Worldpay Callback to failed CAUSED BY invalid HTTP status line: null

Home Forums BulletProof Security Pro Worldpay Callback to failed CAUSED BY invalid HTTP status line: null

Tagged: , ,

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • March 6, 2013 at 3:27 pm #2578
    AITpro Admin
    Keymaster

    Email Question:

    The reason why I had to upgrade was because I am having an issue with getting WorldPay to send a payment response back to my website. It just seems error out with a NULL value being retured back to WorldPay.

    Error reported: Callback to: http://example.com/payments?module=mgm_worldpay&method=payment_notify: failed CAUSED BY invalid HTTP status line: >null<

    Server Reference: mm2imscs4p:callbackFailureEmail-24892:MerchReq-793-88
    I can see that you now have a firewall functionality to allow payment systems like paypal etc. I will go through the docs and video to see if I can get the following payment response URL added/whitelisted: http://example.com/payments?module=mgm_worldpay&method=payment_notify

    March 6, 2013 at 3:30 pm #2579
    AITpro Admin
    Keymaster

    You would only need to whitelist plugin scripts.  The Plugin Firewall puts a firewall on the plugins folder so if you have a Shopping Cart Plugin then you would need to whitelist a payment provider script ONLY if it is in the plugins folder.  Your script is outside of the plugins folder so the plugin firewall is not going to be what is blocking it. To completely take BPS Pro out of the equation to test if BPS Pro is causing the issue/problem do these steps below:

    BPS Pro General Troubleshooting Steps
    1. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button. See Custom Code Note if doing this step works.
    2. On the Security Modes page, click the wp-admin Folder BulletProof Mode Deactivate button.  See Custom Code Note if doing this step works.
    3. On the Security Modes page, click the Plugin Firewall BulletProof Mode Deactivate button.
    4. On the Security Modes page, click the UAEG BulletProof Mode Deactivate button.
    5. If an issue/problem is related to files being locked with F-Lock then unlock files on the F-Lock page.
    6. If an issue/problem is related to Login Security turn Off Login Security on the Login Security & Monitoring page.
    7. If an issue/problem is related to JTC Anti-Spam|Anti-Hacker turn Off JTC Anti-Spam|Anti-Hacker on the JTC Anti-Spam|Anti-Hacker page.
    8. If an issue/problem is related to a custom php.ini file (if you created a custom php.ini file for your website) rename it to php.ini.BAK
    9. If an issue/problem is related to files being autorestored and/or quarantined turn Off AutoRestore|Quarantine on the AutoRestore page. Note: If you are manually editing or uploading files to your website see the AutoRestore|Quarantine Manual File Editing/Uploading Correct Usage steps:http://forum.ait-pro.com/forums/topic/autorestore-quarantine-guide-read-me-first/#procedural-steps

    UPDATE:  Several things in WooCommerce have changed since this forum topic was originally created and the additional steps in this forum topic link below may need to be done to resolve this particular issue/problem or in addition to resolving this particular issue.
    http://forum.ait-pro.com/forums/topic/woocommerce-read-me-first/

    March 6, 2013 at 3:37 pm #2580
    AITpro Admin
    Keymaster

    I just realized that you have the payments.php script in your website root folder.  This is not a good idea for many reasons.  Site architecture-wise you  always want to contain scripts like this in their own folder/directory for a number of reasons.  The primary reason is so that you do not have to change your website’s overall security to accomodate this one script.

    So ideally you would want to have this script in its own folder:  /payments/payments.php.  Then you would simply add an htaccess file in that /payments folder to control security or turn off security for ONLY that folder. If you add a RewriteEngine Off htaccess file in the /payments folder then you are turning off security in ONLY that folder.

    You can download a BPS Pro RewriteEngine Off .htaccess file from this folder /wp-content/plugins/bulletproof-security/admin/htaccess/RewriteEngineOff.htaccess
    Upload the RewriteEngineOff.htaccess file to the new folder/directory that you create for the payments.php file.
    Rename the RewriteEngineOff.htaccess file to just .htaccess after you have uploaded it to this new folder.
    You will probably also need to add a blank index.php file in that new folder/directory.  You can use the WordPress blank index.php file here:  /wp-content/index.php

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.