The WCF Portal service will not work if port 80 is turned off on the Application server. This is because in the Application server's web.config, Notifications endpoint (which was using no SSL binding) was added alongside the wcfportal endpoint (using SSL) causing SSL mismatch and breaking Cartegraph. The notifications endpoint was added alongside the WcfPortal service in order to prevent the notification's call to the Application server from going out and back to the Application server.
For customers who want to restrict access to port 80 from the outside, Cartegraph recommends making the following change to the Bindings in the IIS\Default Web Site to only allow localhost on port 80 hence blocking traffic from outside.
To only allow the http binding in the Default Web Site for localhost traffic by setting IP address to 127.0.0.1.
- From Site Bindings, click Edit.
- Enter 127.0.0.1 in the IP address field.
- Click OK.