Paypal ERROR checkPaypalIps: Error with REMOTE IP ADDRESS

Started by tantedante, October 16, 2015, 02:55:58 AM

Previous topic - Next topic

Pitpan

Currently i have the same error with some of the orders completed with paypal.

2019-10-23 18:53:07 ERROR checkPaypalIps: Error with REMOTE IP ADDRESS = 66.211.170.66.
                        The remote address of the script posting to this notify script does not match a valid PayPal IP address

            These are the valid IP Addresses: 173.0.88.8,173.0.84.8,173.0.84.40,173.0.88.40,66.211.169.17,173.0.81.1,173.0.81.33The Order ID received was:


The payment completed but the order remain as "pending"

Jörgen

As You may have read in this thread.

The call to the PayPal server does not return all of the valid IP adresses.

There is a band aid supplied by the VM team in VM ver 3.6.3.10180 that allows the VM admin to include valid IP directly in the PayPal plugin. This is a solution that works in the case that PayPal does not give the correct IP adresses. This is not the ultimate solution, but as long as PayPal does not change these valid IP, it will work.

If You can not use the VM 3.6.3.10180, You have to manually confirm the order that get pending.

Jörgen @ Kreativ Fotografi
Joomla 3.9.18
Virtuemart 3.4.x
Olympiantheme Hera (customized)
This reflects current status when viewing old post.

AH

And contact your PayPal representative to complain

It is a PayPal fault - Vm is trying to use what PayPal recommends for validating IPN ip addresses.
Regards
A

Joomla 4.4.5
php 8.1

user_fra

Hi,
(Joomla! 3.9.12  VirtueMart 3.6.2 10159)
same problem with 5 orders. Some orders are ok, some others gave this kind of error, from log file: 2019-10-24 15:57:17 ERROR checkPaypalIps: Error with REMOTE IP ADDRESS = 66.211.170.66.
                        The remote address of the script posting to this notify script does not match a valid PayPal IP address

            These are the valid IP Addresses: 173.0.84.40,66.211.169.17,173.0.88.8,173.0.84.8,173.0.88.40,173.0.81.1,173.0.81.33The Order ID received was: Ordine nr. 418-2019-T

Could you please tell me where I can manually add the IP 66.211.170.66. in PayPal plugin configuration? I was not able to identify the correct field.

Thank you, best regards.
Francesco

GJC Web Design

QuoteVM ver 3.6.3.10180 that allows the VM admin to include valid IP directly in the PayPal plugin

find here  http://dev.virtuemart.net/attachments/1205/com_virtuemart.3.6.3.10184_package_or_extract.zip

if u don't want to upgrade then download this version, extract the paypal plugin from the archive and install
GJC Web Design
VirtueMart and Joomla Developers - php developers https://www.gjcwebdesign.com
VM4 AusPost Shipping Plugin - e-go Shipping Plugin - VM4 Postcode Shipping Plugin - Radius Shipping Plugin - VM4 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
https://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

StefanSTS

#65
You could add the IP manually in VM 3.4.2 until you can update.

plugins/vmpayment/paypal/paypal/helpers/paypal.php
Find this code and add the part below //STS


//      XXX See below from AH



Nicer version all in one from AH would be:

// Get IP through DNS call
// Reporting and order management
$paypal_iplist_ipnpb = gethostbynamel('ipnpb.paypal.com');
$paypal_iplist_notify = gethostbynamel('notify.paypal.com');
$extraIps = array('66.211.170.66');

$paypal_iplist = array_merge( // JH 2017-04-23
// List of Reporting and order management
$paypal_iplist_ipnpb,
$paypal_iplist_notify,
$extraIps
);
--
Stefan Schumacher
www.jooglies.com - VirtueMart Invoice Layouts

Please use only stable versions with even numbers for your live shop! Use Alpha versions only if you know what risk you are taking.

user_fra

Thanks for your gentle and fast support!

In VM Paypal configuration I desabled the option Check IPN provider IP. I think it will solve the problem. I suppose it is a security option, but for every order I receive an e-mail from VM and another e-mail from Paypal, so, if in a future order I do not receive the e-mail sent by Paypal I will investigate immediately.

Thanks a lot.
Francesco 

AH

Agreed - if you are not comfortable making the code change and can wait for the next release of VM - disabling IPN IP checking and validating via emails should work for you.
Regards
A

Joomla 4.4.5
php 8.1

Studio 42

#68
Here is how i think it should be done with my reverted logic.
        $remoteIPAddress=$this->getRemoteIPAddress();
        $hostname = gethostbyaddr($remoteIPAddress);
        if ($this->_method->sandbox) {
         $paypalHosts = array('ipn.sandbox.paypal.com','ipnpb.sandbox.paypal.com');
      else {
         $paypalHosts = array('ipnpb.paypal.com','notify.paypal.com');
      }
      if (!in_array($hostname, $paypalHosts)) {
         // paypal IP not valid
         return false;
         
      }


I hope you understand better the advantage of this solution ?

Studio 42

#69
I have done a little test and it seems that paypal IP send from gethostbynamel change some time
See https://pro.st42.fr/demo/paypal.php
So the solution is perhaps to mix the 2 codes because in some case the returned domaine is the IP itself !
This is the last list generated by my code :
QuoteIP : 66.211.169.17 HOST : ipnpb.paypal.com
IP : 173.0.88.40 HOST : ipnpb.paypal.com
IP : 173.0.84.8 HOST : ipnpb.paypal.com
IP : 173.0.88.8 HOST : ipnpb.paypal.com
IP : 173.0.84.40 HOST : 173.0.84.40
IP : 173.0.81.1 HOST : notify.paypal.com
IP : 173.0.81.33 HOST : notify.paypal.com
IP : 66.211.170.66 HOST : notify.paypal.com

Studio 42

Another test give another result
IP : 173.0.84.8 HOST : ipnpb.paypal.com
IP : 173.0.88.8 HOST : ipnpb.paypal.com
IP : 173.0.84.40 HOST : 173.0.84.40
IP : 173.0.88.40 HOST : ipnpb.paypal.com
IP : 66.211.169.17 HOST : ipnpb.paypal.com
IP : 173.0.81.1 HOST : notify.paypal.com
IP : 173.0.81.33 HOST : notify.paypal.com
IP : 66.211.170.66 HOST : notify.paypal.com

Pitpan

I believe that uncheck IPN provider IP in Paypal payment method, it is the best solution as for now.

GJC Web Design

QuoteI believe that uncheck IPN provider IP in Paypal payment method, it is the best solution as for now.

Accepting that it does lower your security.
GJC Web Design
VirtueMart and Joomla Developers - php developers https://www.gjcwebdesign.com
VM4 AusPost Shipping Plugin - e-go Shipping Plugin - VM4 Postcode Shipping Plugin - Radius Shipping Plugin - VM4 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
https://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

ssc3

Quote from: Pitpan on October 26, 2019, 16:34:02 PM
I believe that uncheck IPN provider IP in Paypal payment method, it is the best solution as for now.

Even if you turn off IP checking, Virtuemart still performs other security checks.

It HTTPS posts the IPN message back to PayPal. PayPal then respond with either VERIFIED

if the message matches the original or INVALID if it does not. It shows if PayPal sent the IPN.

The openssl also checks the PayPal Secure Certificate to confirm you are connected to a

PayPal Secure Server.

Arguably better than checking the IP address. Certainly more reliable.
Virtuemart Payment Plugins
https://plugins.online-store.co.uk

AH

ssc3 - exactly

Other checks are still performed - even when no  IP checking is set
Regards
A

Joomla 4.4.5
php 8.1