Paypal IPN Script Stopped Working After 2 Years

[audiopro]

I have a Perl script which has been processing Paypal IPN (Instant Payment Notifications) for over 2 years without issues.

The process has always been over SSL to Paypal's https address.
Last week, the processes started reporting HTTP error on all transactions. In the reason code, returned from Paypal was this rather cryptic message.

STATUS LWP will support https URLs if the Crypt::SSLeay module is installed.
More information at <[URL unfurl="true"]http://www.linpro.no/lwp/libwww-perl/README.SSL>.[/URL]

ISP says nothing has changed.
Crypt::SSLeay is still installed.
The link given is n/a.

Does anyone have a clue of how to fix this?

Keith

http://www.studiosoft.co.uk

 

[1DMF]

Hey Keith,

Do you have control over perl modules, so you can be sure it's still installed?

Is the URL path given in your paypal developers account over HTTPS, might be worth checking and that your domain has a valid SSL certificate installed.

If paypal expects to send you the purchase to your perl script via SSL that could be the problem?

Or does it send you the transaction id non SSL and then you retrieve the details via an HTTPS request with LWP?

It's been a while since I used paypal IPN, so excuse any stupid questions!

1DMF

"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads

 

[audiopro]

No question is stupid.
I have narrowed it down to something wrong on the server.
When working:-
The script itself can be called without params, in such a case it contacts Paypal, Paypal responds with a code and I print that code to a log file.
At the moment:-
Call the script and it is not making contact with Paypal at all.

As a test, I copied the script to 2 other servers I have set up for accepting payments, and it gets a response on the other servers as expected.
I am hoping the ISP logs will shed some light on the problem.

One of the other servers is non SSL so I think that option can be removed from the issue.

Keith

http://www.studiosoft.co.uk

 

[audiopro]

I have also discovered that this error message

STATUS LWP will support https URLs if the Crypt::SSLeay module is installed.
More information at <[URL unfurl="true"]http://www.linpro.no/lwp/libwww-perl/README.SSL>.[/URL]

does not come from Paypal.
I can only assume that it comes from within one of the Perl modules but which one?


Keith

http://www.studiosoft.co.uk

 

[1DMF]

Well it certainly seems to think SSLeay isn't installed?

Have you tried forcing the script IPN calls on your server to add the current cgi-bin to the @INC and uploading Crypt::SSLeay to the cgi-bin tree structure?

That's how I get modules I can't install on shared hosting to work ;-)

# Set path to modules
use FindBin qw($Bin);
use lib "$Bin";

"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads

 

[audiopro]

After a wrangle with the ISP, they are now saying there maybe an issue with the server. I do wish these people would just accept there is a problem and then we could work through it together. Their usual 'It's a scripting issue' is wearing very thin.

I have bypassed the support and gone a bit higher up the food chain to see if I can get the quality of support they boast about. I have been patient with these clowns for long enough, time for some positive action.

Keith

http://www.studiosoft.co.uk

 

[1DMF]

Good luck, it can be a nightmare convincing a host company that your script is fine and it is their server config with the problem!



"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads

 

[audiopro]

Some people would suggest moving to another ISP but therein lies a problem. I have quite a few sites with them and moving them all to a new provider would mean a lot of work. The idea that you can just port a website over to another ISP easily is ok in theory but in practice the whole thing usually falls over. It would be fine with a 5 page 'Mom and Pop' static website but most of the sites are quite large website driven sites and they do not port too well.
The best solution would be for the ISP in question to go back to the level of service they offered back in 1999 when I started with them - now that would be proper progress.

Keith

http://www.studiosoft.co.uk

 

[audiopro]

This is the response from the ISP:-
I am not sure whether this a legitimate reason or whether I am being BS'd into buying a virtual server. Is Crypt::SSLeay considered to be such a serious security risk?

If so whay have they not 'upgraded' my other sites which up to now are still working perfectly well.

Keith

http://www.studiosoft.co.uk

 

[1DMF]

I feel your scepticism, I been in a situation where I was told MIME::Lite was a security risk and so had to move hosting as I could no longer send emails!

Have you tried FTPing it to your site as I suggested?

Has your traffic increased much recently, that can be a trigger for some hosting companies to play the 'you need to upgrade' card, even though the package you may be currently on has unlimited space / bandwidth / email etc.!

"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads

 

[Zhris]

Very interesting to hear that you guys have experienced similar issues to myself on a shared server. Modules have gone missing in the past and I have been told it must be a bug in my script. These were very stressful times.

With regards to MIME::Lite, it is suggested in the documentation that alternatives should be used instead (my personal choice being MIME::Entity since the switchover required no adjustments to the code other than use statements):

MIME::Lite is not recommended by its current maintainer. There are a number of alternatives, like Email::MIME or MIME::Entity and Email::Sender, which you should probably use instead. MIME::Lite continues to accrue weird bug reports, and it is not receiving a large amount of refactoring due to the availability of better alternatives. Please consider using something else.

Chris

 

[audiopro]

I too have had the Mime::Lite wisdom thrown at me from the ISP although the outcome there was slightly different. They said, what I was trying to do was not possible on their server. Strange that, because after changing a few minor things, it worked and has continued to work as part of the application which uses Crypr::SSLeay in it's final stage.

It may be possible that the techs at the ISP know nothing about Perl but as is tradition in the computer tech industry -

Admitting you don't know something is a sign of weakness!

I do no have a problem with anyone, faced with an unknown issue, saying that they do not know the answer. Much better that spouting verbal doo dahs in a pathetic attempt to cover up their lack of knowledge.

This issue has now been going on for 3 weeks and we are no nearer to a solution to the problem and there was me thinking that these big ISP's know what they are doing.

It may just be me turning into a grumpy old git but nothing seems to work any more. I have just bought a new computer which came loaded with Windows 8. Out of the box it does all kinds of things. I can log straight onto Ebay, Skype, Facebook, Twitter, I can tell you what the weather is like in Mumbai, I can buy books from Kindle, I can download recipes, I can buy any number of useless apps from the windows store and perform some absolute miracles (apparently). What I can't do, is set up the network, send and receive emails or get on with any work ( the reason why I bought the thing).
Just a word about the network, I have set it up, set all folders to share everything, turned the security right down and still the pesky thing refuses to transfer files.

I'll say one thing for it - it is very secure!



Keith

http://www.studiosoft.co.uk

 

[1DMF]

Windows 8! -> Runs away screaming!

MIME::Lite continues to accrue weird bug reports

Really , what are they?, as I have never had a problem in 10 years of use?

"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads

 

[audiopro]

The decision to upgrade was out of my hands - I was happy with XP, it did the job I wanted it to do. In fact, my XP boxes and my better half's Vista box are the only fully working machines we have. After installing virus software, neither of the windows 8 boxes can access the network, even with the firewall off.

I can solve the Crypt::SSLeay issue by rewriting the notify script in PHP and as the techs at the ISP are clueless, I will have to do that in the short term. In the long term, I am looking foran alternative ISP.

Keith

http://www.studiosoft.co.uk

 

[travs69]

I will say that either coloing your own server or getting a virtual private server is the way to go. You have to handle your own security and updates, but I prefer it that way. I had a VPS with burst.net for a few years (I think cost was $60 per year) and only moved it because I had my own server's put in a colo. As for moving the sites.. I know it's a real PITA but I'd rather go through that than have something unstable or unknown.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Travis - Those who say it cannot be done are usually interrupted by someone else doing it; Give the wrong symptoms, get the wrong solutions;

 

[audiopro]

I have signed up for a basic virtual server and now wish I hadn't bothered. I have a main website and several other smaller ones and I thought I would dip my toe in the water with a basic VPS to get the feel of it. I was advised to get a 512Mb RAM option but what they didn't tell me was that cPanel alone requires 1Mb of RAM to work any where near reasonable speed. Distant selling regs don't apply here and I am a bit ragged off that I have been flogged a bag of washing.
The ISP's reply is that I can always upgrade - pay more for a service worse than the one I have at the moment - sounds like a vicious circle to me.

Keith

http://www.studiosoft.co.uk

 

[travs69]

The problem is you are used to have a page file (or tmpfs if linux/unix) and that helps supplement your ram (or lack of). When you go to a VPS they disable page/tmpfs because they don't want people under buying ram and over utilizing the disk. You can run a basic linux box in 512M of ram but with no tmpfs you can definitely tell it isn't very fast. That's why I moved to just controlling my own.. it costs more but I've been able to expand it and do more with it. If you have a VPS why are they messing with your modules? In my VPS they won't touch it, I could run Red Hat 3.0 on it if I really wanted to, they put a base Ubuntu on it for me and I have since upgraded to newer versions as I deemed necessary (until I moved off of it).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Travis - Those who say it cannot be done are usually interrupted by someone else doing it; Give the wrong symptoms, get the wrong solutions;

 

[audiopro]

They are messing with modules on a shared hosting platform so I thought I would look into a VPS to bring all of my sites together. It is now looking like the VPS I was advised to get is only suitable for a couple of 5 page, static Mom and Pop sites. Although I don't think I have a claim under Distance Selling, I think I may have a claim under being sold a pile of wombat's wotsits.

Keith

http://www.studiosoft.co.uk