PayPal Instant Payment Notifications Failing

We’ve started to get frequent emails from PayPal stating that the IPNs are failing.

The offending link they provide is:
http://www.workingsheepdog.co.uk/?s2member_paypal_notify=1 https%3A%2F%2Fwww.workingsheepdog.co.uk%2F%3Fs2member_paypal_notify%3D1
(Note the http:// rather than https://)

However. Our PayPal IPN setting in PayPal Selling Preferences is:
https://www.workingsheepdog.co.uk/?s2member_paypal_notify=1
(Note the https://)

Having only fairly recently activated SSL, is there an s2Member setting we need to change to put this right?
I notice that the url in our membership button code simply: custom="www.workingsheepdog.co.uk"
Thanks in advance, Andy.

It sounds like you need to add some code to your .htaccess file to ensure that everything on your site is served over https. Your host should be able to do it for you or tell you what to do.

Thanks Tim, but the hosting company assures me all is OK with the .htaccess.
It’s a real puzzle.

The hosting company suggested we disable Instant Payment Notifications on PayPal.
Is it OK to do this?
I’m not exactly sure who they notify, about what?
Can anyone explain please?

IPN is a connection from Paypal to your site, to"say" to your site that some payment where cancelled, or you have a new sale etc. Without it s2M can’t works well. Change your hosting…

Thanks - but if this is something sent from PayPal to the website, I don’t understand how it can be the fault of the hosting company.

The PayPal IPN setting in our PayPal Selling Preferences is: https://

But the PayPal emails say the offending link is: http://

PayPal no longer accepts non-SSL URLs so where can they be getting the http:// from (other than s2Member or their own PayPal system)?

First, your hosting suggested something, that no way to works. Means, then don’t understand the problem, at least. And this is dangerous, for me…

Check your settings in Paypal, ensure that your IPN URL there is “https”. I see you did, but better doublechek.

Find where the link you show first is set. It is very different than your IPN URL, not “https” only, it’s actually “doubled URL”… So check your IPN settings in Paypal and better set them again.

Thank you.
Yes I realise that advising us to cancel IPN was not a good idea but I think this must be a PayPal issue - I’ve checked and reset the IPN Settings (on PayPal) several times and they are correct, so I will call PayPal (again) this morning to try to find out where they get that crazy url from.

PayPal insist the problem is not on their side. Our web hosts insist it’s not with them. They have changed our .htaccess to

Somehow, when PayPal sends a request to:
https://www.workingsheepdog.co.uk/?s2member_paypal_notify=1

They are getting a 403 error from http://www.workingsheepdog.co.uk/?s2member_paypal_notify=1%0Ahttps%3A%2F%2Fwww.workingsheepdog.co.uk%2F%3Fs2member_paypal_notify%3D1 (beginning: http - not https)

How can this happen?

The Wordpress and Site Address are both set to HTTPS in Wordpress.

Is there a setting in s2Member that we should have changed when we changed to SSL?

The problem began in the first week of October, and I know s2Member plugin hasn’t been updated since July, so it cannot be that but can you think of anything that can possibly have some bearing on this. Otherwise we’re going to have to change both our hosting and possibly our membership plugin.

It typically happens as a result of caching. Is your host running something like Varnish or Cachewall? That needs to be turned off.

In addition, as I said before, you should have code in your .htaccess file to direct all traffic to https. This makes it impossible for anyone to connect on http. I know you said that your host says that everything is fine, but clearly it isn’t. Like @krumch, I’d be seriously considering changing hosts now too.

Tiresome though it is, we are still getting the same issues. This is way beyond my expertise, but as far as I can tell from our conversations, everyone is blaming someone else.

This text is being sent to the three parties involved in this issue:
PayPal, SiteGround (hosting) and s2Member (Wordpress membership management plugin).

PLEASE take the trouble to re-examine the details below and do what you can to help us to reach a solution.

Something is wrong somewhere…

The Instant Payment Notification (IPN) URL in the PayPal account is correct:
https://www.workingsheepdog.co.uk/?s2member_paypal_notify=1

I have tested this URL many times, with Safari, Chrome and Firefox - it has NEVER FAILED to come up with the following:
“This PayPal IPN Handler by s2Member® is active & listening”.

Please test this link yourself.

If PayPal is actually sending that URL it will get the same response that you and I get.

But the IPN failure emails we receive don’t list that URL, they list a this one:
http://www.workingsheepdog.co.uk/?s2member_paypal_notify=1 https%3A%2F%2Fwww.workingsheepdog.co.uk%2F%3Fs2member_paypal_notify%3D1

Note the http, rather than https - and the garbage after it. How can that happen?

Oddly though, when I enter the incorrect URL (as above) - I still get:
“This PayPal IPN Handler by s2Member® is active & listening”.

To my untrained mind, this suggests that the PayPal notification is reaching s2Member (because s2Member is telling us it has) but there is some breakdown in communication from there on.

Ironically, some new membership payments work correctly and the member details are created or upgraded, while others don’t.
We’re trying to establish a pattern but have not been able to so far.

@andynick - have you run a complete search of your site, including the database for http: links? If not, you may find this tool helpful. It has a test or preview mode if needed:

Has this ever been resolved? We are having the very same problem - hosting is with Inmotion, IPN set correctly in Paypal, and getting the “active & listening” response to the URL.

In our case, the errant IPN URL that Paypal keeps claiming in emails that we are using is the one from a long-ago membership plug-in that we used in the distant past. I can’t imagine any way that it can be turning up when the plugin is not even on our server any more, and our Paypal buttons were generated with S2Member’s button generator.

Interestingly, we recently created a new one-time special offer that is NOT a recurring subscription and THOSE IPN messages are coming through just fine.

Really at my wits’ end with this!!!

Not really, Susan, we’ve had it up to here with PayPal. Their support is lamentable in our opinion, so we’re in the process of shifting everything over to Stripe
So far we’re very pleased. It’s VERY easy to get started, the website is very user friendly, and we won’t be paying any monthly fees!

We got so desperate we moved to a new host and the IPNs worked well for a while, but then started again, and STILL PayPal deny it could possibly be anything to do with them - read about it on this post

Thanks for the reply - I was afraid of that. Sadly, I fear that our member base will be unwilling to deal with an unfamiliar processor, such as Stripe. Paypal is pretty universal amongst our folks.

I think if I could ferret out the reason that Paypal is claiming that we’re using this as our IPN URL:
http://bluedevilnation.net/wordpress/?ym_process=ym_paypal http%3A%2F%2Fbluedevilnation.net%2Fwordpress%2F%3Fym_process%3D1&mod=ym_paypal

when we are absolutely NOT (the correct url verified multiple times with paypal is:
https://secure139.inmotionhosting.com/~bluede8/?s2member_paypal_notify=1)

we might be able to right it. However, this makes no sense whatsoever - not only is it obviously duplicated, but it’s using a membership plugin that no longer exists. This is truly a bizarre and frustrating scenario.

Thanks again for responding, and glad to hear that your solution is working well for you!!

Cheers,
Susan

We had the same duplicated URL story, but when I kicked up, it stopped happening so I guess PayPal eventually fixed it, but sadly the IPN failures kept happening even though the URL they were quoting was correct.

When you speak to PayPal, you might like to refer them to our cases:
December 2017: Incident: 171201-000157
and again last week: Incident: 180323-000074

We’re a little concerned that our customers like PayPal, but if it’s not working and PayPal won’t help us, we don’t have much choice. If you do find a resolution to it, it would be great if you could let us know…

I hope you get it sorted.

Best wishes,
Andy

Andy Nickless
The Working Sheepdog Website

Thanks! Will definitely report back if we have any success. Not holding my breath, though, based on both my past experiences with Paypal and yours.
Best,
Susan