cancel
Showing results for 
Search instead for 
Did you mean: 

Help Needed changing IP Endpoints

Background... Unfortunatly our web to print portal is recently no longer supported by its most recent owners. I have been tasked with keeping the system running until we are able to find a replacement solution.  I'm starting from ground zero here, and would appreciate any assistance that is available.  (This is a Web to print portal, formerly known as HP Director years ago...  more recently called PageFlex iWay, but is no longer supported by either company.)

 

Problem...  We received an email notice regarding "Authorize.Net Domains and IP Addresses" stating that our software/portal is connecting directly to an old IP address that is being disabled soon.  I am seeking help to ensure that these IP changes will not bring our portal to a crashing end before we are ready to transition to a new system.

 

The settings in the web portal itself do not allow me to change the endpoint domain or IP location.  I need to find these settings and edit them ASAP.  I've been reading documentation for both our portal and this API, but with no luck.

 

Can anyone offer guidance?  Such as where should I could look?  Where are the files for the API found? Are there any generic API config files hidden in every integration?  Is this endpoint hard coded somewhere that I cannot access?

 

I'm sure every system handles the integration differently... and your solution may not apply.

But ANY and ALL suggestions are welcome!!!!!

jcampbell1303
Member
6 REPLIES 6
Never commented on an issue like this but there’s a first time for everything. FYI I build ecommerce and other web applications and this forum is a hobby/timekiller for me, mostly when I’m waiting at restaurants but also sometimes when I’m tired at home or sick.

I’ll try to help you but I know not much about this to start. Your business is a card present business? Meaning the customer comes in with the physical card and you use your portal to process the payment with their card number ? Trying to see how you’re connecting to the API.

Your web portal software may need to be edited on the backend, meaning the actual code that users don’t usually see has to be altered. That’s a possibility. Software has a user interface that is learnable by people who don’t have experience programming, but what drives it is code that is only able to be deciphered by someone with the knowledge. That’s how it typically works. But this says nothing for sure about your situation at the moment. I just got my pancakes. If you give answer my question above as to if you are a card present business I will google your payment system while I wait in my check in a little.



Renaissance
All Star
Ok I see. The “web to print” terminology threw me off. You are in the printing business. You can google Pageflex iway guide and get that pdf. You’ve probably got it already. I see nothing at all in it about changing the IP address. So if you could find some sort of developer guide or source code, but that’s a long shot and a goose chase.

I think you may want to consider using some alternative print to web software that is modern and supported. You may try calling the Pageflex people and see if they can point you in any direction. Their product that you use isn’t supported, but they are in business with other products. They may have someone on their technical side that is sympathetic and can point you in some direction, if you wish to save your current software for another bit.

I got carried away because googling this also pulls up their annual filings. They are apparently in a very tough business or are a speculative venture. They lose money every year that I saw. So this discontinuing your product and focusing on something else is probably their only option and an attempt to save a business that may not otherwise be a going concern.

I’ll look out for your reply and see what you find out. My intuition is that your best option may be to give up on your current software ASAP. Not advice and not saying do anything that I say, just my hunch. On the other hand there are probably developers that used to work for them needing some kind of work really bad if you could just find one of them.

I found an AuthorizeNet folder on the server which contains five ASP files.  None of these files contain references to the endpoint directly by IP address... but two of these files do refer to the Endpoint by the domain URLs.  For example, the file payment.asp contains this on line 46:

 

paymentGatewayUrl = "https://secure.authorize.net/gateway/transact.dll"

 

The Notice states to if we are using the URL rather than the IP address then we don't have to do anything.  So it would appear the ASP code is correct, and I shouldn't need to do anything else....

 

However, how can I find out if these are the ONLY referances to the endpoints in the code?  

 

PS... we do plan to replace the system soon, but they only gave us 3-4 months warning on the 'sunsetting'.  No the developers are not very sympathetic or helpful, and they are in Isreal!!!  There is a whole story behind this softwares history, but I'm not gonna get into it.   Suffice it to say I inherited the mess, and I just have to keep it working for a few more months till I can get a new system up and running.  If I must I will disable Authorize.Net and switch to PayPal instead.

jcampbell1303
Member

Hello @jcampbell1303 

 

Based on your post, it appears you don't have an IP Address configured for your endpoint.  But you should also pay attention to any firewall whitelisting you might be doing.  This isn't part of the application code.

 

  1. If you use a firewall/proxy that only support IP addresses whitelisting, you will need to work with your developer or web host to add the new IP addresses to your whitelist. Once we have switched permanently to the new IP addresses, you may remove the old IP addresses.

 

Richard

I'm told by the Network Guy that HTTPS urls won't be blocked by our system, so he doen't need to edit any whitelists.

 

I'm still troubled by the wording in the Notice we recieved, here is the quote...  

"A test was performed of this change on 01/16/2019. We identified API traffic from your account that was connecting directly to the old IP addresses that we intend to remove on 03/06/2019."

 

Did they really identify our account using the old IP in their test?  or Was this just a generic email that went to everyone?

 

 

@jcampbell1303,

I think you have your answer. The endpoint you posted is a production endpoint to post transactions. Since it is a domain name and not an IP address then you are fine. I cannot imagine any reason on earth that there would be multiple production endpoints in a single application like that, and it would be even more bizarre for the endpoints to be a mix of domain names and IP addresses.

I would hate to give you advice and it turn out wrong, but if I were in your shoes I wouldn’t be worried now. My guess as to why you got that email is that authorize only detects what IP address the post requests are coming from and doesn’t make a distinction between who is using a domain name and who is using an IP address. So right now there is a soon to be discontinued IP address tied to that endpoint you posted. What will happen is when the IP addresses change, that url will be tied to the new IP address. So you are fine. That’s why they added the detail that if you use a domain name you don’t have to do anything.