I've 1 JavaScript file which will publish messages on Facebook. I'm able to refer to this as file using

{'message': 'This is a message'}

as Publish parameters and it'll publish it on Facebook. It's location is /request/facebook.php. Now I figured relating to this. Anybody can refer to this as file and publish messages on my small Facebook account! How do i safeguard this file, therefore it are only able to be known as from the couple of servers? I understand their IP addresses. And just how can one refer to it as then from my very own server (without losing security)?

IP restriction is a great start, but IP's change once in some time.

I'd get a username/password or some kind. It does not have to be excessively complex, as lengthy because the transmission from the key/password is encoded.

You have to implement some kind of security in your site, to avoid just anybody from invoking your server script. IP restriction is unquestionably viable.