Support » Plugin: Paid Memberships Pro » PayPal Discontinuing HTTP 1.0 Support for IPN/PDT

  • jennal


    PayPal sent out a notice stating the following, and I just wanted to make sure that Paid Memberships Pro has been updated accordingly, if necessary, so that transactions won’t suddenly start failing on Oct 7.

    Thanks in advance.
    In a bulletin dated October 18, 2011, we announced that we were going to expand the number of IP addresses for to improve our site’s performance, scalability and availability. As part of this transition, we planned to discontinue support for HTTP 1.0 protocol starting October 7, 2013.

    We have recently identified that this change may impact the ability of some of our merchants to perform IPN (Instant Payment Notification) post-back validation or PDT (Payment Data Transfer) posts to and This happens when the IPN or PDT scripts use HTTP 1.0 protocol and do not include the “Host:” or “Host:” header in the HTTP request.

    Additional Details

    Starting October 7, 2013, we will require all incoming requests to have a “Host” header which complies with HTTP 1.1 Specifications. This header was not required under HTTP 1.0. IPN and PDT scripts using HTTP 1.0 may start failing with “HTTP/1.0 400 Bad Request” errors after October 7, 2013, which will result in IPN messages not being validated successfully, or PDT scripts not being able to retrieve transaction information.

    Action Required before October 7, 2013

    Merchants need to update their IPN and/or PDT scripts to use HTTP 1.1, and include the “Host” and “Connection: close” HTTP header in the IPN postback script.

    Example with Host as (please make necessary changes if you are using

    //Set values for the request back

    $req=HTTP::Request->new(‘POST’, ‘’);
    $req->header(Host=> ‘’);
    $req->header(Connection=> ‘close’);
    // post back to PayPal system to validate
    $header=”POST /cgi-bin/webscr HTTP/1.1\r\n”;
    $header .=”Content-Type: application/x-www-form-urlencoded\r\n”;
    $header .=”Host:\r\n”;
    $header .=”Connection: close\r\n\r\n”;

    HttpsURLConnection uc=(HttpsURLConnection) u.openConnection();
    uc.setRequestProperty(“Host”, “”);
    uc.setRequestProperty(“Connection”, “Close”);

    The PayPal Sandbox has been configured to reject any HTTP requests without the “Host” header with HTTP 400 error. Merchants can use the Sandbox environment to certify the changes to their IPN and PDT scripts.

    For more information on PDT and IPN, please refer to and For additional information or questions about this change, please contact PayPal’s Merchant Technical Support team via



Viewing 6 replies - 1 through 6 (of 6 total)
  • Slocum Themes


    Hi jennal,

    Thank you very much for posting this. I will forward this information to Jason, lead dev on PMPro, and make sure the plugin will not break come Oct. 7th.

    Plugin Author Jason Coleman


    Thanks for the info. I think I see what I would need to do to get PMPro on board with this. I’ll test that fix and get it out before October 7.



    Glad I mentioned this!

    I’ve been trying to switch from PayPal Express to using PayPal Standard, which I assumed should work fine since I have Recurring Subscription Payment unchecked. However, during my testing using the PayPal Sandbox, after the member “purchases” their membership, they are never directed away from the PayPal site back to the Membership Confirmation page the way they are when configured with PP Express. Is that correct behavior, or is that due to the Sandbox apparently (according to the notice PayPal sent) already configured to require the HTTP 1.1 header info?

    I know that if I go to my Sandbox Seller account and review History->IPN History, the Status column has “Failed”, regardless of whether Standard or Express is configured on my end. What is odd is the fact that if configured with PayPal Express, the membership process seemed to work correctly, i.e. after payment I was redirected back to the Membership Confirmation screen, yet the IPN Status still shows up as “Failed” from within PayPal’s History page.

    Hopefully you will have the changes implemented with enough time for me to complete testing with the Sandbox environment before Oct 7 rolls around.

    Thanks for handling this issue.

    Plugin Author Jason Coleman


    PayPal uses the IPN to send notification back to your server. There are a number of reasons this might not be working… especially on shared hosts. (Host Gator?)

    Anyway, PayPal Standard relies on the IPN to process the initial payment. So if your IPN isn’t working, your SOL. PayPal Express processes the initial payment immediately, so we can give the user access/etc. The IPN is only used for recurring payments and cancellations originating from PayPal. So it will still “work” to some degree even if the IPN is broken in your setup.

    I hope to have an IPN troubleshooting page up soon, but the gist is:
    * Get off shared hosting. (It can time out or be blocked by the host)
    * Make sure the IPN URL isn’t being cached by anything.
    * Make sure you are using the correct email in your payment settings.

    Any status update as to when this will be implemented and released? I’d like to test prior to Oct 7th with enough time in case there seems to be any problem(s).


    Plugin Author Jason Coleman


    Sorry this fell off my radar. I am not sure that the older IPN Handler doesn’t work, but the udpated IPN handler going out in version (tomorrow) does work on the sandbox environment with the added headers per that PayPal note.

    To update your IPN script before the official PMPro update goes out, you need to update these lines in services/ipnhandler.php

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘PayPal Discontinuing HTTP 1.0 Support for IPN/PDT’ is closed to new replies.