Getting a paypal payment software to work on our websites

Avatar
  • Answered
Hi,

We had a software that helped us integrate Paypal payments into our forms that was working great on our old host. But since we moved to InMotion Hosting this no longer works.

We spoke with the person who created the software that we are using which is a wordpress plugin and I've included his recommendation below. Please let me know if you can do what he suggests. Also, we'll need the same thing done for /lisub/ directory.

************************
Hi Rodney,

What is also worrying is that PayPal IPNs are being blocked - https://example.com/rylsub/wp-content/plugins/subscriptionboss/subb-ipn.php gives a 403 Forbidden error

This is likely due to something that blocks direct access to plugin files: the thing doing the blocking will likely be a security setting on your webserver or in a WordPress security plugin

It should simply be a matter of whitelisting the following files in either the security plugin or webserver settings:

https://example.com/rylsub/wp-content/plugins/subscriptionboss/subb-ipn.php
https://example.com/rylsub/wp-content/plugins/subscriptionboss/subb-order-script.php

( and also a few others if you are using them)

https://example.com/rylsub/wp-content/plugins/subscriptionboss/subb-order-form.php
https://example.com/rylsub/wp-content/plugins/subscriptionboss/subb-cart-form.php
https://example.com/rylsub/wp-content/plugins/subscriptionboss/subb-cart-script.php


Avatar
JacobIMH
Hello rodney-tli, and thanks for your question. I've gone ahead and replaced your domain with example.com as this is a public post. It looks like at some point you setup a .htaccess file in your /rylsub/wp-content/ and /lisub/wp-content/ directories denying access to all PHP scripts with this code:
<Files *.php>
deny from all
</Files>
I'm not sure if any of your plugins would have been functioning properly with this rule in place. As all WordPress plugins are stored in this /wp-content/plugins/ directory, and they are all PHP scripts. This rule effectively told the server they weren't allowed to run. I went ahead and adjusted this for you, so that it still disallows all PHP scripts from the outside, but still allows the server itself at 127.0.0.1 to run PHP scripts. I also added an exception that allows the subb-*.php named ones to be accessed from the outside without causing a 403 Access Denied error:
<Files *.php>
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1
</Files>

<Files subb-*.php>
    Order Allow,Deny
    Allow from all
</Files>
Please let us know if you're still having any issues at all. - Jacob