Paypal ERROR checkPaypalIps: Error with REMOTE IP ADDRESS

Started by tantedante, October 16, 2015, 02:55:58 AM

Previous topic - Next topic

sean_nwfs

Struggling with the same issue. I spoke with Paypal and they sent this list: https://www.paypal.com/us/smarthelp/article/what-are-the-ip-addresses-for-live-paypal-servers-ts1056. Not sure if this might be useful to the devs.

I also appreciate the new feature in 3.6.4 for adding extra IPs for IPN Check.

Joomla 3.9.12
VM 3.6.4.10187
Joomla 3.9.12
VM 3.6.4 10187

StefanSTS

The first sentence in the link says what VirtueMart should do:
"When you make API calls, PayPal strongly recommends that you use Domain Name Service (DNS) results with the default Time To Live (TTL) values, to determine the IP addresses of our servers."

VirtueMart does that, and there is the issue with Paypal. Not all addresses are returned. That is why the IPN is rejected.

We will see how it goes on.

Thanks for your effort in communicating with Paypal. The more the merrier, someone the right support person might actually be able to help.

Regards
Stefan
--
Stefan Schumacher
www.jooglies.com - VirtueMart Invoice Layouts

Please use only stable versions with even numbers for your live shop! Use Alpha versions only if you know what risk you are taking.

sean_nwfs

Again, not sure if this is helpful but they wrote back.

"If plugin can do an nslookup against the IP address (not the host name), you'll see that it resolves to notify.paypal.com, and as such, can be trusted & know the IPN came from a valid PayPal IP."

Not sure if the plugin can do that or not.

Thanks!
Joomla 3.9.12
VM 3.6.4 10187

Jörgen

Quote from: sean_nwfs on October 29, 2019, 19:20:19 PM
Again, not sure if this is helpful but they wrote back.

"If plugin can do an nslookup against the IP address (not the host name), you'll see that it resolves to notify.paypal.com, and as such, can be trusted & know the IPN came from a valid PayPal IP."

Not sure if the plugin can do that or not.

Thanks!


Looks like the solution studio42 suggested earlier.

Jörgen @ Kreativ Fotografi
Joomla 3.9.18
Virtuemart 3.4.x
Olympiantheme Hera (customized)
This reflects current status when viewing old post.

ssc3

Quote from: sean_nwfs on October 29, 2019, 19:20:19 PM
"If plugin can do an nslookup against the IP address (not the host name), you'll see that it resolves to notify.paypal.com, and as such, can be trusted & know the IPN came from a valid PayPal IP."


WorldPay also recommend using Reverse DNS lookup, it does not seem to cause the same problems PayPal is having with with lists of IP addresses.
Virtuemart Payment Plugins
https://plugins.online-store.co.uk

Milbo

Quote from: Studio 42 on October 26, 2019, 13:20:00 PM
So the solution is perhaps to mix the 2 codes because in some case the returned domaine is the IP itself !

Like that?

if ($this->_method->sandbox) {
$paypalHosts = array('ipn.sandbox.paypal.com','ipnpb.sandbox.paypal.com');
} else {
$paypalHosts = array('ipnpb.paypal.com','notify.paypal.com');
}

$paypal_iplist = array();
foreach($paypalHosts as $host){
$ipList = gethostbynamel($host);
$paypal_iplist = array_merge($paypal_iplist,$ipList);
}
if (isset($this->_method->extra_ips)){
$extraIps = explode(',',$this->_method->extra_ips);
$paypal_iplist = array_merge($paypal_iplist,$extraIps);
}

$this->debugLog($paypal_iplist, 'checkPaypalIps $paypal_iplist', 'debug', false);

$remoteIPAddress = ShopFunctions::getClientIP();
$hostname = gethostbyaddr($remoteIPAddress);
$this->debugLog($remoteIPAddress, 'checkPaypalIps REMOTE ADDRESS', 'debug', false);

//  test if the remote IP connected here is a valid IP address
if (!in_array($remoteIPAddress, $paypal_iplist) and !in_array($hostname, $paypalHosts)) {

$text = "Error with REMOTE IP ADDRESS = " . $remoteIPAddress . ".\n
                        The remote address of the script posting to this notify script does not match a valid PayPal IP address\n
            These are the valid IP Addresses: " . implode(",", $paypal_iplist) . "The Order ID received was: " . $order_number;
$this->debugLog($text, 'checkPaypalIps', 'error', false);
return false;
}
Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/

Studio 42

Yes,
i don't tested, but it's what i mean
Quote from: Milbo on November 01, 2019, 11:30:56 AM
Quote from: Studio 42 on October 26, 2019, 13:20:00 PM
So the solution is perhaps to mix the 2 codes because in some case the returned domaine is the IP itself !

Like that?

      if ($this->_method->sandbox) {
         $paypalHosts = array('ipn.sandbox.paypal.com','ipnpb.sandbox.paypal.com');
      } else {
         $paypalHosts = array('ipnpb.paypal.com','notify.paypal.com');
      }

      $paypal_iplist = array();
      foreach($paypalHosts as $host){
         $ipList = gethostbynamel($host);
         $paypal_iplist = array_merge($paypal_iplist,$ipList);
      }
      if (isset($this->_method->extra_ips)){
         $extraIps = explode(',',$this->_method->extra_ips);
         $paypal_iplist = array_merge($paypal_iplist,$extraIps);
      }

      $this->debugLog($paypal_iplist, 'checkPaypalIps $paypal_iplist', 'debug', false);

      $remoteIPAddress = ShopFunctions::getClientIP();
      $hostname = gethostbyaddr($remoteIPAddress);
      $this->debugLog($remoteIPAddress, 'checkPaypalIps REMOTE ADDRESS', 'debug', false);

      //  test if the remote IP connected here is a valid IP address
      if (!in_array($remoteIPAddress, $paypal_iplist) and !in_array($hostname, $paypalHosts)) {

         $text = "Error with REMOTE IP ADDRESS = " . $remoteIPAddress . ".\n
                        The remote address of the script posting to this notify script does not match a valid PayPal IP address\n
            These are the valid IP Addresses: " . implode(",", $paypal_iplist) . "The Order ID received was: " . $order_number;
         $this->debugLog($text, 'checkPaypalIps', 'error', false);
         return false;
      }


hegbi


pellegrinoL

Hi,

I am using VirtueMart 3.4.3 10005 and Joomla! 3.8.13

since 3 days I am having this problem see:
These are the valid IP Addresses: 173.0.88.40,66.211.169.17,173.0.84.40,173.0.88.8,173.0.81.33,173.0.81.1The Order ID received was: Ordine-2020-2460
2020-10-20 09:22:50 ERROR checkPaypalIps: Error with REMOTE IP ADDRESS = 66.211.170.66.
The remote address of the script posting to this notify script does not match a valid PayPal IP address

Have I to contact PayPal to solve this issue or is temporary problem?

Best

AH

Please search the forums for similar posts and resolutions

It could be your web host routing internal IPs
Regards
A

Joomla 4.4.5
php 8.1

Studio 42



ptrouw

hi,

Not sure if I have to start a new topic. But I have the latest VM version 3.8.8, and I also have this PayPal error "Error with REMOTE IP ADDRESS" now. For now, I have disabled IP check in the plugin. Hope that this works!
But I want to contact Siteground about this as well, because of this post by AH "It could be your web host routing internal IPs".
Can someone clarify this, what should I discuss with Siteground?

AH

Give them the remote IP address for which the error occurs (that will be in the paypal logs on your server) and ask if it is one of theirs.

If it is a vaild IP address you can add it into the available options in the paypal payment method plugin

See my post #13

http://forum.virtuemart.net/index.php?topic=146573.msg525209#msg525209


Regards
A

Joomla 4.4.5
php 8.1

Renata

Dear all

I use the lates version of VM (3.8.8 10472) en Joomla 3.10.4

I see this problem occurs and disappears again over the years. I understand the origin of the error is PayPal.

I heave read a lot of topics here and for now i disabled "Check IPN provider IP" in de Paypal plugin itself as advised in the several topics.

I just want to let you know this error has started again and as the first advise of this forum always is to update to the latest version, i hope in the next version this problem is fixed?

I hope to hear from you soon.

Kind regards
Renata
Please visit my website https://responsivewebsitemaken.nl for all your graphic webdesign and Joomla websites.