Announcement

Collapse
No announcement yet.

PayPal IPN failure Sept 2018

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    PayPal IPN failure Sept 2018

    Hi Folks,

    I run a couple of Sellerdeck V8 sites, on the same dedicated server, which I admin. As of Friday 7th Sept, my PayPal orders started going into Pending, even though the paypal payment went through. IPN history shows several retrys with 500 errors, and finally success - but the orders have NOT updated to paid - sellerdeck error.err shows the odd 'script error' and a LOT of errors with no description listed, just blank.
    I admin the sites and the server - no changed made, no updates etc.

    Anyone else having any PayPal IPN issues at present?

    Would be interested to know.

    Andy

    #2
    I have a client running a V10 site having this problem too. Haven't found an answer yet though!
    Elysium:Online - Official Accredited SellerDeck Partner
    SellerDeck Design, Build, Hosting & Promotion
    Based in rural Northants

    Comment


      #3
      Still happening to me today.
      Error log for apache suggests its paypal error

      [Sun Sep 09 18:38:49.185485 2018] [cgid:error] [pid 8279:tid 140093109008128] [client 173.0.81.1:22279] End of script output before headers: os000001.pl

      client ip is paypal, my guess is that they have changed something in IPN callback that is throwing the script. However I don't know what to look at to check.

      log shows - is there supposed to be HTTP/1.1 at teh end of the call??
      2018-09-12 18:51:13 Error 173.0.81.1 500 POST /cgi-bin/os000001.pl?PATH=%2e%2e%2fhttpdocs%2facatalog%2f&SEQUENCE=3&ACTION=AUTHORIZE_900&CARTID=31Z185Z166Z160A1536752800B17085&ON=SG29QA10000895&TM=0&AM=4867&ACT_POSTPROCESS=1& HTTP/1.1 4.76 K Apache SSL/TLS access
      2018-09-12 18:51:14 Error 173.0.81.1 End of script output before headers: os000001.pl

      and this one is interesting because it has the 200 code so PayPal thinks its succeded BUT then the 2 errors seem to prevent Sellerdeck from updating the order as paid.
      2018-09-12 19:38:56 Access 173.0.81.1 200 POST /cgi-bin/os000099.pl?PATH=%2fvar%2fwww%2fvhosts%2fthediceplace%2ecom%2fhttpdocs%2facatalog%2f&SEQUENCE=3&ACTION=AUTHORIZE_900&CARTID=86Z148Z3Z10A1536755681B24478&ON=JB13HW90000436&TM=0&AM=2880&ACT_POSTPROCESS=1& HTTP/1.1 3.73 K Apache SSL/TLS access
      2018-09-12 19:38:56 Error 173.0.81.1 (104)Connection reset by peer: AH00574: ap_content_length_filter: apr_bucket_read() failed Apache error
      2018-09-12 19:38:56 Error 173.0.81.1 (104)Connection reset by peer: AH02550: Failed to flush CGI output to client

      Comment


        #4
        I suspect this might be the new paypal requirements finally turning up after a couple of years grace. I think they were supposed to have gone live in June 2018 but there might have been a 3 month grace period.

        More specifically this:

        Me:

        PS. While searching around yesterday I noticed this in the V11 release notes for sellerdeck 11.0.4:

        "Updated the PayPal integration to support HTTP/1.1 protocol, AC11-3369"

        As the PayPal updates require both TLS 1.2 and HTTP/1.1 then it would appear that Sellerdeck versions before 11.0.4 will no longer work with PayPal once the PayPal updated security goes live. Currently scheduled for June 2017.
        Bruce:

        That's correct. We will be making every effort to notify users well ahead of the deadline.
        https://community.sellerdeck.com/for...934#post533934


        You might want to check with Sellerdeck if this still applies.
        -----------------------------------------

        First Tackle - Fly Fishing and Game Angling

        -----------------------------------------

        Comment


          #5
          If the problem is a result the the TLS v1.2 change, then this Knowledge Base article will help you:
          https://community.sellerdeck.com/for...ellerdeck-site
          Bruce Townsend
          Ecommerce Product Manager
          Sellerdeck Ecommerce Solutions

          Comment


            #6
            The http/1.1 issue is the real killer here that has no workaround and it all boils down to this (from the Knowledge Base article Bruce has linked to)

            Versions Prior to v11
            1. Your currrent version does not support TLS v1.2 on the desktop, and cannot be upgraded to support HTTP v1.1 on the website. If you use PayPal or Sellerdeck Payments, we recommend that you upgrade to the latest version of Sellerdeck Desktop.
            -----------------------------------------

            First Tackle - Fly Fishing and Game Angling

            -----------------------------------------

            Comment


              #7
              TBH, anyone using an eccommerce application that was last updated almost a decade ago is already taking a huge risk with their business. They really need to upgrade, regardless.
              Bruce Townsend
              Ecommerce Product Manager
              Sellerdeck Ecommerce Solutions

              Comment


                #8
                I think that's a very fair point Bruce. Even if there was a workaround it would be wise to upgrade for a whole bunch of functionality, commercial, security, business risk and regulatory implications.
                -----------------------------------------

                First Tackle - Fly Fishing and Game Angling

                -----------------------------------------

                Comment


                  #9
                  So, did that TLS1.1 issue kick in last friday? we were fine till then.
                  were running site wide SSL,
                  And whilst i appreciate your comment about decade old software, and I do have a bought-and-paid-for shiny new copy of the latest version, I have not got round to updating yet. work work work... anyway, we are not taking any BIG risks with our business using V8 as we don't store ANY personal details, payment info etc on the web shop.
                  for now, its manual payment updating then, until i'm forced, FORCED I tell you, to upgrade.

                  Comment


                    #10
                    The TLS1.2 issue is the result of the PCI standards deciding that the previous versions were no longer secure enough to protect customers and requiring all PSPs to upgrade in order to achieve PCI compliance (which they have to do to be allowed to process card payments.)

                    The PCI deadline for TLS1.2 (after a couple of extensions) was ultimately June 2018.

                    HTTP/1.1 support was also rolled into this updated requirement by Paypal but I haven't seen anything about this in any PCI references.

                    The chances are that your dedicated server with SSL does support TLS1.2 so that shouldn't be a problem.

                    The problem is likely to be Paypal's move to http/1.1 which isn't supported by Sellerdeck versions prior to V.11.

                    I don't think anyone is going to try and to force you to do anything. You're free to run your businesses however you want to (and I agree, updating can be a lot of time and effort, particularly across multiple versions).

                    Ignoring anything else for the moment, I suspect the failure of the IPN callback will not only lead to the need to manually update the payment status, but I suspect it also means the customer won't be seeing the receipt page or getting the customer order email. These are usually quite important to customers so I'd be interested to hear if they're still working or not.

                    Mike




                    -----------------------------------------

                    First Tackle - Fly Fishing and Game Angling

                    -----------------------------------------

                    Comment


                      #11
                      Hello All,

                      I too am administering a website using an old version of Actinic (V7) as my customer doesn's want to upgrade.

                      I can confirm that the email notifications and also the returning to the website for the order number and invoice page are working correctly.

                      It is simply not updating the payment pending to the payment completed status.

                      If anyone has a fix for this please advise

                      Darran.

                      Comment


                        #12
                        Originally posted by Darranm View Post

                        I can confirm that the email notifications and also the returning to the website for the order number and invoice page are working correctly.

                        It is simply not updating the payment pending to the payment completed status.
                        That's interesting as it seems to imply the scripts might be managing to process some of the IPN callback. I'm pretty sure I remember the process being that Sellerdeck won't display the receipt page until the payment has been confirmed by the IPN.

                        So I suspect the problem is that sellerdeck is getting the IPN but is unable to process it fully because of the http/1.1 changes and is failing before being able to create the order payment record and confirming successful receipt back to PayPal.

                        It 'might' be a relatively straightforward problem to fix with the right tools and test environment, but even then there are dangers of future problems arising unless http/1.1 is fully implemented. I don't think it's likely there'll be any easy fix for this.

                        It's always possible that the problem is something else. It might be worth finding other user of versions before V11 and seeing if they're all having the same problems.
                        -----------------------------------------

                        First Tackle - Fly Fishing and Game Angling

                        -----------------------------------------

                        Comment

                        Working...
                        X