github service hook and basic authentication

I'm trying to figure out how to secure a webhook reciever for a github service hook.

In the github manual pages, when you look in the section on what IP addresses github hooks will come from, it has this warning:

"We highly recommend that you don't white list IPs for Service Hooks. Instead, setup HTTPS and basic authentication to verify incoming requests."

• https://help.github.com/articles/what-ip-addresses-does-github-use-that-i-should-whitelist#service-hook-ip-addresses

In the documentation on post receive hooks I don't see any way to set up basic authentication.

How can I use basic authentication with github post-recieve/service/web hook that notifies me of a commit to a repository?

I think you can just use

https://yourUser:yourSecret@yoursite.net/path

like in any basic auth situation.

I will give it a try tomorrow, too :) https://github.com/blog/237-basic-auth-post-receives