prwordpressorg
Forum Replies Created
-
For complete information, I have the following settings in iThemes security:
yes Protect System Files: Prevent public access to readme.html, readme.txt, wp-config.php, install.php, wp-includes, and .htaccess.
yes Disable Directory Browsing
yes Disable PHP in Uploads
yes Disable PHP in Plugins
yes Disable PHP in ThemesAPI access
Disable XML-RPC
REST API restricted accessFile permissions:
root 755
wp-includes 775
wp-admin 775
wp-admin/js 775
wp-content 775
wp-content/themes 775
wp-content/plugins 775
wp-content/uploads 755
wp-config.php 644
.htaccess 644After further testing:
When I enable the TEST mode, with payment through WooCommerce Stripe Gateway, the payment goes through fine, Stripe gets/accepts the payment, sends the confirmation webhook and my site accepts the webhook, marking the order as completed.
However, when I switch over to LIVE mode, the the payment goes through fine, Stripe gets the payment, sends the webhook… but my site does NOT accept the webhook.
When I look into the status of webhooks in Stripe associacted with the problematic LIVE payment, I see:
charge.suceeded: Response 200 OK Request { "id": "evt_xxxxredacted-for-securityxxxx", "object": "event", "api_version": "2022-11-15", "created": 1670682299, "data": { "object": { "id": "ch_xxxxredacted-for-securityxxxx", "object": "charge", "amount": 1000, "amount_captured": 1000, "amount_refunded": 0, "application": null, "application_fee": null, "application_fee_amount": null, "balance_transaction": "xxxxredacted-for-securityxxxx", "billing_details": { "address": { "city": "xxxxredacted-for-securityxxxx", "country": "xxxxredacted-for-securityxxxx", "line1": "xxxxredacted-for-securityxxxx", "line2": null, "postal_code": "xxxxredacted-for-securityxxxx", "state": null }, "email": "xxxxredacted-for-securityxxxx", "name": "xxxxredacted-for-securityxxxx", "phone": "xxxxredacted-for-securityxxxx" }, "calculated_statement_descriptor": "xxxxredacted-for-securityxxxx", "captured": true, "created": 1670682297, "currency": "czk", "customer": "cus_xxxxredacted-for-securityxxxx", "description": "xxxxredacted-for-securityxxxx", "destination": null, "dispute": null, "disputed": false, "failure_balance_transaction": null, "failure_code": null, "failure_message": null, "fraud_details": { }, "invoice": null, "livemode": true, "metadata": { "parent_order": "1", "site_url": "https://www.mysite.com", "customer_email": "xxxxredacted-for-securityxxxx", "customer_name": "xxxxredacted-for-securityxxxx", "order_id": "7139", "payment_via": "SUMO Subscriptions", "payment_type": "recurring", "save_payment_method": "true" }, "on_behalf_of": null, "order": null, "outcome": { "network_status": "approved_by_network", "reason": null, "risk_level": "normal", "seller_message": "Payment complete.", "type": "authorized" }, "paid": true, "payment_intent": "pi_xxxxredacted-for-securityxxxx", "payment_method": "src_xxxxredacted-for-securityxxxx", "payment_method_details": { "card": { "brand": "mastercard", "checks": { "address_line1_check": "unavailable", "address_postal_code_check": "unavailable", "cvc_check": "pass" }, "country": "xxxxredacted-for-securityxxxx", "exp_month": xxxxredacted-for-securityxxxx, "exp_year": xxxxredacted-for-securityxxxx, "fingerprint": "xxxxredacted-for-securityxxxx", "funding": "credit", "installments": null, "last4": "xxxxredacted-for-securityxxxx", "mandate": null, "network": "mastercard", "three_d_secure": { "authentication_flow": "challenge", "result": "authenticated", "result_reason": null, "version": "2.1.0" }, "wallet": null }, "type": "card" }, "receipt_email": null, "receipt_number": null, "receipt_url": "https://pay.stripe.com/receipts/payment/xxxxredacted-for-securityxxxx", "refunded": false, "review": null, "shipping": null, "source": { "id": "src_xxxxredacted-for-securityxxxx", "object": "source", "amount": 1000, "client_secret": "src_client_secret_xxxxredacted-for-securityxxxx", "created": 1670682299, "currency": "czk", "flow": "redirect", "livemode": true, "metadata": { }, "owner": { "address": { "city": "xxxxredacted-for-securityxxxx", "country": "xxxxredacted-for-securityxxxx", "line1": "xxxxredacted-for-securityxxxx", "line2": null, "postal_code": "xxxxredacted-for-securityxxxx", "state": null }, "email": "xxxxredacted-for-securityxxxx", "name": "xxxxredacted-for-securityxxxx", "phone": "xxxxredacted-for-securityxxxx", "verified_address": null, "verified_email": null, "verified_name": null, "verified_phone": null }, "redirect": { "url": "stripejs://use_stripe_sdk", "return_url": "stripejs://use_stripe_sdk/return_url", "status": "not_required" }, "statement_descriptor": null, "status": "consumed", "three_d_secure": { "brand": "xxxxredacted-for-securityxxxx", "card": "xxxxredacted-for-securityxxxx", "card_automatically_updated": null, "country": "CZ", "cvc_check": "pass", "exp_month": xxxxredacted-for-securityxxxx, "exp_year": xxxxredacted-for-securityxxxx, "fingerprint": "xxxxredacted-for-securityxxxx", "funding": "credit", "last4": "xxxxredacted-for-securityxxxx", "three_d_secure": "optional", "iin": null, "authenticated": true }, "type": "three_d_secure", "usage": "single_use" }, "source_transfer": null, "statement_descriptor": "xxxxredacted-for-securityxxxx", "statement_descriptor_suffix": null, "status": "succeeded", "transfer_data": null, "transfer_group": null } }, "livemode": true, "pending_webhooks": 2, "request": { "id": null, "idempotency_key": "pi_xxxxredacted-for-securityxxxx" }, "type": "charge.succeeded" } So this is OK. But the payment_intent.succeeded throws an error: Response { "code": "internal_server_error", "message": "<p>There was a critical error on your site.</p><p><a href="https://wordpress.org/support/article/faq-troubleshooting/">Further information about solving problems with WordPress.</a></p>", "data": { "status": 500 }, "additional_errors": [ ] } Request { "id": "evt_xxxxredacted-for-securityxxxx", "object": "event", "api_version": "2022-11-15", "created": 1670682299, "data": { "object": { "id": "xxxxredacted-for-securityxxxx", "object": "payment_intent", "amount": 1000, "amount_capturable": 0, "amount_details": { "tip": { } }, "amount_received": 1000, "application": null, "application_fee_amount": null, "automatic_payment_methods": null, "canceled_at": null, "cancellation_reason": null, "capture_method": "automatic", "client_secret": "xxxxredacted-for-securityxxxx", "confirmation_method": "automatic", "created": 1670682270, "currency": "czk", "customer": "cus_xxxxredacted-for-securityxxxx", "description": "xxxxredacted-for-securityxxxx", "invoice": null, "last_payment_error": null, "livemode": true, "metadata": { "parent_order": "1", "site_url": "https://mydomain.com", "customer_email": "xxxxredacted-for-securityxxxx", "customer_name": "xxxxredacted-for-securityxxxx", "order_id": "7139", "payment_via": "SUMO Subscriptions", "payment_type": "recurring", "save_payment_method": "true" }, "next_action": null, "on_behalf_of": null, "payment_method": null, "payment_method_options": { "card": { "installments": null, "mandate_options": null, "network": null, "request_three_d_secure": "automatic" } }, "payment_method_types": [ "card" ], "processing": null, "receipt_email": null, "review": null, "setup_future_usage": "off_session", "shipping": null, "source": "src_xxxxredacted-for-securityxxxx", "statement_descriptor": "xxxxredacted-for-securityxxxx", "statement_descriptor_suffix": null, "status": "succeeded", "transfer_data": null, "transfer_group": null, "latest_charge": "ch_xxxxredacted-for-securityxxxx" } }, "livemode": true, "pending_webhooks": 2, "request": { "id": null, "idempotency_key": "xxxxredacted-for-securityxxxx" }, "type": "payment_intent.succeeded" }During this time, however, the site was fully functional.
I have repeated the attempt/live payment several times during the day, always double-checking that the site is OK, it always is… and the same happens: When in TEST mode, the payment through WooCommerce Stripe Gateway works fine.
But when in LIVE mode, the webhook is sent by Stripe, but not accepted.
Can anyone see what else to troubleshoot please? I have ripped all my hair out already…
- This reply was modified 3 years, 5 months ago by Steven Stern (sterndata).
From the WooCommerce Stripe settings
“Payments: Enabled
Payouts: Enabled
Webhooks: Enabled
The most recent live webhook, timestamped 2022-12-10 12:53:29 UTC, was processed successfully.”Could one of your support team members who can read code actually look at the error code above (initial request) and perhaps say in one line “The error says that X cannot access Y becuase of Z).
Than would be of great help in searching for the cause of the problem.
Hi,
the WooCommerce setup details are: https://pastebin.com/0BpnfEnx
The Order details are: https://snipboard.io/YAKDJb.jpg
And just to reiterate: The order is accepted by WooCommrce, Stripe accepts the payment… but then WooCommerce does not (for reasons in the error code above) accept the “paid” information from Stripe and thus never marks the order as complete (even though it has been paid.)
Thanks for looking into this.
Thanks for your fast reply.
a. The log details are already posted in the question above.
b. Which part of the WooCommerce status report do you want to see? I am not comfortable posting it as a whole publicly.
Here is some of it:
### WordPress Environment ### WordPress address (URL): https://www.mydomain.com Site address (URL): https://www.mydomain.com WC Version: 7.1.1 REST API Version: ✔ 7.1.1 WC Blocks Version: ✔ 8.7.6 Action Scheduler Version: ✔ 3.5.3 Log Directory Writable: ✔ WP Version: 6.1.1 WP Multisite: – WP Memory Limit: 256 MB WP Debug Mode: – WP Cron: ✔ Language: External object cache: – ### Server Environment ### Server Info: Apache PHP Version: 8.1.12 PHP Post Max Size: 256 MB PHP Time Limit: 120 PHP Max Input Vars: 5000 cURL Version: 7.74.0 OpenSSL/1.1.1n SUHOSIN Installed: – MySQL Version: 10.3.36-MariaDB-0+deb10u2-log Max Upload Size: 256 MB Default Timezone is UTC: ✔ fsockopen/cURL: ✔ SoapClient: ✔ DOMDocument: ✔ GZip: ✔ Multibyte String: ✔ Remote Post: ✔ Remote Get: ✔ ### Database ### WC Database Version: 7.1.1 WC Database Prefix: xxxxxxxxx_ Total Database Size: 74.00MB Database Data Size: 61.19MB Database Index Size: 12.81MB ### Security ### Secure connection (HTTPS): ✔ ### Settings ### API Enabled: – Force SSL: – Currency: XX Currency Position: right_space Thousand Separator: . Decimal Separator: , Number of Decimals: 2 Taxonomies: Product Types: external (external) grouped (grouped) simple (simple) variable (variable) ### Templates ### Archive Template: Your theme has a woocommerce.php file you will not be able to override the woocommerce/archive-product.php custom template since woocommerce.php has priority over archive-product.php. This is intended to prevent display issues. ### Action Scheduler ### Complete: 262 Oldest: 2022-11-30 16:28:55 +0100 Newest: 2022-12-08 18:04:07 +0100 Pending: 1 Oldest: 2022-12-09 15:57:40 +0100 Newest: 2022-12-09 15:57:40 +0100 ### Status report information ### Generated at: 2022-12-08 18:06:02 +01:00Thanks all! That solved the issue.
Hi @chiape,
thanks fo the reply.
Upon reading your answer and re-reading my question, I now feel that there could be two ways of understanding my question, so let me clarify:
To make the purchasing experience in my WooCommerce store as smooth as possible (the less fields they have to fill out in the checkout the better), I did not force customer to create a user account and create a password.
Instead, I have the settings of my WooCommerce store set so that it automatically creates a user account and automatically (checkmarks on both in WooCommerce settings).
And I then include this information in the email the customer gets after creating the account (the Customer new account created email). In it, I say: To log in, use XXX as your ID and YYY as your password. (Using the {user_pass} field).
This worked until WooCommerce 6.0, but now the email (unchanged) says (in the place where the password was shown before): “To get your password, click here” (and take them to the password request/reset page.
I am not trying to unhash a password the customer has created himself and show it to him again. (As you might have possibly understood from my ambiguous question.)
I am just trying to allow the customer to purchase without inputting his own password, create one for him automatically and then send it to him.
Is that still possible?
Thanks.
Great to see that the SMTP plugin has helped to identify that emails are being sent out and the problem is only with the Customer new account email… but the bad news is that that is all I can help you with (as just another user) 🙁 For further identification of the problem however, have a look if the same (fail) happens when you send out all/any of the other WooCommerce emails. If all fail, then that would give another hint at what the problem could be…
Forum: Plugins
In reply to: [Kadence WooCommerce Email Designer] New account created emailTo translate, use POEDIT, see https://translatepress.com/poedit-translate-wordpress/ for instructions.
To remove the Access your account section, toggle it (turn off) in the left columnt of Kadence WooCommerce Email Designer settings of that email.
In that case install something like FluentSMTP (there are others too) and turn on logging of emails. That way you will see what emails are actually sent out of your site and if the email you are after is actually sent at all.
In WooCommerce > settings > emails, do you have a checkmark at the New customer account created email?
Forum: Plugins
In reply to: [Kadence WooCommerce Email Designer] Template is changingI see in your initial post that the difference betweeen the two emails is in the text about the password: You are trying to give the customer their password, but he gets a link to set his password instead.
This is because there has been a change in WooCommerce 6.0 and passwords are not sent anymore.
Seee: https://wordpress.org/support/topic/password-not-shown-in-new-account-created-email/
I confirm to other readers that automatically created passwords in Customer account new emails have truly been deprecated in WooCommerce 6.0.
Since this is not good for business (many people will not go through the hoops of creating their own password to make a subsequent purchase and will go shop elsewhere… or will write customer support emails of the type “I don´t have a password, help” in masses), the question still remains if there is a way to send customers an automatically created password in the email, just like before?
I did find out the details of this change and yes, the password has been removed from the Customer new account emails from WooCommerce 6.0.
Is there a way to still give the customer an automatically created password immediately in this email… instead of making them jump through hoops?
Because if not and all customers are forced to create their own passwords, this will be a reason for many site owners slowly abandoning WooCommerce:
Forcing customers to do things they don´t want to (click on link, enter their email again, wait for the reset email, click on link, enter password, save, go to login page)… instead of just giving them the password immediately and let them log in… is bad for business.
I understand the security issues for some businesses. But there are hundreds of thousands of “simple” businesses where customers just want to jump in, buy the thing and leave.
Making them go though so many steps just to buy again (they need a password) or even log in to their purhase is killing a significant part of business.
Forum: Plugins
In reply to: [PAY by square pre WooCommerce] Jak vypnout emailovou přílohu JPG s QR kódem?VYŘEŠENO
Již jsem to vyřešil
Problémem bylo posílání emailů s pomocí FluentSMTP. Ten sice posílal samotné emaily, nepřipojoval k nim ale přílohy.
Vyměnil jsem je za za WP mail SMTP a s tím již vše funguje.
- This reply was modified 4 years, 3 months ago by prwordpressorg.
