Tips and Tricks HQ Support

Support site for Tips and Tricks HQ premium products

  • Home
  • Contact Us
  • Documentation
  • Forum Home
    • Forum
    • Forum Search
    • Forum Login
    • Forum Registration

Using PayPal "Block Non-encrypted Website Payment" Option

by

Tips and Tricks HQ Support Portal › Forums › WP eStore Forum › WP eStore General Questions › Using PayPal "Block Non-encrypted Website Payment" Option

  • This topic has 3 replies, 3 voices, and was last updated 13 years, 1 month ago by wzp.
Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • May 7, 2012 at 11:49 am #6255
    Scene13
    Member

    For security purposes, my PayPal website options are set with the “Block Non-encrypted Website Payment” on — which requires that any PayPal button used on my site must be set as encrypted.

    Another plugin that I am using on the site includes an option to create encrypted PayPal buttons. Is this possible currently with WP eStore? If so, how can I do it?

    If it is not possible to encrypt WP eStore PayPal buttons, I will need to turn off the option on my PayPal account, which I would rather not do.

    Thanks much.

    May 7, 2012 at 1:37 pm #44808
    wzp
    Moderator

    The purpose of having encrypted PayPal buttons is to prevent spoofing of transactions.

    https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_html_encryptedwebpayments

    Under this system, transactions are blindly submitted, without any further verification checks.

    eStore uses PayPal’s IPN feature to verify the integrity of all submitted transactions, the use of encrypted buttons is not necessary.

    https://support.tipsandtricks-hq.com/forums/topic/security-vulnerability

    In fact, because eStore verifies the transaction’s integrity, after it is submitted to PayPal; this is considered a better business practice than blindly relying on a single encrypted transaction submital, without verification.

    Basically, when you use eStore, you don’t have to worry about your button security (all these are taken care of for you). More details about this here:

    http://www.tipsandtricks-hq.com/ecommerce/wordpress-ecommerce-knowledgebase-523

    https://www.youtube.com/watch?v=xl7HMsqCNPQ

    May 15, 2012 at 8:47 pm #44809
    Roger MacRae
    Member

    why not use both though. Then we have multiple layers of security

    May 16, 2012 at 2:04 am #44810
    wzp
    Moderator

    You can’t use encrypted buttons when you are submitting item information from a cart. This is the same for all cart plugins (not just eStore).

    The point of security is to manage risk. The risk we are managing is… “that someone will try to get a five finger discount.”

    PayPal provides two independent methods for preventing this; encrypted buttons and IPN. With eStore, we have chosen the IPN method, because it provides a verifiable way to ensure the proper transaction took place. To implement both would be redundant; because in the end, the IPN verification takes precedence over whatever was transmitted to PayPal.

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.
Log In

Forum Related

  • Forum Home
  • Forum Search
  • Forum Registration
  • Forum Login

Support Related Forms

  • Contact Us
  • Customer Support
  • Request a Plugin Update
  • Request Fresh Download Links

Useful Links

  • Plugin Upgrade Instructions
  • WP eStore Documentation
  • WP eMember Documentation
  • WP Affiliate Platform Documentation
  • Tips and Tricks HQ Home Page
  • Our Projects

Quick Setup Video Tutorials

  • WP eStore Video Tutorial
  • WP eMember Video Tutorial
  • WP Affiliate Platform Video Tutorial
  • Lightbox Ultimate Video Tutorial

Our Other Plugins

  • WP Express Checkout
  • Stripe Payments Plugin
  • Simple Shopping Cart Plugin
  • Simple Download Monitor

Copyright © 2025 | Tips and Tricks HQ