In general it is not necessary to secure the webhook endpoint because you will be able to verify the origin of the request using the Payrexx API.
- Create a .htaccess file in the folder where your webhook script is located:
AuthType Basic AuthName "Webhook Security" AuthUserFile /absolute-path-to-the-webhook-directory/.htpasswd Require valid-user
- Create a .htpasswd file in the folder where your webhook script is located:
You can generate the content for the file on http://www.htaccesstools.com/htpasswd-generator/
- Now you have to tell Payrexx the username and password in the webhook url setting: