Stripe integration without a public IP

Question

I have a nodejs integration with stripe for payment processing. It's been working fine for the last year. I've always had an Elastic IP address to make it easy to SSH into my system when needed. When AWS recently decided to start charging for public IPs, I removed the Elastic IP address and just allocate one when needed.

The problem is that my calls to stripe only connect if I have a public IP address on my system. (any address seems to be fine). If I remove the elastic ip from my instance, the calls to stripe timeout - I get no logs on their servers at all that an attempt was even made. I cannot find any documentation that stripe needs to have a public IP address to work. Is it possible they are blocking some of the Amazon IP ranges on incoming calls?

Any suggestions besides paying to keep the Public IP address that I don't otherwise need?

Accepted Answer

According to https://docs.stripe.com/ips

> Your integration must be able to reach any of Stripe’s fully qualified domain names for it to function properly.

It then goes on to a list a load of domain names and IPv4 addresses.

In order for you to reach these, you need to access the public internet, either directly with a public IPv4 address that has a route to an Internet Gateway, or via a NAT Gateway. If you don't have either of these there's no way to route from your instance onto the public internet, and thus onto the `*.stripe.com` addresses.

> Is it possible they are blocking some of the Amazon IP ranges on incoming calls?

Unlikely (but not impossible) because any time you allocate an elastic IP it gets drawn from the same pool of AWS's public IPv4 addresses.

> Any suggestions besides paying to keep the Public IP address that I don't otherwise need?

Will they support connections over IPv6? That's a question to ask of Stripe.

Answer

Is your Nodejs implementation based on Lambda?

Stripe integration without a public IP

Relevant content