.htaccess application folder - 403 forbidden access

Thanks insiteFX & dave friend for your answers. 


This is how I would like to implement Stripe solution : 

When a payment occurs, my website exchange with Stripe. When Stripe says payment is successfull, they use Webhook to tell my website that the payment is OK and the Webhook execute the PHP script (in the application/controllers folder) to push all the informations in the database. 

In the last step of payment implementation with Stripe the datasheet said : 

Step 5: Asynchronously fulfill the customer’s order

You can use the PaymentIntent returned by Stripe.js to provide immediate feedback to your customers when the payment completes on the client. However, your integration should not attempt to handle order fulfillment on the client side because it is possible for customers to leave the page after payment is complete but before the fulfillment process initiates. Instead, you will need to handle asynchronous events in order to be notified and drive fulfillment when the payment succeeds.

You can find this datasheet here Stripe Payment Datasheet


Today I have tested this code for the file .htaccess in the application folder 

Code:

<IfModule authz_core_module>
   Require all denied
</IfModule>
<IfModule !authz_core_module>
   Deny from all
</IfModule>
<RequireAll>
   Require all granted
</RequireAll>

It work fine with this code but it's not secure. 

I just want to allow the IP address of Stripe Webhook. 


Maybe the tool Ultrahook that I use to connect public endpoint with my private endpoint(localhost) modify the IP address ?  
It can be the reason why Webhook's Stripe addresses doesn't work ? 

Thanks for your help ! 

Samuel