CSF/LFD blocking Authorize.net Relay URL
Posted: 20 Apr 2019, 18:12
We are using a reservations system on a new web site. The payment processing in that system uses a hosted payment form at Authorize.net, and when the payment is successfully completed Authorize.net submits a POST back to the reservation system to confirm the payment and retrieves a "Thank You" page from our web site and displays it to the customer. When the CSF/LFD firewall on the server is disabled, this process works exactly as advertised (the initial request is the retrieval of the transaction information to redirect to Authorize.net):
69.136.239.247 - - [20/Apr/2019:10:36:53 -0400] "GET /reservations/index.php?controller=pjFrontPublic&action=pjActionGetPaymentForm&locale=1&hide=0&index=7911&booking_id=79&payment_method=authorize HTTP/1.1" 200 631
198.241.206.38 - - [20/Apr/2019:10:37:22 -0400] "POST /reservations/index.php?controller=pjFrontEnd&action=pjActionConfirmAuthorize HTTP/1.1" 303 - "-" "-"
198.241.206.38 - - [20/Apr/2019:10:37:33 -0400] "GET /thank-you.html HTTP/1.1" 200 21870 "-" "-"
When the CSF/LFD firewall on the server is enabled , however, the POST request shows up in the log file 60 seconds after the payment is processed, and the "GET /thank-you.html" request is never received (and Authorize.net shows a timeout error 30 seconds after the payment is processed):
69.136.239.247 - - [20/Apr/2019:10:33:24 -0400] "GET /reservations/index.php?controller=pjFrontPublic&action=pjActionGetPaymentForm&locale=1&hide=0&index=5392&booking_id=78&payment_method=authorize HTTP/1.1" 200 630
198.241.206.38 - - [20/Apr/2019:10:33:46 -0400] "POST /reservations/index.php?controller=pjFrontEnd&action=pjActionConfirmAuthorize HTTP/1.1" 303 - "-" "-"
I have tried everything I can think of to troubleshoot this issue, with no success. I have added the "198.241.206.38" IP address to both csf.allow and csf.ignore and restarted CSF/LFD, with no success. There are also no entries in any log file related to blocks of that IP address.
What else could CSF/LFD be doing that would block those requests without recording any entry of that action anywhere?
Best Regards,
Randall Severy
69.136.239.247 - - [20/Apr/2019:10:36:53 -0400] "GET /reservations/index.php?controller=pjFrontPublic&action=pjActionGetPaymentForm&locale=1&hide=0&index=7911&booking_id=79&payment_method=authorize HTTP/1.1" 200 631
198.241.206.38 - - [20/Apr/2019:10:37:22 -0400] "POST /reservations/index.php?controller=pjFrontEnd&action=pjActionConfirmAuthorize HTTP/1.1" 303 - "-" "-"
198.241.206.38 - - [20/Apr/2019:10:37:33 -0400] "GET /thank-you.html HTTP/1.1" 200 21870 "-" "-"
When the CSF/LFD firewall on the server is enabled , however, the POST request shows up in the log file 60 seconds after the payment is processed, and the "GET /thank-you.html" request is never received (and Authorize.net shows a timeout error 30 seconds after the payment is processed):
69.136.239.247 - - [20/Apr/2019:10:33:24 -0400] "GET /reservations/index.php?controller=pjFrontPublic&action=pjActionGetPaymentForm&locale=1&hide=0&index=5392&booking_id=78&payment_method=authorize HTTP/1.1" 200 630
198.241.206.38 - - [20/Apr/2019:10:33:46 -0400] "POST /reservations/index.php?controller=pjFrontEnd&action=pjActionConfirmAuthorize HTTP/1.1" 303 - "-" "-"
I have tried everything I can think of to troubleshoot this issue, with no success. I have added the "198.241.206.38" IP address to both csf.allow and csf.ignore and restarted CSF/LFD, with no success. There are also no entries in any log file related to blocks of that IP address.
What else could CSF/LFD be doing that would block those requests without recording any entry of that action anywhere?
Best Regards,
Randall Severy