Clever Geek Handbook

Access Denied When Verifying IPN Paypal

When trying to verify payments using IPN, I get the following error. The same code has been sandbox tested (before and after the error) and validates correctly.

<HTML>
<HEAD>
    <TITLE>Access Denied</TITLE>
</HEAD>
<BODY>
    <H1>Access Denied</H1>

    You don't have permission to access "https://www.paypal.com/cgi-bin/webscr" on this server.<P>
    Reference #18.........    
</BODY>
</HTML>

The code I'm using looks like this:

$raw_post_data = file_get_contents('php://input');
pplog("Processing POSTed data");
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
    $keyval = explode ('=', $keyval);
    if (count($keyval) == 2)
        $myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the IPN message sent from PayPal and prepend 'cmd=_notify-validate'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
    $get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
    if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
        $value = urlencode(stripslashes($value));
    } else {
         $value = urlencode($value);
    }
     $req .= "&$key=$value";
}

$ch = curl_init("https://www.paypal.com/cgi-bin/webscr");
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));

if(!($res = curl_exec($ch)) ) {
    error_log("Got " . curl_error($ch) . " when processing IPN data");
    curl_close($ch);
    exit;
}
curl_close($ch);
log($res);

I'm on Ubuntu 14.04, with openssl, curl and phpcurl installed, and four hours of debugging.

+4


source to share


4 answers


Finally found a fix for this after talking to PayPal tech support. It was a problem with something they changed and are working on a fix, but to get it working again you just need to send a "User-Agent" HTTP header with a Curl request, something like:

curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close', 'User-Agent: company-name'));


Regarding that "User-Agent" should be installed, it should be at least 5 characters long, maybe your company name as the example shows, but this is optional.

The tech support agent also pointed me to: https://ppmts.custhelp.com/app/answers/detail/a_id/92 if the above fix doesn't work, but it did for me.

+17


source


If anyone else finds this through a google search I had a similar problem when visiting any Paypal URL - I would get "Access Denied". The cause was a user agent issue - I had a UA switch extension and I was using Chrome with a non-standard user agent. Reverting to the default user agent fixed the issue.



0


source


If anyone has this problem on their Android device, please try downloading or reinstalling Internet & MMS Settings.

Settings - Networks - Internet Settings

I think doing this will reset or update any settings that need to be done. Worked for me on my Sony Xperia Z2!

0


source


I was also getting Access Denied (403) from accessing any PayPal account using any browser. Once this happens, it continues to happen.

For both Firefox and Safari, the solution is to find all PayPal-related cookies and delete them. The problem disappears.

0


source






More articles:


All Articles