52.93.126.214/32
52.93.127.173/32
64.252.67.0/24
54.198.0.0/16
13.34.30.192/27
15.230.56.250/31
52.46.128.0/19
52.93.127.166/32
176.32.125.242/31
15.230.56.88/31
52.93.91.109/32
52.93.127.123/32
52.93.50.186/31
52.144.193.64/26
54.239.16.0/20
13.34.30.224/27
15.230.56.180/31
52.144.194.0/26
52.46.164.0/23
15.230.56.188/31
52.93.91.106/32
54.240.228.0/23
176.32.120.0/22
15.230.56.96/31
15.230.56.158/31
52.93.50.170/31
52.93.50.192/31
72.41.0.0/20
54.210.0.0/15
150.222.76.0/24
13.248.116.0/24
15.230.56.74/31
52.93.76.0/24
52.93.91.99/32
52.93.127.184/32
100.24.0.0/13
15.230.56.248/31
150.222.136.0/24
52.93.127.220/32
52.93.91.97/32
52.93.91.107/32
52.93.127.168/32
54.239.104.0/23
15.230.56.122/31
15.230.56.144/31
150.222.206.0/24
209.54.176.0/21
15.230.56.162/31
15.230.57.0/24
52.93.50.172/31
52.94.240.0/22
150.222.138.0/24
15.230.56.80/31
52.46.166.0/23
52.94.0.0/22
205.251.240.0/22
52.144.192.64/26
15.230.56.160/31
176.32.125.248/31
52.93.60.0/24
52.93.50.150/31
52.93.91.104/32
176.32.125.224/31
52.93.50.158/31
99.77.254.0/24
107.23.255.0/26
54.243.31.192/26
54.231.0.0/17
52.216.0.0/15
3.5.0.0/18
52.92.16.0/20
3.218.180.0/22
52.119.232.0/21
52.119.224.0/21
52.94.0.0/22
3.2.0.0/24
52.4.0.0/14
50.16.0.0/15
64.252.69.0/24
3.4.0.0/24
18.232.0.0/14
54.156.0.0/14
54.236.0.0/15
99.150.8.0/21
107.20.0.0/14
54.144.0.0/14
75.101.128.0/17
67.202.0.0/18
54.226.0.0/15
162.250.237.0/24
64.187.128.0/20
3.224.0.0/12
54.221.0.0/16
68.66.112.0/20
34.192.0.0/12
64.252.68.0/24
99.77.191.0/24
44.192.0.0/11
162.250.238.0/23
23.20.0.0/14
64.252.64.0/24
3.4.1.0/24
52.44.0.0/15
15.193.6.0/24
52.90.0.0/15
52.0.0.0/15
52.54.0.0/15
99.77.129.0/24
35.153.0.0/16
162.250.236.0/24
52.200.0.0/13
34.224.0.0/12
50.19.0.0/16
3.2.3.0/24
174.129.0.0/16
52.95.255.80/28
18.208.0.0/13
52.95.245.0/24
99.77.187.0/24
184.72.128.0/17
54.80.0.0/13
52.20.0.0/14
52.94.201.0/26
54.242.0.0/15
216.182.238.0/23
208.86.88.0/23
54.208.0.0/15
99.77.128.0/24
54.152.0.0/16
52.70.0.0/15
52.94.248.0/28
99.77.254.0/24
3.5.0.0/18
15.177.64.0/23
52.86.0.0/15
54.172.0.0/15
18.204.0.0/14
54.88.0.0/14
3.2.2.0/24
64.252.66.0/24
3.3.5.0/24
52.2.0.0/15
184.72.64.0/18
216.182.232.0/22
204.236.192.0/18
35.168.0.0/13
72.44.32.0/19
3.4.2.0/24
54.92.128.0/17
99.77.151.0/24
216.182.224.0/21
54.204.0.0/15
54.196.0.0/15
52.72.0.0/15
54.160.0.0/13
54.234.0.0/15
3.208.0.0/12
184.73.0.0/16
54.174.0.0/15
54.224.0.0/15
3.80.0.0/12
64.252.67.0/24
54.198.0.0/16
72.41.0.0/20
54.210.0.0/15
100.24.0.0/13
13.248.124.0/24
99.82.166.0/24
99.82.171.0/24
99.82.167.0/24
99.83.101.0/24
99.82.175.0/24
13.248.103.0/24
13.248.108.0/24
99.82.165.0/24
13.248.116.0/24
15.177.64.0/23
18.206.107.24/29
18.233.213.128/25
3.216.135.0/24
3.216.136.0/21
3.216.144.0/23
3.216.148.0/22
3.217.228.0/22
3.218.180.0/25
3.218.180.128/25
3.218.181.0/25
3.218.181.128/25
3.218.182.0/25
3.218.182.128/25
3.218.183.0/25
3.218.183.128/25
3.227.250.128/25
3.231.2.0/25
3.234.232.224/27
3.234.248.192/26
3.235.112.0/21
3.235.189.100/30
3.235.189.96/30
3.235.202.128/26
3.235.26.0/23
3.235.32.0/21
3.236.169.0/25
3.236.169.192/26
3.236.32.0/22
3.236.48.0/23
3.236.94.128/25
3.237.107.0/25
3.238.167.0/24
3.238.212.0/22
3.239.232.0/24
3.83.168.0/22
3.91.171.128/25
34.195.252.0/24
34.226.14.0/24
34.228.4.208/28
35.172.155.192/27
35.172.155.96/27
52.23.61.0/24
52.23.62.0/24
52.55.191.224/27
Even if we are working to find a better way to secure the Zapier interconnection, at the moment this is the only known and public way of securing your PBX when using Sangoma - FreePBX/PBXact integration.
More Details
You can find a better explanation and more details about Zapier used IPs here: AWS IP address ranges - Amazon Virtual Private Cloud
HTTPS
IMPORTANT
In order to make Zapier correctly interworking with your PBX a valid SSL Certificates is requested and must be installed on your PBXact/FreePBX.
If you’re using a self-signed certificate, it’s likely you’ll receive an SSL Certificate Failure error. Zapier currently only supports SSL certificates which are issued by public certificate authorities.
A free SSL certificate can be obtained from https://letsencrypt.org. Let’s Encrypt is a free, automated, and open certificate authority provided by the non-profit Internet Security Research Group (ISRG).
More Details
You can find a better explanation and more details about Zapier SSL: Fix SSL certificate failures in Zaps