CHAPI supports inbound requests on Port 12556. This was developed for internal use initially (monitoring CHAPI) but was expanded to include the ability for external webhooks to trigger SQL stored procedure.

The stored procedures run using a URL like:

  http://cyrious.mybusiness.com:12556/chapi/sqlmacro?name=MyStoredProc

These endpoints only support HTTP. A Reverse-Proxy solution is needed when sending from outside the network for the following reasons:

Data Security

• All traffic over the web that is HTTP is readable at each routing node, or by anyone listening in on the local network.
• Since Order and/or payment data may be included in these requests, this represents a data security issue.

Blocked

• Many websites today will only allow HTTPS webhooks to be sent, so they are not compatible with the current CHAPI.

Exposure

• Exposing CHAPI to the public without any login requirement or SSL creates a potential security exposure.
• We aren't aware of any problems, but it would be better to prevent those.

The solution is to install a reverse proxy in front of CHAPI. The reverse proxy receives the HTTPS traffic on Port 17556, and then relays that to the CHAPI server on Port 12556. A diagram of the configuration when complete will look like this:

A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server. A reverse proxy provides an additional level of abstraction and control to ensure the smooth flow of network traffic between clients and servers

The reverse proxy meets the following objectives:

• Runs on Windows as a Service.
• Easy to Install.
• Easy to Configure.
• Changes protocols on the reverse connection (HTTPS to HTTP).
• Changes ports on the reverse connection (17556 to 12556).
• Uses and installed SSL certificate to provide a trusted connection.

1. A hosted subdomain (ex: cyriousorders.mycompany.com)
2. Sub-domain SSL Certificate for the URL being used (a Wildcard SSL is ok).
3. TCP Ports 17556, 443, and 80 will need to be open to the internet on the machine the service will run.
4. Ports 443 and 80 cannot be bound on the machine (i.e., an IIS site or service)
5. The subdomain will need to redirect to the machine the service will run.

Option 1 - IIS URL Re-write

1. https://www.iis.net/downloads/microsoft/url-rewrite
2. Be sure to check the box for Append query string

Option 2 - Caddy Server

1. Add Port Forwarding rule in external firewall for port Inbound Port 17556 to <serverip> Local Port 17556. - Install SSL Certificate on server.
2. Add Inbound Port exception for TCP port 17556.
3. Download Reverse-Proxy files.
   1. ftp.cyrious.com/Cyrious/Control/Integrations/Reverse-Proxy/Integration Service.zip
4. Extract files to Cyrious folder (ex: C:\Program Files (x86)\Cyrious\).
5. If the path to the Cyrious folder is “C:\Program Files (x86)\Cyrious\” skip ahead to step 12.
6. Right-click on the “Install Caddy Service.bat” file and click Edit.
7. Change the paths to point to the Integration Service folder and “Start Caddy.bat” file.
8. Save the “Install Caddy Service.bat” file and close it.
9. Right-click on the “Start Caddy.bat” file and click Edit.
10. Change the path to point to the Integration Service folder.
11. Save the “Start Caddy.bat” file and close it.
12. Right-click on the “Install Caddy Service.bat” file and click Run As Administrator.
13. Open Services window (Services.msc).
14. Ensure both Chapi.Integration and Chapi.ServiceHost_12556 are running.

To test, paste the following URL into any browser. Replace test.testing.net with the domain being used.

https://test.testing.net:17556/chapi/sqlmacro

The test is successful if you receive an XML file response like the following:

This XML file does not appear to have any style information associated with it. The document tree is shown below.
  <Error>
    <Message>
      No HTTP resource was found that matches the request URI 'http://test.testing.net:17556/chapi/sqlmacro'.
    </Message>
    <MessageDetail>
      No action was found on the controller 'SQLMacro' that matches the request.
    </MessageDetail>
  </Error>

Visit the following article for documentation on how to send data to Chapi's Endpoint Listener http://control.cyriouswiki.com/chapi_url_endpoint_listener