PayPal IP Address Addition

[cas]

Here you go...

   function checkPaypalIps ($test_ipn, $order_number, $method) {

      // Get the list of IP addresses for www.paypal.com and notify.paypal.com
      if ($method->sandbox) {
         $paypal_iplist = gethostbynamel ('ipn.sandbox.paypal.com');
         $paypal_iplist = (array)$paypal_iplist;
      } else {
         $paypal_iplist1 = gethostbynamel ('www.paypal.com');
         $paypal_iplist2 = gethostbynamel ('notify.paypal.com');
//      $paypal_iplist = array_merge ($paypal_iplist1, $paypal_iplist2);
         $paypal_iplist3 = array('216.113.188.202', '216.113.188.203', '216.113.188.204', '66.211.170.66');
         $paypal_iplist = array_merge ($paypal_iplist, $paypal_iplist2, $paypal_iplist3);
      }
      $this->logInfo ('checkPaypalIps: ' . implode (",", $paypal_iplist) . " server is:" . $_SERVER['REMOTE_ADDR'], 'message');
      $hostname = $this->_getPaypalUrl ($method);
      //  test if the remote IP connected here is a valid IP address
      if (!in_array ($_SERVER['REMOTE_ADDR'], $paypal_iplist)) {
         $mail_subject = "PayPal IPN Transaction on your site: Possible fraud";
         $mail_body = "Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = " . $_SERVER['REMOTE_ADDR'] . ".
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address\n
            These are the valid IP Addresses: " . implode (",", $paypal_iplist) .
            "The Order ID received was: " . $order_number;
         $this->sendEmailToVendorAndAdmins ($mail_subject, $mail_body);
         return FALSE;
      }
      /*
            if (!($method->sandbox && $test_ipn == 1)) {
               $res = "FAILED";
               $mailsubject = "PayPal Sandbox Transaction";
               $mailbody = "Hello,
            A fatal error occurred while processing a paypal transaction.
            ----------------------------------
            Hostname: $hostname
            URI:" . $_SERVER["REMOTE_ADDR"] .
                  " A Paypal transaction was made using the sandbox without your site in Paypal-Debug-Mode";
               //vmMail($mosConfig_mailfrom, $mosConfig_fromname, $debug_email_address, $mailsubject, $mailbody );
               $this->sendEmailToVendorAndAdmins ($mailsubject, $mailbody);
               return FALSE;
            }
      */
      $this->logInfo ('checkPaypalIps:  OK', 'message');

      return TRUE;
   }

[alatak]

Hello

This code has been added. It will be included in the next release (> 2.0.18a)

[cas]

But it doesn't solve the problem.  See my previous post where I am still getting the fraud warning email, just without the IP addresses in the email.

[Joseph Kwan]

Sorry for getting back late. Please try the code

      $paypal_iplist3 = array('216.113.188.202', '216.113.188.203', '216.113.188.204', '66.211.170.66');
      $paypal_iplist = array_merge ($paypal_iplist1, $paypal_iplist2, $paypal_iplist3);

instead.

[cas]

Is this fixed in the base VM?

[jenkinhill]

Yes it is in 2.0.18c

[cas]

Great!  Thanks!

[developingjoomla]

Im encountering the exact same issue here, using VM 2.0.18a on J.2.5.9.

I have setup a paypal sandbox account, put the VM paypal plugin into sandbox mode, then tried to test some payments.

The transaction appears to go through fine, but i then get an email saying "Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = 173.245.48.113." "These are the valid IP Addresses: 173.0.82.126".

Reading through this thread has not really helped, i have tried the new paypal plugin from 2.0.18c, but again i get the same error email back.

I'm trying to get this site live, and the paypal payment test is the last thing holding us up.

Why are the IP's in my error email different to others that have been listed in this thread?

Any suggestions on how i can fix this?

Cheers

Andy

[alatak]

Hello

REMOTE IP ADDRESS = 173.245.48.113

This one is not a valid IP address

"These are the valid IP Addresses: 173.0.82.126".

But this list is not correct . You should have more IPS listed if you are using VM2.0.18c

[developingjoomla]

When you say this is not a valid IP, can you explain more? Why is this IP address appearing in the 'Possible Fraud' email i receive?

To confirm i have only updated the paypal plugin from 2.0.18a to 2.0.18c, but i presume this should be ok, and will now be using the correct updated code?

I have setup new sandbox user account and used one in the paypal plugin setup within VM, and one as the buyer, but again i'm getting the same email (but this time with a different 'Remote IP Address' of 173.245.48.177

Can i hardcode an ip address into the paypal plugin at least so I can test this?

Will this affect live payments being processed through the site, or is this issue just when using the sandbox mode?

This is the full email message i'm receiving - I don't know why only one IP address is being listed, maybe you could shed some light on it.

Email:
Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = 173.245.48.177.
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address

            These are the valid IP Addresses: 173.0.82.126The Order ID received was: 60ea032

2.0.18c plugin code:
function checkPaypalIps ($test_ipn, $order_number, $method) {

      // Get the list of IP addresses for www.paypal.com and notify.paypal.com
      if ($method->sandbox) {
         $paypal_iplist = gethostbynamel ('ipn.sandbox.paypal.com');
         $paypal_iplist = (array)$paypal_iplist;
      } else {
         $paypal_iplist1 = gethostbynamel ('www.paypal.com');
         $paypal_iplist2 = gethostbynamel ('notify.paypal.com');
         $paypal_iplist3 = array( '173.245.48.113' , '173.0.82.126' , '216.113.188.204' , '66.211.170.66' );
            $paypal_iplist = array_merge( $paypal_iplist1, $paypal_iplist2, $paypal_iplist3 );
      }
      $this->logInfo ('checkPaypalIps: ' . implode (",", $paypal_iplist) . " server is:" . $_SERVER['REMOTE_ADDR'], 'message');
      $hostname = $this->_getPaypalUrl ($method);
      //  test if the remote IP connected here is a valid IP address
      if (!in_array ($_SERVER['REMOTE_ADDR'], $paypal_iplist)) {
         $mail_subject = "PayPal IPN Transaction on your site: Possible fraud";
         $mail_body = "Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = " . $_SERVER['REMOTE_ADDR'] . ".
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address\n
            These are the valid IP Addresses: " . implode (",", $paypal_iplist) .
            "The Order ID received was: " . $order_number;
         $this->sendEmailToVendorAndAdmins ($mail_subject, $mail_body);
         return FALSE;
      }
      /*
            if (!($method->sandbox && $test_ipn == 1)) {
               $res = "FAILED";
               $mailsubject = "PayPal Sandbox Transaction";
               $mailbody = "Hello,
            A fatal error occurred while processing a paypal transaction.
            ----------------------------------
            Hostname: $hostname
            URI:" . $_SERVER["REMOTE_ADDR"] .
                  " A Paypal transaction was made using the sandbox without your site in Paypal-Debug-Mode";
               //vmMail($mosConfig_mailfrom, $mosConfig_fromname, $debug_email_address, $mailsubject, $mailbody );
               $this->sendEmailToVendorAndAdmins ($mailsubject, $mailbody);
               return FALSE;
            }
      */
      $this->logInfo ('checkPaypalIps:  OK', 'message');

      return TRUE;
   }

[developingjoomla]

Sorry I posted the wrong code above, this is the extract from the plugin im using, but still getting the same error emails and IP's being displayed:

function checkPaypalIps ($test_ipn, $order_number, $method) {

      // Get the list of IP addresses for www.paypal.com and notify.paypal.com
      if ($method->sandbox) {
         $paypal_iplist = gethostbynamel ('ipn.sandbox.paypal.com');
         $paypal_iplist = (array)$paypal_iplist;
      } else {
         $paypal_iplist1 = gethostbynamel ('www.paypal.com');
         $paypal_iplist2 = gethostbynamel ('notify.paypal.com');
         $paypal_iplist3 = array( '216.113.188.202' , '216.113.188.203' , '216.113.188.204' , '66.211.170.66' );
            $paypal_iplist = array_merge( $paypal_iplist1, $paypal_iplist2, $paypal_iplist3 );
      }
      $this->logInfo ('checkPaypalIps: ' . implode (",", $paypal_iplist) . " server is:" . $_SERVER['REMOTE_ADDR'], 'message');
      $hostname = $this->_getPaypalUrl ($method);
      //  test if the remote IP connected here is a valid IP address
      if (!in_array ($_SERVER['REMOTE_ADDR'], $paypal_iplist)) {
         $mail_subject = "PayPal IPN Transaction on your site: Possible fraud";
         $mail_body = "Error code 506. Possible fraud. Error with REMOTE IP ADDRESS = " . $_SERVER['REMOTE_ADDR'] . ".
                        The remote address of the script posting to this notify script does not match a valid PayPal ip address\n
            These are the valid IP Addresses: " . implode (",", $paypal_iplist) .
            "The Order ID received was: " . $order_number;
         $this->sendEmailToVendorAndAdmins ($mail_subject, $mail_body);
         return FALSE;
      }
      /*
            if (!($method->sandbox && $test_ipn == 1)) {
               $res = "FAILED";
               $mailsubject = "PayPal Sandbox Transaction";
               $mailbody = "Hello,
            A fatal error occurred while processing a paypal transaction.
            ----------------------------------
            Hostname: $hostname
            URI:" . $_SERVER["REMOTE_ADDR"] .
                  " A Paypal transaction was made using the sandbox without your site in Paypal-Debug-Mode";
               //vmMail($mosConfig_mailfrom, $mosConfig_fromname, $debug_email_address, $mailsubject, $mailbody );
               $this->sendEmailToVendorAndAdmins ($mailsubject, $mailbody);
               return FALSE;
            }
      */
      $this->logInfo ('checkPaypalIps:  OK', 'message');

      return TRUE;
   }

[alatak]

Hello

When you say this is not a valid IP, can you explain more? Why is this IP address appearing in the 'Possible Fraud' email i receive?

I meant that if i check the possible IP addresses , the one 173.245.48.113 is not a valid one.
If i use http://173.245.48.113/ as URL or search for whois for this address , i does not say that it is a paypal address
This IP http://173.245.48.177/ is aslo not a Paypal IP address

here are the valid paypal IP address:
https://cms.paypal.com/fr/cgi-bin/?cmd=_render-content&content_ID=developer/howto_api_golivechecklist

none of the 2 you mentionned are there

[developingjoomla]

I'm wondering if this is because my site goes through the cloudflare network...

173.245.48.177 Host = cf-173-245-48-177.cloudflare.com
173.0.82.126    Host = ipn.sandbox.paypal.com

I have logged a support ticket with them, also going to deactivate cloudflare for this site and retest.

[developingjoomla]

This issue appears to be resolved for me now, and indeed looks like cloudflare was the cause.

Their support pointed me at this: https://support.cloudflare.com/entries/22040972-Does-CloudFlare-have-a-Joomla-plugin-to-restore-visitor-IP-

I installed the joomla plugin, re-ran the paypal sandbox payment tests and did not get back any fraud emails, but instead got the correct order confirmation email.

Thought it was worth mentioning in-case anyone else uses cloudflare and has the same issues.

Thanks for your time on this.

Andy

[Svetliy]

Hi,

Have the same problem here. I have CloudFlare and I'm getting the IP warning message.

From the cloudflare github I have downloaded the module.

When I put it on the site gone down right away. I thought it is a plugin, but this a module. Am I downloading something wrong?