Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
02-24-2014, 07:22 PM
|
#1
|
Member
Registered: Jun 2006
Distribution: SUSE, Red Hat, Oracle Linux, CentOS
Posts: 108
Rep:
|
Help with passing third party credit card transaction
I have an internal webserver/database/application which is used by several Agents to place orders. Basically, printed materials like business cards, hats, golf balls with company logo type merchandise. When they place the order if it is something that our print shop has on hand the order is processed without any credit card processing. If the item is not on hand the browser redirects them to Sterling which processes the their credit card payment. Once complete Sterling sends a file back with the user's email address, order ID, and an approved or denied to close out the transaction. The problem is our firewall is blocking that close receipt. The webserver/database/application server sits on the internal network and not in the DMZ. This server is running a custom CentOS provided by a vendor. Someone had suggested standing up a reverse proxy in the DMZ to take the "close out" packet sent from Sterling and deliver it to the internal CentOS server. How difficult is this? Is it possible to use for an https post request? Any other "easier" suggestions other than poking the hole in the firewall which will not happen. Never done anything with reverse proxies but all I need is this post request from Sterling to close out the browser session. Anyone else encounter anything similar and if so how did you overcome it? I also read about B2B gateways but that is not in the budget. Any open source ones?
|
|
|
02-25-2014, 10:24 AM
|
#2
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,336
|
Quote:
Originally Posted by bkone
I have an internal webserver/database/application which is used by several Agents to place orders. Basically, printed materials like business cards, hats, golf balls with company logo type merchandise. When they place the order if it is something that our print shop has on hand the order is processed without any credit card processing. If the item is not on hand the browser redirects them to Sterling which processes the their credit card payment. Once complete Sterling sends a file back with the user's email address, order ID, and an approved or denied to close out the transaction. The problem is our firewall is blocking that close receipt. The webserver/database/application server sits on the internal network and not in the DMZ. This server is running a custom CentOS provided by a vendor. Someone had suggested standing up a reverse proxy in the DMZ to take the "close out" packet sent from Sterling and deliver it to the internal CentOS server. How difficult is this? Is it possible to use for an https post request? Any other "easier" suggestions other than poking the hole in the firewall which will not happen. Never done anything with reverse proxies but all I need is this post request from Sterling to close out the browser session. Anyone else encounter anything similar and if so how did you overcome it? I also read about B2B gateways but that is not in the budget. Any open source ones?
|
You have already provided the solution:
Quote:
Originally Posted by bkone
This server is running a custom CentOS provided by a vendor.
|
If you're paying a vendor, then you're also paying them for support and resolution of problems like this. Putting a workaround in place is only going to give you more headaches (since YOU will have to support the workaround), but the vendor will be able to say "Well, you're in a non-standard configuration...sorry!" with any problem you might bring to them.
You *CAN* set up a reverse proxy on Linux for free, using open source products (like Apache or nginx...lots of tutorials can be found), but that isn't much more secure than just allowing traffic on the one port through the firewall. Why can't your network admins allow that traffic through? Seems easy and secure enough...they not only know the port, but the host from which it comes from...allowing ONLY that should be trivial.
|
|
|
All times are GMT -5. The time now is 05:42 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|