The primary reason we don’t publish an IP address is we use auto scaling AWS instances that change IP routinely, typically every 12-24 hours. We validate from many locations for security, but the IPs we validate from are not themselves sensitive.
You’re free to allow the AWS regions we currently use, but you’re responsible for figuring out those IP ranges and following this forum’s API updates category for updates to our validation infrastructure. We may make changes without prior warning.
This topic is getting overly argumentative so I am going to close it. To everyone, please be respectful of people’s feature requests. You don’t need to argue with people to tell them they’re wrong.
DNS validation is our primary recommended approach for anyone who doesn’t want to expose webservers to the wider internet.