Virtuozzo to kvm server, mySQL to MariaDB, PayPal PayFlow Link fails

competitions

Member
Oct 20, 2010
23
4
53
Webhost decided to change servers and as part of that, MySQL 5.6 to MariaDB 10.3. Also PHP 7.2 to 7.4.
Tested live and test sites on php 7.4 and all worked fine. Tested all that was possible on test server prior to changeover and all was fine. Only thing that could not be tested was our online payments system which uses PayPal PayFlow Link, due to PayPal needing a front facing public available domain, which the test server wasn't.

Immediately after changeover, I test the new server for online transactions and it fails. The webhost has been nearly 48 hours now and no closer to finding the issue and I'm losing income.

The merchant php scripts have been in use for many years without issue. PayPal seems to think POST data is not being received by the merchant server. When testing via browser, the message displayed is "Your transaction was approved! [indicating the payment form data was sent and the funds were available] However, a communication error with the merchant's site occured' [indicating a comms error or POST data was not received by the server].

PayPal technical services [this is not their issue], but I contacted them anyway, said:
"Since the screenshot is showing that the payment completed, but was voided, it looks like this was done due to a Silent Post confirmation issue.

You have the setting enabled on your page that if your silent post URL is https://www.example.com/shop/purchase_update.php, and if this Silent Post URL is unavailable, our system is to void the payment. You said that you have migrated to a new server, can you verify that your listed Silent Post URLs in your account are still correct? If these are not valid, you will need to update the setting in your PayFlow account as soon as possible to ensure that the payments are not voiding."

No changes to scripts, no changes to PayPal silent post url.

What in a server change could cause this? Some type of permission issue to external site [PayPal] to scripts or DB that have always been available? PHP handler? Change from MySQL to MariaDB? Some other unknown setting on the server?

If cPanel support reach out to check this, I have the PayPal PayFlow Link in test mode, so no issue with support using the payment form multiple times with test card data etc.


Probably unrelated but this also concerned me while testing:
 

competitions

Member
Oct 20, 2010
23
4
53
OMG, my webhost is clearly out of their depth, their latest update says "It seems to be an issue with the cards like Visa". A payment system run by PayPal no longer accepts Visa? The error message clearly says it's a communications issue with the merchant server! Help me please cPanel.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,923
912
313
cPanel Access Level
Root Administrator
Hey there! Unfortunately we on the cPanel side don't have any idea about this, since this isn't related to our software.

It sounds like the reply from PayPal mentioned that *something* needs to be updated in the silent post URLs, although if they are not IP-based I would not expect those to change either as they would continue to use the same domain name after the transfer.
 

competitions

Member
Oct 20, 2010
23
4
53
After four to five days, it looks like this has been resolved. It wasn't related to PayPal or our server based payment scripts as neither of those were changed prior to the server change and they weren't changed to make things work again after the server change. Silent post url's not ip-based either. So server based issue.
Webhost indicated it as possibly apache configuration was to set the Directory Index priority as in your source server and also the SSL Ciphersuits.
TLS 1.3 was disabled on the new server [no idea what it was on the old server] according to the previous ssllabs test result run while the issue was noticeable. Now it's on. TLS 1.2 should be fine according to PayPal security guidelines and best practices so likely a coincidence.
I cannot definitively say what rectified the issue. Webhost doesn't appear to be able to. Much as I would like to know exactly what the cause was.
Considering accounts and WHM settings were copied from one server to the new, I'm unclear what would have changed or been missed from the copy, if indeed they were.
In any case, thanks to the cPanel support team for being so responsive.