News:

Support the VirtueMart project and become a member

Main Menu

Error with REMOTE IP ADDRESS = 127.0.0.1

Started by knapperalpakka, December 02, 2013, 09:03:40 AM

Previous topic - Next topic

knapperalpakka

Whenever someone adds an order on our website we get the following in two emails right after:
Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = 127.0.0.1.
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address

            These are the valid IP Addresses: 23.54.2.234,173.0.81.1,173.0.81.33,216.113.188.202,216.113.188.203,216.113.188.204,66.211.170.66The Order ID received was: XXXXXX


I've checked around this forum for help, but everyone seem to get the same error msg with anything but the localhost ip. What can I do?

GJC Web Design

GJC Web Design
VirtueMart and Joomla Developers - php developers https://www.gjcwebdesign.com
VM4 AusPost Shipping Plugin - e-go Shipping Plugin - VM4 Postcode Shipping Plugin - Radius Shipping Plugin - VM4 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
https://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

knapperalpakka


GJC Web Design

#3
Very odd

this check and email come from the VM paypal script

line 865 -> plugins/vmpayment/paypal/paypal.php

//  test if the remote IP connected here is a valid IP address
      if (!in_array($_SERVER['REMOTE_ADDR'], $paypal_iplist)) {

the ip it thinks is 127.0.0.1 (localhost) is the  $_SERVER['REMOTE_ADDR']

stackoverflow says http://stackoverflow.com/questions/19311164/serverremote-addr-returns-127-0-0-1

and suggest to get the ip by

public function getRemoteIPAddress() {
    if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
        return $_SERVER['HTTP_CLIENT_IP'];

    } else if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        return $_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    return $_SERVER['REMOTE_ADDR'];
}




you could try by adding after line 864 //  test if the remote IP connected here is a valid IP address

(don't forget the commented  //if (!in_array($_SERVER['REMOTE_ADDR'], $paypal_iplist)) {)


public function getRemoteIPAddress() {
    if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
        return $_SERVER['HTTP_CLIENT_IP'];

    } else if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        return $_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    return $_SERVER['REMOTE_ADDR'];
}
$server_ip = getRemoteIPAddress();

//if (!in_array($_SERVER['REMOTE_ADDR'], $paypal_iplist)) {
if (!in_array($server_ip, $paypal_iplist)) {


I don't know if that'll help - you need to make a test payment or better echo out the results of these lookups

Check with host as well - this can be affected by Apache setup etc
GJC Web Design
VirtueMart and Joomla Developers - php developers https://www.gjcwebdesign.com
VM4 AusPost Shipping Plugin - e-go Shipping Plugin - VM4 Postcode Shipping Plugin - Radius Shipping Plugin - VM4 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
https://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

knapperalpakka

We still get the same error, although with the last version of VM, 2.0.26d, the formatting is different in the email and a log file is written. Full error message now reads:

2014-01-18 21:34:08 ERROR checkPaypalIps: Error with REMOTE IP ADDRESS = 127.0.0.1.
                        The remote address of the script posting to this notify script does not match a valid PayPal IP address

            These are the valid IP Addresses: 23.43.130.234,173.0.81.33,173.0.81.1,216.113.188.202,216.113.188.203,216.113.188.204,66.211.170.66,173.0.81.33,173.0.81.1,216.113.188.202,216.113.188.203,216.113.188.204,66.211.170.66,173.0.88.66,173.0.88.98,173.0.84.66,173.0.84.98,173.0.80.00,173.0.80.01,173.0.80.02,173.0.80.03,173.0.80.04,173.0.80.05,173.0.80.06,173.0.80.07,173.0.80.08,173.0.80.09,173.0.80.10,173.0.80.11,173.0.80.12,173.0.80.13,173.0.80.14,173.0.80.15,173.0.80.16,173.0.80.17,173.0.80.18,173.0.80.19,173.0.80.20,173.0.88.67,173.0.88.99,173.0.84.99,173.0.84.67,173.0.88.69,173.0.88.101,173.0.84.69,173.0.84.101,173.0.88.68,173.0.88.100,173.0.84.68,173.0.84.100,173.0.81.1,173.0.81.33,64.4.240.0,64.4.240.1,64.4.240.2,64.4.240.3,64.4.240.4,64.4.240.5,64.4.240.6,64.4.240.7,64.4.240.8,64.4.240.9,64.4.240.10,64.4.240.11,64.4.240.12,64.4.240.13,64.4.240.14,64.4.240.15,64.4.240.16,64.4.240.17,64.4.240.18,64.4.240.19,64.4.240.20,118.214.15.186,118.215.103.186,118.215.119.186,118.215.127.186,118.215.15.186,118.215.151.186,118.215.159.186,118.215.167.186,118.215.199.186,118.215.207.186,118.215.215.186,118.215.231.186,118.215.255.186,118.215.39.186,118.215.63.186,118.215.7.186,118.215.79.186,118.215.87.186,118.215.95.186,202.43.63.186,69.192.31.186,72.247.111.186,88.221.43.186,92.122.143.186,92.123.151.186,92.123.159.186,92.123.163.186,92.123.167.186,92.123.179.186,92.123.183.186,173.0.81.33,173.0.81.1,216.113.188.202,216.113.188.203,216.113.188.204,66.211.170.66The Order ID received was: XXXXX