JRockFL
asked on
Norton Firewall blocking CFHTTP
I'm trying to post credit card transaction to authorize.net with CFHTTP but Norton Personal Firewall on my web server is blocking it. What can I do?
You need to "poke a hole" in the firewall to allow the ports that are being used to come and/or go through the firewall
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes, I know how to manage the ports....but what port?
I'd suggest to install a sniffer (try Ethereal http://www.ethereal.com/ ) and look what traffic is going trough ... that would definatly tell you a bit more of what's going on or not.
also what code are u using for ur CFHTTP call? can u pls paste that also
also what code are u using for ur CFHTTP call? can u pls paste that also
ASKER
Ok, I downloaded this progam....how do i just turn it on to see what's going on?
<cfhttp method="post" url="https://certification.authorize.net/gateway/transact.dll">
<cfhttpparam name="x_login" type="formfield" value="login">
<cfhttpparam name="x_tran_key" type="formfield" value="transkey">
<cfhttpparam name="x_method" type="formfield" value="CC">
<cfhttpparam name="x_type" type="formfield" value="AUTH_CAPTURE">
<cfhttpparam name="x_amount" type="formfield" value="19.99">
<cfhttpparam name="x_delim_data" type="formfield" value="TRUE">
<cfhttpparam name="x_delim_char" type="formfield" value="|">
<cfhttpparam name="x_relay_response" type="formfield" value="FALSE">
<cfhttpparam name="x_card_num" type="formfield" value="4111111111111111">
<cfhttpparam name="x_exp_date" type="formfield" value="05/05">
<cfhttpparam name="x_version" type="formfield" value="3.1">
<cfhttpparam name="x_invoice_num" type="formfield" value="041803-001">
<cfhttpparam name="x_description" type="formfield" value="ColdFusion: Simple AIM Example">
<cfhttpparam name="x_cust_id" type="formfield" value="SuperStore 007">
</cfhttp>
<cfset api_response=cfhttp.fileCo ntent>
<cfoutput>#api_response#</ cfoutput>
<cfhttp method="post" url="https://certification.authorize.net/gateway/transact.dll">
<cfhttpparam name="x_login" type="formfield" value="login">
<cfhttpparam name="x_tran_key" type="formfield" value="transkey">
<cfhttpparam name="x_method" type="formfield" value="CC">
<cfhttpparam name="x_type" type="formfield" value="AUTH_CAPTURE">
<cfhttpparam name="x_amount" type="formfield" value="19.99">
<cfhttpparam name="x_delim_data" type="formfield" value="TRUE">
<cfhttpparam name="x_delim_char" type="formfield" value="|">
<cfhttpparam name="x_relay_response" type="formfield" value="FALSE">
<cfhttpparam name="x_card_num" type="formfield" value="4111111111111111">
<cfhttpparam name="x_exp_date" type="formfield" value="05/05">
<cfhttpparam name="x_version" type="formfield" value="3.1">
<cfhttpparam name="x_invoice_num" type="formfield" value="041803-001">
<cfhttpparam name="x_description" type="formfield" value="ColdFusion: Simple AIM Example">
<cfhttpparam name="x_cust_id" type="formfield" value="SuperStore 007">
</cfhttp>
<cfset api_response=cfhttp.fileCo
<cfoutput>#api_response#</
have u tried specifying a port within your CFHTTP?
port | 80 for http | 413 for https
Port number on the server to which to send the request.
A port value in the url attribute overrides this value.
<CFHTTP PORT="80" METHOD="post" URL="https://certification.authorize.net/gateway/transact.dll">... </CFHTTP>
http://livedocs.macromedia.com/coldfusion/6.1/htmldocs/tags-p58.htm
port | 80 for http | 413 for https
Port number on the server to which to send the request.
A port value in the url attribute overrides this value.
<CFHTTP PORT="80" METHOD="post" URL="https://certification.authorize.net/gateway/transact.dll">... </CFHTTP>
http://livedocs.macromedia.com/coldfusion/6.1/htmldocs/tags-p58.htm
ASKER
No luck with that either...I have to think about this...
hmm. just a guess.
i remember, our web administrator block some sites.
that may be the problem, is it blocking the authorize.net???
err...
i remember, our web administrator block some sites.
that may be the problem, is it blocking the authorize.net???
err...
ASKER
kkhipple,
Thanks for your help. The problem was receiving the response back from Authorize.net
I added their IP block to my allow list.
Thanks for your help. The problem was receiving the response back from Authorize.net
I added their IP block to my allow list.
Yes that is what I mentioned in the beginning.
But while adding the authorize.net ip range into the allow list is a good temporary solution it is not a good permanent one.
You need to contact authorize.net and find out which ports are needed and only open those ports - not all ports - from the authorize.net IP range.
Basically what you did will work because you opened a huge hole in your firewall where you only needed to poke a few small ones.
So in the long run it would be better to close this larger hole and only open the small holes you need.
But while adding the authorize.net ip range into the allow list is a good temporary solution it is not a good permanent one.
You need to contact authorize.net and find out which ports are needed and only open those ports - not all ports - from the authorize.net IP range.
Basically what you did will work because you opened a huge hole in your firewall where you only needed to poke a few small ones.
So in the long run it would be better to close this larger hole and only open the small holes you need.
that's why i suggested using Ethereal http://www.ethereal.com/ - as it will let you know what ports are being used by authorize.net or whatever other ip address