Enable Allowlisting on Your Payment Device
Restrict the Self/Series device to only communicate with approved CyoGate endpoints — a critical security measure for unattended public-facing devices.
Required Endpoints
| Endpoint | Port |
|---|---|
secure.cyogate.net | 443 |
sdk.cyogate.net | 443 |
tms.cyogate.net | 443 |
Linux iptables
sudo iptables -P OUTPUT DROP
sudo iptables -A OUTPUT -d secure.cyogate.net -p tcp --dport 443 -j ACCEPT
sudo iptables -A OUTPUT -d sdk.cyogate.net -p tcp --dport 443 -j ACCEPT
sudo iptables -A OUTPUT -d tms.cyogate.net -p tcp --dport 443 -j ACCEPT
sudo iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
sudo iptables -A OUTPUT -p udp --dport 123 -j ACCEPT
sudo iptables-save | sudo tee /etc/iptables/rules.v4Test rules in a non-production environment first — overly restrictive rules will cause transaction failures.