Tips and Tricks HQ Support

Support site for Tips and Tricks HQ premium products

  • Home
  • Contact Us
  • Documentation
  • Forum Home
    • Forum
    • Forum Search
    • Forum Login
    • Forum Registration

PayPal IPN changes as of Oct 1

by

Tips and Tricks HQ Support Portal › Forums › WP eStore Forum › WP eStore General Questions › PayPal IPN changes as of Oct 1

Tagged: estore, IPN, PayPal

  • This topic has 5 replies, 6 voices, and was last updated 9 years, 8 months ago by admin.
Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • October 7, 2011 at 2:01 am #4494
    Lincoln
    Spectator

    On Sept 29, Oct 1, and Nov 15, PayPal will be making changes to the IPN. I have copy and pasted the PayPal announcement below. My question is, do we need to make any changes to our WP eStore settings?

    —-

    PayPal understands the importance of keeping our service highly available to our customers. Consequently, to improve our performance, scalability and availability we will soon be significantly expanding the number of IP addresses for our services.

    During the first phase of this rollout which starts on September 29, we will begin gradually moving PayPal website (https://www.paypal.com) onto a dynamic range of IP addresses rather than the current 8 IP addresses published in the DNS (Domain Name System).

    This change should be transparent to most merchants and may not require any action on your part.

    ACTION REQUIRED: if you are using IPN (Instant Payment Notification) for Order Management and your IPN listener script is behind a firewall that uses ACL (Access Control List) rules which restrict outbound traffic to a limited number of IP addresses, then you may need to do one of the following:

    • To continue posting back to https://www.paypal.com to perform IPN validation you will need to update your firewall ACL to allow outbound access to *any* IP address for the servers that host your IPN script

    OR

    • Alternatively, you will need to modify your IPN script to post back IPNs to the newly created URL https://ipnpb.paypal.com using HTTPS (port 443) and update firewall ACL rules to allow outbound access to the ipnpb.paypal.com IP ranges (see end of message).

    During the next phase of this rollout we plan to expand the range of IP addresses for the API services on the following endpoints:

    api-3t.paypal.com

    api-aa-3t.paypal.com

    api.paypal.com

    api-aa.paypal.com

    svcs.paypal.com

    We will be using the same IP addresses as listed below which are also documented in the MTS FAQ [https://ppmts.custhelp.com/app/answers/detail/a_id/92] .

    ACTION REQUIRED: if you are using ACL (access control list) on your firewall to restrict outbound access to the IP addresses currently in the DNS when connecting to PayPal API endpoints, then you will need to update your firewall rules to allow outbound access to the additional IP addresses.

    There’s no action required if you are using DNS (domain name system) to make API requests to PayPal and your firewall does not restrict outgoing traffic to a limited set of IP addresses.

    While these changes must be made by early March, 2012, we strongly encourage merchants to make any necessary updates by November 15th 2011 as this will help minimize any potential disruptions during the holiday season.

    For more information on IPN, please refer to https://www.paypal.com/ipn .

    For more information on PayPal APIs, please refer to https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/howto_api_reference .

    If you are not sure whether this applies to you or not, then please contact your IT personnel. If you are using a third party vendor for the integration, like a shopping cart vendor etc, then please contact the vendor.

    New IP address ranges for ipnpb.paypal.com and the PayPal API endpoints:

    • 64.4.240.0/20

    • 66.211.160.0/19

    • 173.0.80.0/20

    • 118.214.15.186

    • 118.215.103.186

    • 118.215.119.186

    • 118.215.127.186

    • 118.215.15.186

    • 118.215.151.186

    • 118.215.159.186

    • 118.215.167.186

    • 118.215.199.186

    • 118.215.207.186

    • 118.215.215.186

    • 118.215.231.186

    • 118.215.255.186

    • 118.215.39.186

    • 118.215.63.186

    • 118.215.7.186

    • 118.215.79.186

    • 118.215.87.186

    • 118.215.95.186

    • 202.43.63.186

    • 69.192.31.186

    • 72.247.111.186

    • 88.221.43.186

    • 92.122.143.186

    • 92.123.151.186

    • 92.123.159.186

    • 92.123.163.186

    • 92.123.167.186

    • 92.123.179.186

    • 92.123.183.186

    • 92.123.199.186

    • 92.123.203.186

    • 92.123.207.186

    • 92.123.211.186

    • 92.123.215.186

    • 92.123.219.186

    • 92.123.247.186

    • 92.123.255.186

    • 95.100.31.186

    • 96.16.199.186

    • 96.16.23.186

    • 96.16.247.186

    • 96.16.255.186

    • 96.16.39.186

    • 96.16.55.186

    • 96.17.47.186

    • 96.6.239.186

    • 96.6.79.186

    • 96.7.175.186

    • 96.7.191.186

    • 96.7.199.186

    • 96.7.231.186

    • 96.7.247.186

    October 7, 2011 at 11:17 am #37373
    wzp
    Moderator

    The majority of eStore users, perhaps 99.5%+, are unaffected. This will only affect you, IF you are hosting your own server, behind a FIREWALL that uses Access Control List (ACL) rules.

    Under ACL rules, the firewall compares requested URL connections with a list of preconfigured/associated IP addresses. If the requested URL domain doesn’t match a vetted IP address, the connection is blocked.

    If you are affected, then any required changes must be made by the network administrator, to the firewall’s ACL rules.

    Update: The following announcement should be helpful for this topic:

    https://support.tipsandtricks-hq.com/forums/topic/paypal-ipn-and-pdt-changes-effective-from-1st-february-2013

    September 10, 2015 at 8:51 pm #37374
    Shelly
    Member

    I received an email from Paypal about IPN usage. Here’s the what I received in the email.

    “PayPal is upgrading the certificate for http://www.paypal.com to SHA-256. This endpoint is also used by merchants using the Instant Payment Notification (IPN) product.

    This upgrade is scheduled for 9/30/2015; however, we may need to change this date on short notice to you to align to the industry security standard.

    You’re receiving this notification because you’ve been identified as a merchant who has used IPN endpoints within the past year. If you have not made the necessary changes, we urge you to do so right away to avoid a disruption of your service!

    Because these changes are technical in nature, we advise that you consult with your individuals responsible for your PayPal integration. They will be able to identify what, if any, changes are needed. Please share this email and the hyperlinks below with your technical contact for evaluation.

    Testing in the Sandbox is one of the best ways to make sure your integration works. Sandbox endpoints have been upgraded to accept secure connections by the SHA-256 Certificates.

    Full technical details can be found in our Merchant Security System Upgrade Guide. In addition, our 2015-2016 SSL Certificate Change microsite contains a schedule of our service upgrade plan.”

    I know I enabled IPN on my Paypal account when I added the WP eStore plugin. Is there anything I need to do to keep the WP eStore working with Paypal? I have no idea what I need to change if anything.

    Thanks!

    September 10, 2015 at 11:01 pm #37375
    paper mache
    Member

    I received the same one. The link in the email goes to paypal-knowledge.com and I am concerned about clicking the link to see what they’re telling me to do. I’m also curious if this will affect WPeStore.

    Thanks.

    September 10, 2015 at 11:15 pm #37376
    MMM
    Member

    I received the same email. “PayPal is upgrading the certificate for http://www.paypal.com to SHA-256. This endpoint is also used by merchants using the Instant Payment Notification (IPN) product.”

    Is there a certain version of estore that we should be using to avoid any problems?

    September 10, 2015 at 11:25 pm #37377
    admin
    Keymaster

    There is nothing you need to do or worry about as far as our plugins are concerned.

    Our plugins are already upto date. So you can ignore that message.

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.
Log In

Forum Related

  • Forum Home
  • Forum Search
  • Forum Registration
  • Forum Login

Support Related Forms

  • Contact Us
  • Customer Support
  • Request a Plugin Update
  • Request Fresh Download Links

Useful Links

  • Plugin Upgrade Instructions
  • WP eStore Documentation
  • WP eMember Documentation
  • WP Affiliate Platform Documentation
  • Tips and Tricks HQ Home Page
  • Our Projects

Quick Setup Video Tutorials

  • WP eStore Video Tutorial
  • WP eMember Video Tutorial
  • WP Affiliate Platform Video Tutorial
  • Lightbox Ultimate Video Tutorial

Our Other Plugins

  • WP Express Checkout
  • Stripe Payments Plugin
  • Simple Shopping Cart Plugin
  • Simple Download Monitor

Copyright © 2025 | Tips and Tricks HQ