PayPal IPN Instant Payment Notification Warning from PayPal

2 years ago
libor wrote:
I suggest to set the IPN link in the plugin settings to https://www.store.com/Plugins/PaymentPayPalStandard/IPNHandler   and give it a try.

My (newer) version of the plugin does not have this setting, so I can't check it now, my plugin sends the store URL with the callback address by default so this setting was left out.

Another thought:
If you can set the whole page to SSL only by setting 'Force SSL for all site pages' to true. (a pure SSL site is becoming a good point nowadays in SEO rating anyway)  then I would suggest to include an URL rewrite rule in your server configuration to direct all non-SSL traffic to the correspoding https address.  This would perhaps direct the paypal callbacks to their ssl variants even if you can't set it to https.

I am running IIS 10 on a windows server 2016, this is what I use in the web.config for the URL rewrite: (you should have the URL Rewrite module installed first)  insert this between the system.webServer tags.
<rewrite>
<rules>
  <rule name="HTTP/S to HTTPS Redirect" enabled="true" stopProcessing="true">
      <match url="(.*)" />
      <conditions logicalGrouping="MatchAny">
          <add input="{SERVER_PORT_SECURE}" pattern="^0$" />
      </conditions>
      <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" />
  </rule>
</rules>
</rewrite>

PS. The good point in this error that your payments are still processed, you are just not getting the markings 'Paid' which you can do manually in the meantime.  In our case with the direct module we were facing complete blackout.


Hi, we have alredy installed and ssl, and check 'Force SSL for all site pages' to true, we have added also your rewrite rule and made a test, but it fails too..

Don't know what it can be, I have seen something that paypal has changed their paypal ipn postback url:

www.paypal.com/cgi-bin/webscr to ipnpb.paypal.com/cgi-bin/webscr

But because all was working fine days ago, I think this is already implemented in the plugin
2 years ago
Yes, you are right. The breaking change might be NOT your shop's https state as I was initially thinking, although the PayPal error log suggests this. (https is even not need for the postback currently as I read, although having it will make your solution future proof, so it is definitely not a problem)

but the main problem with your setup could be the address change:  

www.paypal.com/cgi-bin/webscr to ipnpb.paypal.com/cgi-bin/webscr

I checked it in my version of the plugin (1.42) it is   ipnpb... in mine.  I don't know since what version of the plugin it is so, but I suppose your version 1.21 still has the old address.

It is hard-coded into the plugin so you can change it only via upgrading the plugin or (if it is not easily done)  you could perhaps recompile it (if you have the source code) only changing this URL address in the code, in case the API parameters were not changed by PayPal with the new URL.

If I were you I would go for a complete version upgrade of both nopcommerce and the paypal plugin to the latest.
2 years ago
libor wrote:
Yes, you are right. The breaking change might be NOT your shop's https state as I was initially thinking, although the PayPal error log suggests this. (https is even not need for the postback currently as I read, although having it will make your solution future proof, so it is definitely not a problem)

but the main problem with your setup could be the address change:  

www.paypal.com/cgi-bin/webscr to ipnpb.paypal.com/cgi-bin/webscr

I checked it in my version of the plugin (1.42) it is   ipnpb... in mine.  I don't know since what version of the plugin it is so, but I suppose your version 1.21 still has the old address.

It is hard-coded into the plugin so you can change it only via upgrading the plugin or (if it is not easily done)  you could perhaps recompile it (if you have the source code) only changing this URL address in the code, in case the API parameters were not changed by PayPal with the new URL.

If I were you I would go for a complete version upgrade of both nopcommerce and the paypal plugin to the latest.


Hi, I have test it changin the url on PayPalStandardPaymentProcessor.cs (I didn't find more places where there is a URL) and it doesn't go even to paypal after finishing the purchase...
2 years ago
Hello,

I have the same issue:
Nopcommerce 3.2
Paypal Standard 1.18
Log:
Short message: PayPal IPN failed.
Full message: Nop.Core.NopException……….
Page URL:  https://www.storename.com/plugins/paymentpaypalstandard/ipnhandler
2 years ago
Hey hey,

After following some of the post in this thread I discovered It basically revolves around how background tasks (PayPal IPN handler) communications are performed - PayPal recently changed there security rules

To resolve I performed the following tasks:

1. (hopefully this has already been implemented) Ensure that your sites certificate is TLS 1.2 compliant;

2. Update your hosting to ensure that the minimum TLS accepted is TLS 1.2 (In Azure this is located under the Apps SSL settings);

3. Navigate to the PayPal plugin Administration -> Configuration -> Payment -> Payment Methods
    Click the 'Configure' link adjacent to 'Payments.PayPalStandard'. In the screen that opens update you 'IPN Handler' to:

    'https://<yousitedomain>/plugins/paymentpaypalstandard/ipnhandler'

    Click 'Save' and exit Admin screens;

4. (This is the slight tricker part) If your site has been compiled using .Net 4.7 of higher this should not affect you, otherwise there are two options available to you:

    a. Open your site solution in VS, update all the projects to be .NET 4.7 or greater (right mouse click project -> Properties ->
     Application), recompile and deploy (this is a bit excessive);
    b. Open your site solution in VS locate the Nop.Web projects 'Global.asax' and add the following to the 'Application_Start()'
    function - 'ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;', compile and deploy Nop.Web;

If this is not possible you can spoof the environment but this method will require re-applying if the site / infrastructure is restarted:

1. Create a *.aspx file at the root of you site;
2. Paste the following into the newly create file:

<%@ Page Language="C#" %>

<% System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12; %>

Hello

3. In a browser navigate to <yousitedomain>/yourfile.aspx and this should make the environment think all comms are TLS 1.2
1 year ago
Thank you very much:)

I used solution 4.b
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; in Application_Start() (Nop.Web dll)
1 year ago
gahrvoje wrote:
Thank you very much:)

I used solution 4.b
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12; in Application_Start() (Nop.Web dll)



Hi gahrvoje, ¿did you add it like this?



I'm getting the error: the name ServicePointManager and SecurityProtocolType does not exist in the current context
1 year ago
You need to import the using (System.Net) to the class. Click on the red underlined 'ServicePointManager' and then press Ctrl+. and in the prompt that opens select 'using System.Net'.
1 year ago
RazzaJsy wrote:
You need to import the using (System.Net) to the class. Click on the red underlined 'ServicePointManager' and then press Ctrl+. and in the prompt that opens select 'using System.Net'.


Thank you RazzaJsy, I will try now.