PayPal Instant Payment Notification Warning

Got an email today from PayPal stating there is a problem with IPN:

“Please check your server that handles PayPal Instant Payment Notifications (IPN). Instant Payment Notifications sent to the following URL(s) are failing:

http://my-site

If you do not recognize this URL, you may be using a service provider that is using IPN on your behalf. Please contact your service provider with the above information. If this problem continues, IPNs may be disabled for your account.

Thank you for your prompt attention to this issue.”

Had a member cancel today and the EOT did not update. So the issue is real. Please help, I have contacted Go Daddy and they say there is no issue their side.

I am using old version of Wordpress (4.1.16) and S2Member, but both are compatible with each other (I have made sure to update nothing), need to do this as this as the newer versions if WP would kill my business.

This issue came out of the blue today. S2Member and PayPal IPN have been running seamless for last 2 years+

Maybe something changed on the PayPal side that caused the failure? If you haven’t updated s2Member or WordPress, that’s obviously not at play in this problem. Computer programs, unlike machines, do not break down from “wear and tear”, something changed, somewhere. Your mission is to find out where.

I notice that the url you used as an example is HTTP. If you are not using HTTPS this may be an issue. I thought PayPal had implemented SSL as a requirement for all accounts, but since they were rolling it out “gradually” they might not have gotten to everyone yet. Check and see if they got to you now (IF you aren’t using HTTPS.

All of that said, you do realize that several severe security vulnerabilities have been patched in WordPress recently, don’t you? You are placing your website and your members at great risk by not keeping WordPress (and your plugins and themes) patched.

We got a security workaround. I was aware of that, but we cannot update until Wordpress iron out their updates. We have another site running up-to-date and their 2-step sign up process is awful. Lost hundreds of new customers.

IPN is still working as of yesterday, so may have been an issue for that day. I am not yet on HTTPS but am working on installing certificates.

With all due respect, unless you have email deliverability problems, I cannot fathom that you lost hundreds of customers because WordPress sends a password instead of allowing users to set their own. For that matter, with s2Member you can still choose whether to allow new Members to set their own password. (May be a Pro feature, but I don’t think so.)

With all due respect, it’s irrelevant to me and our business what you can and can’t fathom.
It happened.
The email goes from Wordpress and their email goes to junk, people still don’t check their junk. Add to that countless times members got the email and the link didn’t work. Our way, we are in full control, and it work’s for us. I have no idea why I’m having to explain this. The op has nothing to do with this.

If hundreds of your emails are going to junk, you have a deliverability problem. This will be a continuing issue for your Members as password resets, etc… will go to junk as well. I mentioned it to help you avoid problems. I also mentioned it because I will ALWAYS say something when someone posts that they are deliberately failing to patch WordPress, thus putting their website and any other sites hosted on the same webserver in danger of malware infestations, SQL injections, XSS vulnerability hacks, etc… It’s just bad management to not patch your software.

Also, as I previously mentioned, you can tell s2Member to allow the password to be set at registration. This is no reason not to update WordPress.

@nickkay83: Like beauty, foolishness is in the eye of the beholder.

I behold the expertise that @JediShark has displayed for quite some time on these forums, and then I look at your contributions here. I see that she is not the foolish one.