News:

You may pay someone to create your store, or you visit our seminar and become a professional yourself with the silver certification

Main Menu

Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = 66.211.170.66

Started by samlf3rd, May 14, 2013, 23:08:46 PM

Previous topic - Next topic

samlf3rd

I keep getting these emails from my estores (J 2.5.9 & VM 2.0.20b):

Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = 66.211.170.66.
The remote address of the script posting to this notify script does not match a valid PayPal ip address

These are the valid IP Addresses: The Order ID received was: 329767em

Is PayPal changing their IP's? Anybody else?

In my PayPal plugin file I have this:
function checkPaypalIps ($test_ipn, $order_number, $method) {

// Get the list of IP addresses for www.paypal.com and notify.paypal.com
if ($method->sandbox) {
$paypal_iplist = gethostbynamel ('ipn.sandbox.paypal.com');
$paypal_iplist = (array)$paypal_iplist;
} else {
$paypal_iplist1 = gethostbynamel ('www.paypal.com');
$paypal_iplist2 = gethostbynamel ('notify.paypal.com');
$paypal_iplist3 = array( '216.113.188.202' , '216.113.188.203' , '216.113.188.204' , '66.211.170.66' );
            $paypal_iplist = array_merge( $paypal_iplist1, $paypal_iplist2, $paypal_iplist3 );
}
$this->logInfo ('checkPaypalIps: ' . implode (",", $paypal_iplist) . " server is:" . $_SERVER['REMOTE_ADDR'], 'message');
$hostname = $this->_getPaypalUrl ($method);
//  test if the remote IP connected here is a valid IP address
if (!in_array ($_SERVER['REMOTE_ADDR'], $paypal_iplist)) {
$mail_subject = "PayPal IPN Transaction on your site: Possible fraud";
$mail_body = "Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = " . $_SERVER['REMOTE_ADDR'] . ".
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address\n
            These are the valid IP Addresses: " . implode (",", $paypal_iplist) .
"The Order ID received was: " . $order_number;
$this->sendEmailToVendorAndAdmins ($mail_subject, $mail_body);
return FALSE;
}
/*


Also, I even got this return in an email this morning too:

Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = 173.0.81.1.
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address

            These are the valid IP Addresses: The Order ID received was: 49e30378

I don't know where the 173.0.81.1 is coming from? It isn't in the plugin file?

Sam

alatak

Hello

QuoteError code 506. Possible fraud. Error with REMOTE IP ADDRESS = 66.211.170.66.
The remote address of the script posting to this notify script does not match a valid PayPal ip address

These are the valid IP Addresses: The Order ID received was: 329767em

Strange : the list  of the valid IP adresses is empty. That is the reason why you are getting this email.

Looks like one of the gethostbynamel() function returned false because one of the hostname  could not be resolved. I wonder which one and why...'www.paypal.com' or 'notify.paypal.com' ?
$paypal_iplist1 = gethostbynamel ('www.paypal.com');
$paypal_iplist2 = gethostbynamel ('notify.paypal.com');

So the
$paypal_iplist = array_merge( $paypal_iplist1, $paypal_iplist2, $paypal_iplist3 );
and this list  paypal_iplist  is then false.

Please do this
after those lines
$paypal_iplist1 = gethostbynamel ('www.paypal.com');
$paypal_iplist2 = gethostbynamel ('notify.paypal.com');

add this code


if (!is_array($paypal_iplist1) or !is_array($paypal_iplist2)) {
                $mail_subject = "PayPal IPN Transaction Warning on your site: Could not resolve paypal hostname";
                $mail_body = " One of the PayPal hostname could not be resolved \n";
                if (!is_array($paypal_iplist1)) {
                    $paypal_iplist1 = array();
                    $mail_body .= " www.paypal.com \n";
                }
                if (!is_array($paypal_iplist2)) {
                    $paypal_iplist2 = array();
                    $mail_body .= " notify.paypal.com \n";
                }
                $this->sendEmailToVendorAndAdmins($mail_subject, $mail_body);
            }


You will receive an email telling which hostname could not be reolved. But you will not get anylonger the email with " Error code 506. Possible fraud."
I am fixing the Paypal code.

samlf3rd

So what you are saying is that my new code should look like this (or do I remove the other "if" statement?

function checkPaypalIps ($test_ipn, $order_number, $method) {

// Get the list of IP addresses for www.paypal.com and notify.paypal.com
if ($method->sandbox) {
$paypal_iplist = gethostbynamel ('ipn.sandbox.paypal.com');
$paypal_iplist = (array)$paypal_iplist;
} else {
$paypal_iplist1 = gethostbynamel ('www.paypal.com');
$paypal_iplist2 = gethostbynamel ('notify.paypal.com');
}

//New Code???
if (!is_array($paypal_iplist1) or !is_array($paypal_iplist2)) {
                $mail_subject = "PayPal IPN Transaction Warning on your site: Could not resolve paypal hostname";
                $mail_body = " One of the PayPal hostname could not be resolved \n";
                if (!is_array($paypal_iplist1)) {
                    $paypal_iplist1 = array();
                    $mail_body .= " www.paypal.com \n";
                }
                if (!is_array($paypal_iplist2)) {
                    $paypal_iplist2 = array();
                    $mail_body .= " notify.paypal.com \n";
                }
                $this->sendEmailToVendorAndAdmins($mail_subject, $mail_body);
            }


But what about this part?
$paypal_iplist3 = array( '216.113.188.202' , '216.113.188.203' , '216.113.188.204' , '66.211.170.66' );
            $paypal_iplist = array_merge( $paypal_iplist1, $paypal_iplist2, $paypal_iplist3 );
}
$this->logInfo ('checkPaypalIps: ' . implode (",", $paypal_iplist) . " server is:" . $_SERVER['REMOTE_ADDR'], 'message');
$hostname = $this->_getPaypalUrl ($method);


Or should i do this:

function checkPaypalIps ($test_ipn, $order_number, $method) {

// Get the list of IP addresses for www.paypal.com and notify.paypal.com
if ($method->sandbox) {
$paypal_iplist = gethostbynamel ('ipn.sandbox.paypal.com');
$paypal_iplist = (array)$paypal_iplist;
} else {
$paypal_iplist1 = gethostbynamel ('www.paypal.com');
$paypal_iplist2 = gethostbynamel ('notify.paypal.com');
$paypal_iplist3 = array( '216.113.188.202' , '216.113.188.203' , '216.113.188.204' , '66.211.170.66' );
            $paypal_iplist = array_merge( $paypal_iplist1, $paypal_iplist2, $paypal_iplist3 );
}
$this->logInfo ('checkPaypalIps: ' . implode (",", $paypal_iplist) . " server is:" . $_SERVER['REMOTE_ADDR'], 'message');
$hostname = $this->_getPaypalUrl ($method);
//  test if the remote IP connected here is a valid IP address

      //your code
                if (!is_array($paypal_iplist1) or !is_array($paypal_iplist2)) {
                $mail_subject = "PayPal IPN Transaction Warning on your site: Could not resolve paypal hostname";
                $mail_body = " One of the PayPal hostname could not be resolved \n";
                if (!is_array($paypal_iplist1)) {
                    $paypal_iplist1 = array();
                    $mail_body .= " www.paypal.com \n";
                }
                if (!is_array($paypal_iplist2)) {
                    $paypal_iplist2 = array();
                    $mail_body .= " notify.paypal.com \n";
                }
                $this->sendEmailToVendorAndAdmins($mail_subject, $mail_body);
            }
}

Yeoer

(J 2.5.9 & VM 2.0.18a):

Same for me,  started yesterday. It has been working perfectly until yesterday afternoon.

Slightly different message:
______________________________________________________________________________________________
Subject: PayPal IPN Transaction on your site: Possible fraud

Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = 10.44.161.150.
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address

            These are the valid IP Addresses: 23.34.82.234,173.0.81.1,173.0.81.33The Order ID received was: 200200

samlf3rd

Quote from: Yeoer on May 15, 2013, 17:02:41 PM
(J 2.5.9 & VM 2.0.18a):

Same for me,  started yesterday. It has been working perfectly until yesterday afternoon.

Slightly different message:
______________________________________________________________________________________________
Subject: PayPal IPN Transaction on your site: Possible fraud

Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = 10.44.161.150.
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address

            These are the valid IP Addresses: 23.34.82.234,173.0.81.1,173.0.81.33The Order ID received was: 200200

That's what I am saying. All my eStores are doing it. I could see one, but why all of them? Something had to of changed at PayPal-no?

alatak

hello

@ samlf3rd

the function should is the following

function checkPaypalIps ($test_ipn, $order_number, $method)
{

// Get the list of IP addresses for www.paypal.com and notify.paypal.com
if ($method->sandbox) {
$paypal_iplist = gethostbynamel('ipn.sandbox.paypal.com');
$paypal_iplist = (array)$paypal_iplist;
} else {
$paypal_iplist1 = gethostbynamel('www.paypal.com');
$paypal_iplist2 = gethostbynamel('notify.paypal.com');
$paypal_iplist3 = array('216.113.188.202', '216.113.188.203', '216.113.188.204', '66.211.170.66');
if (!is_array($paypal_iplist1) or !is_array($paypal_iplist2)) {
$mail_subject = "PayPal IPN Transaction Warning on your site: Could not resolve paypal hostname";
$mail_body = " One of the PayPal hostname could not be resolved \n";
if (!is_array($paypal_iplist1)) {
$paypal_iplist1 = array();
$mail_body .= " www.paypal.com \n";
}
if (!is_array($paypal_iplist2)) {
$paypal_iplist2 = array();
$mail_body .= " notify.paypal.com \n";
}
$this->sendEmailToVendorAndAdmins($mail_subject, $mail_body);
}

$paypal_iplist = array_merge($paypal_iplist1, $paypal_iplist2, $paypal_iplist3);
}
$this->logInfo('checkPaypalIps: ' . implode(",", $paypal_iplist) . " server is:" . $_SERVER['REMOTE_ADDR'], 'message');
$hostname = $this->_getPaypalUrl($method);
//  test if the remote IP connected here is a valid IP address
if (!in_array($_SERVER['REMOTE_ADDR'], $paypal_iplist)) {
$mail_subject = "PayPal IPN Transaction on your site: Possible fraud";
$mail_body = "Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = " . $_SERVER['REMOTE_ADDR'] . ".
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address\n
            These are the valid IP Addresses: " . implode(",", $paypal_iplist) .
"The Order ID received was: " . $order_number;
$this->sendEmailToVendorAndAdmins($mail_subject, $mail_body);
return FALSE;
}
/*
if (!($method->sandbox && $test_ipn == 1)) {
$res = "FAILED";
$mailsubject = "PayPal Sandbox Transaction";
$mailbody = "Hello,
A fatal error occurred while processing a paypal transaction.
----------------------------------
Hostname: $hostname
URI:" . $_SERVER["REMOTE_ADDR"] .
" A Paypal transaction was made using the sandbox without your site in Paypal-Debug-Mode";
//vmMail($mosConfig_mailfrom, $mosConfig_fromname, $debug_email_address, $mailsubject, $mailbody );
$this->sendEmailToVendorAndAdmins ($mailsubject, $mailbody);
return FALSE;
}
*/
$this->logInfo('checkPaypalIps:  OK', 'message');

return TRUE;
}



QuoteQuote from: Yeoer on Today at 17:02:41
(J 2.5.9 & VM 2.0.18a):

Same for me,  started yesterday. It has been working perfectly until yesterday afternoon.

Slightly different message:
______________________________________________________________________________________________
Subject: PayPal IPN Transaction on your site: Possible fraud

Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = 10.44.161.150.
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address

            These are the valid IP Addresses: 23.34.82.234,173.0.81.1,173.0.81.33The Order ID received was: 200200
humm.. i don't know.

The paypal valid addresses are listed here https://ppmts.custhelp.com/app/answers/detail/a_id/92

This IP 10.44.161.150 is from akamaitechnologies.com which is a cache server company


samlf3rd

Quote from: Yeoer on May 15, 2013, 17:02:41 PM
(J 2.5.9 & VM 2.0.18a):

Same for me,  started yesterday. It has been working perfectly until yesterday afternoon.

Slightly different message:
______________________________________________________________________________________________
Subject: PayPal IPN Transaction on your site: Possible fraud

Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = 10.44.161.150.
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address

            These are the valid IP Addresses: 23.34.82.234,173.0.81.1,173.0.81.33The Order ID received was: 200200

What are your server/domain stats? I am on a GoDaddy Virtual Private Server running Plesk. I am not getting any more of these, so I think it may of been a glitch in either PayPal's end, Godaddy, or my Plesk. But if it happened to you too at the same time-different servers, plus I have multiple eStores then either our host company or PayPal.

Have you received any more?

alatak

Hello
QuoteHave you received any more?
Yes i would like also to understand what happened