Error with Paypal Auto-Return URL

We are having problems with new members.
When new users successfully finish the payment with PayPal, they are automatically redirected to our site so they can finish the registration.

This screen below is what they used to see when the Auto-Return from Paypal worked fine:

And this is what they see now:

This ERROR: Unable to verify $_SERVER["HTTP_HOST"]. is not letting the new users go to the registration page. So that’s a big problem.

An I cannot find a way to fix it, I checked everything and I couldn’t figure it out.
It worked for years, we never changed any setting, and now it does not work.

The only thing that might have caused this problem is that we recently changed our website to “https:” the whole website.
And on the s2Member settings (PayPal Options -> PayPal PDT/Auto-Return Integration), I still see the Auto-Return URL is still with http://…

Then the error message says: "custom value MUST start with your domain name", and it does. It’s: custom="". Is that wrong?

Please help.

You should start with by looking in the PayPal settings (and any other payment gateway you use) to see if you’ve updated the http address links to https.
The PayPal IPN Integration and PayPal PDT / Auto-Return Integration addresses in the PayPal settings of s2Member should be https as well, since it is essential that they match with the reality of your site address.

I am experiencing the exact same issue, worked fine for 4 years then a few days ago i didn’t, i’ve checked everything, even the logs look fine and the paypal IPN history looks fine, ran server checks everything passed.

I have no idea what is happening!

Does anybody know if this could be an issue with Paypal?

Thanks Brice

Before starting this topic, I did update one of the settings in our PayPal account, the Website payment preferences -> Auto Return, from http:// to https://, but I couldn’t solve the problem.

Then you mention the PayPal IPN settings, and yes, they needed to be updated and I did it, from http:// to https://. After that I tested it, and still didn’t solve the problem.

My s2Member settings show this:
The PayPal IPN Integration shows https://, even before I updated the IPN setting in our Paypal account:

And then the PayPal PDT / Auto-Return Integration, that is still showing http://, even though I updated the Auto Return URL last week in our PayPal account.

Is there anything else I can do?

I do not know what to say, I do not understand the cause of your problem.
All I can advise you is to add the attribute s2Member success = “ in the shortcode of your forms to hope to get around this problem!

Yes Brice, I thought about adding the success="…" attribute as an alternative solution.
It’s not the best, but it’s better than getting the error message.

And I think, in this new thank you page, I will tell the new users to go and check their emails, and follow the registration link. The only way to get to the registration page is through that link, right?

Thank you so much for all your help.

Yes that’s right and that’s what I do on my sites, the thank you page informs my customers that they will receive an email with their login credentials.
There is another topic with a similar problem, you can read it too: Click Here!

I have the EXACT same problem, I can see in my log files that the error
ERROR: Unable to verify $_SERVER[“HTTP_HOST”] had been happening occasionally over the summer. But now every single transaction throws this error. I have checked EVERYTHING – in all places the return URL is the same, correct, and https – in PayPal, in the S2Member settings – everywhere. I am in the latest version of WordPress, I have the latest version of S2Member.

I ran the server scan – it says I don’t have mcrypt but I checked the hosting company 1and1 and they verified I have it on my php ver 7.

I even tried setting a success=“web page” in the shortcode – NOTHING WORKS.

you can setup your server to forward all IPN calls from http to https:// (or even in general change your server to forward all http to https) - I’m pretty sure if you do not do this - you get problems with old custom IPN locations.

If you ever change the plugin - you will need to forward IPN messages anyhow to another handler - so should s2member die as it looks - and the new plugin changes name (which it most likely will have to do - due to copyrights/licenses) - then it would be handy to forward on server level already instead of relying on the plugin to also check for the old s2member auto-return url.

@dowgirl - activate advanced logging and try to find the problem. Without logging no one can help!

Yes, please send your s2Member APIs log files, without them it is very difficult to help you.

I have the logging activated, this is how I am able to see how long this error has been creaping up.

        [0] => Return-Data received on: Tue Nov 6, 2018 8:51:36 pm UTC
        [1] => s2Member POST vars verified through a POST back to PayPal.
        [2] => Unable to verify `$_SERVER["HTTP_HOST"]`. Please check the `custom` value in your Button Code. It MUST start with your domain name.
        [3] => Redirecting Customer to the Home Page (after displaying an error message).

I see in the S2Member code which handles the return from PayPal,

I try echoing out the value of $paypal[‘custom’] and it is empty – it is not empty in the shortcode - but when it returns it is empty and that causes the conditional statement to fail and show the error about the $_SERVER[“HTTP_HOST”] – I echoed that the HTTP_HOST and there is no problem with that value.
But not the $paypal[“custom”] variable. It is missing


The button shortcode has custom=“”.
In Paypal I have the auto return on and set to

Please any help is appreciated.

Your problem is very strange.
Have you tried to disable all other plugins, especially those related to your website security?
You should test a payment with s2Member as the only plugin to see if there is any conflict.
Maybe there is a change in your server configuration too… I know that s2Member does not really like some caching and security modules like ModSecurity.
It may also be a problem listed PayPal but in this case why would not there be more feedback on this problem?

Seems like now it’s working fine for me.

Yesterday I tried using the success=“https://…com/thankyoupage/” attribute as Brice suggested, and it worked!

But it didn’t work as it was supposed to do.
It was supposed to load the Thank you page after a successful payment at Paypal, but it loaded the Auto-Return URL: https:// …com/?s2member_paypal_return=1

That’s the page that it had the error message.

So now it’s working fine, I clicked the “Register Now” button and I went through the whole registration and everything worked just fine.
I tested it yesterday and again today, and I can’t believe that attribute (that doesn’t really work) solved the problem :open_mouth:

I have current version of wordpress, buddypress and I am having this same error. The first time I had a friend test it, I had only s2member free version. I upgraded because I thought I could get coupon codes. After I got it I realized that coupon codes only work if you are taking payment onsite. I still wanted to use buttons and have configured this accordingly. My point is that this error occurred with the free version and also the pro version…

The error:

$_SERVER[HTTP_HOST"] the original shows a _ between HTTP and HOST
If you are the site owner please check custom value in your button code. It must start with your domain name

I have:

a. deactivated all plugins except s2memberpro and tried it that way also.
b.gone through every step listed on s2member, created and selected a membership options page and a login welcome page.
c. gone through paypal and made sure all was correct, sent a support ticket with the log files to paypal support, have not heard back, to ensure that all my info is correct on their end
d. have doublechecked that all the info from paypal is correct on s2member


Then, I have:

  1. I moved the custom=“” to the front of the shortcode right behind the description
  2. I added https:// to the domain in custom, in its original location and then behind description
  3. did both of those combos and added success=“” right behind the custom
  4. then I deleted custom and left success in there

The payment goes through. My test client receives the email notifications as do I. I cancel the subscription easily. I and tester receive all notifications of that.

Last thing I tried was to bypass the Auto return completely, both in paypal and the site. That was a flop, it went no further than paypal screen saying that there appeared to be something wrong.

Only one time has the test client registered to the site from the payment received emails and that worked beautifully. I made sure to delete this user from the site after I had cancelled on paypal first.

I am at wits end. I want to use this membership plugin, so I want it to work. Ideas? Thank you in advance.

I will report in if and when tech support at Paypal answers. It appears to me that this is an issue between s2member and paypal. Perhaps paypal changed something slightly and that is what is causing this. So, my answer was so simple I think I will sleep on it before I get ecstatically happy. I switched to Stripe. It took 10 minutes to set up my business account and another 10 to tie it into s2member. I kept pinching myself that it couldn’t be right. I logged off the computer and my test client used his phone to sign up. It went through in seconds, YEAY. The only complaint I have, and will tackle tomorrow is that his notification emails are wonky. But, that seems fixable.

I also have the exact same problem. Payments go through but the “Unable to verify $_SERVER[“HTTP_HOST”]” s2 member error comes up and the person has no way to register. It has worked perfectly for years up until now. Not sure when it started exactly as I didn’t have logging enabled to protect private info, but it was working up until this past September at least. Nothing has been changed on the website since at least last spring.

-Enabled logs and tried again…shows:
[0] => Return-Data received on: Sun Nov 25, 2018 11:09:49 pm UTC
[1] => s2Member POST vars verified through a POST back to PayPal.
[2] => Unable to verify $_SERVER["HTTP_HOST"]. Please check the custom value in your Button Code. It MUST start with your domain name.
[3] => Redirecting Customer to the Home Page (after displaying an error message).

-checked button code and the it does start with domain
-disabled all plugins besides s2member, and also tried disabling my theme, no change
-tested using an email and paypal that has never been used on the site, no change
-tried a new paypal button generated by s2member, no change
-tried, changing custom value by including the “http://.ca" instead of just ".ca”, no change
-when it shows the error page if I press back then it says thank you and check your email for registration details, but it never comes, they just get an email saying that their membership has been approved

Many users of s2Member have this problem since last September, the solution would be to go through a PHP syntax instead of the shortcode.
You can read an example of a topic on this problem here: Click Here!

I was just contacted by Paypal after I put in a request for them to check into this and see what the problem is. They responded this morning:

Hey Linda,

We do apologize for the delay and the inconvenience.

There is an issue with PayPal for auto return, your account also might affected with that issue. Once it is resolved, Auto return will work without any issues.

Thank you!

I have asked them to let me know when this is resolved.

Thank you very much for your return, but I find the answer from PayPal very evasive and uninterested by your problem, which seems besides the problem of many people…

I’ve been using S2Member since 2012. Now, I’m having the same issue with my PayPal checkout. It appears that it just started recently. It is resulting in folks paying twice on several occasions. I hope that you’ll keep us updated on what PayPal says. I can’t find any solution that works through S2Member.