cancel
Showing results for 
Search instead for 
Did you mean: 

WooCommerce AIM gateway and 403 error from Authorize.net

I can no longer process cards from my site using WooCommerce Authorize.net AIM Gateway: by WooThemes / SkyVerge – 3.4.4.  I am getting a 403 permissions error, which appears to be a problem with the SSL certificate on the server. 

 

I have checked at SSL Labs and the certificate gets an A grade.

 

 https://www.ssllabs.com/ssltest/analyze.html?d=connectw.org

 

Woo says to contact Authorize.net, which I did via phone.  I was told it is a problem with my host (Siteground) and to contact them.  I contacted them and they said it's not an issue on their end and I need to talk to Woo and Authorize.

 

Can anyone tell me what may actually be wrong, who is responsible for fixing it, and what that responsible person needs to do?

 

Thanks

 

My Woo environment is as follows:


### WordPress Environment ###

Home URL: https://connectw.org
Site URL: https://connectw.org/wordpress
WC Version: 2.4.10
Log Directory Writable: ✔ /home/connec78/public_html/wordpress/wp-content/uploads/wc-logs/
WP Version: 4.3.1
WP Multisite: –
WP Memory Limit: 40 MB - We recommend setting memory to at least 64MB. See: Increasing memory allocated to PHP
WP Debug Mode: –
Language: en_US

### Server Environment ###

Server Info: Apache
PHP Version: 5.6.15
PHP Post Max Size: 128 MB
PHP Time Limit: 120
PHP Max Input Vars: 3000
SUHOSIN Installed: –
MySQL Version: 5.5.44
Max Upload Size: 128 MB
Default Timezone is UTC: ✔
fsockopen/cURL: ✔
SoapClient: ✔
DOMDocument: ✔
GZip: ✔
Remote Post: ✔
Remote Get: ✔

### Database ###

WC Database Version: 2.4.10
:
woocommerce_api_keys: ✔
woocommerce_attribute_taxonomies: ✔
woocommerce_termmeta: ✔
woocommerce_downloadable_product_permissions: ✔
woocommerce_order_items: ✔
woocommerce_order_itemmeta: ✔
woocommerce_tax_rates: ✔
woocommerce_tax_rate_locations: ✔

### Active Plugins (29) ###

Gravity Forms: by rocketgenius – 1.9.14
Hidden Comment Form: by Benedict Eastaugh – 1.1
Advanced Custom Fields: Repeater Field: by Elliot Condon – 1.1.1
Adminimize: by Frank Bültge – 1.8.5
Advanced Custom Fields Repeater Collapser: by Mark Root-Wiley – 1.4.3
Advanced Custom Fields: by Elliot Condon – 4.4.3
Advanced Post Types Order: by Nsp Code – 3.8.2
Email Address Encoder: by Till Krüss – 1.0.4
The Events Calendar PRO: by Modern Tribe
Inc. – 3.12.6

Google Analytics Dashboard for WP: by Alin Marcu – 4.8.3
Gravity Forms Constant Contact Add-On: by Katz Web Services
Inc. – 2.2.2

Paid Memberships Pro: by Stranger Studios – 1.8.6.6
PMPro Customizations: by West Hills Design – .1
PMPro Import Users from CSV: by Stranger Studios – .1
PMPro User Directory Pages: by West Hills Design – .2
Post Expirator: by Aaron Axelsen – 2.1.4
Radio Buttons for Taxonomies: by Kathy Darling – 1.7.6
Recent Posts Widget Extended: by Satrya – 0.9.9.5
Redirection: by John Godley – 2.4.3
SearchWP: by Jonathan Christopher – 2.6.1
The Events Calendar: by Modern Tribe
Inc. – 3.12.5

Types: by OnTheGoSystems – 1.8.8
User Role Editor: by Vladimir Garagulya – 4.19.3
WooCommerce Dynamic Pricing: by Lucas Stark – 2.10.5
WooCommerce Authorize.net AIM Gateway: by WooThemes / SkyVerge – 3.4.4
WooCommerce: by WooThemes – 2.4.10
WooThemes Helper: by WooThemes – 1.5.9
Yoast SEO: by Team Yoast – 2.3.5
WordPress Database Backup: by Austin Matzko – 2.3.0

### Settings ###

Force SSL: ✔
Currency: USD ($)
Currency Position: left
Thousand Separator: ,
Decimal Separator: .
Number of Decimals: 2

### API ###

API Enabled: ✔
API Version: 3.0.0

### WC Pages ###

Shop Base: #816 - /shop/
Cart: #68 - /store/cart/
Checkout: #69 - /store/checkout/
My Account: #817 - /my-account/

### Taxonomies ###

Product Types: external (external)
grouped (grouped)
simple (simple)
variable (variable)


### Theme ###

Name: ConnectW
Version: 1.0
Author URL: http://www.westhillsdesign.com/
Child Theme: ✕ – If you're modifying WooCommerce or a parent theme you didn't build personally we recommend using a child theme. See: How to create a child theme
WooCommerce Support: Not Declared

### Templates ###

Overrides: –

 

Astir
Member
9 REPLIES 9

The error in the "Order Notes" within WooCommerce is as follows:

Authorize.net AIM Payment Failed (HTTP 403: Forbidden) Order status changed from Pending Payment to Failed.

 

In the WooCommerce Logs:

 

 

 

body: <?xml version="1.0" encoding="UTF-8"?>
<createTransactionRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
<merchantAuthentication>
<name>********</name>
<transactionKey>****************</transactionKey>
</merchantAuthentication>
<refId>5611</refId>
<transactionRequest>
<transactionType>authCaptureTransaction</transactionType>
<amount>25.00</amount>
<currencyCode>USD</currencyCode>
<payment>
<creditCard>
<cardNumber>4***********6599</cardNumber>
<expirationDate>02-2018</expirationDate>
<cardCode>***</cardCode>
</creditCard>
</payment>
<solution>
<id>A1000065</id>
</solution>
<order>
<invoiceNumber>5611</invoiceNumber>
<description>ConnectW - Order 5611</description>
</order>
<lineItems>
<lineItem>
<itemId>563</itemId>
<name>November 2015 Member Meeting</name>
<description>Meal Choice: Regular</description>
<quantity>1</quantity>
<unitPrice>25.00</unitPrice>
</lineItem>
</lineItems>
<customer>
<id>1</id>
<email>--------  EDITED OUT CONTACT INFO TO POST ON AUTHORIZE.NET -------</email>
</customer>
<billTo>
--------  EDITED OUT CONTACT INFO TO POST ON AUTHORIZE.NET -------
</billTo>
<shipTo>
--------  EDITED OUT CONTACT INFO TO POST ON AUTHORIZE.NET -------
</shipTo>
<customerIP>72.0.160.147</customerIP>
<transactionSettings>
<setting>
<settingName>duplicateWindow</settingName>
<settingValue>0</settingValue>
</setting>
</transactionSettings>
</transactionRequest>
</createTransactionRequest>

duration: 0.19712s
11-11-2015 @ 15:45:29 - Response
code: 403
message: Forbidden
headers: Array
(
[server] => AkamaiGHost
[mime-version] => 1.0
[content-type] => text/html
[content-length] => 297
[expires] => Wed, 11 Nov 2015 23:45:32 GMT
[date] => Wed, 11 Nov 2015 23:45:32 GMT
[connection] => close
)

body: <HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>

You don't have permission to access "http&#58;&#47;&#47;api2&#46;authorize&#46;net&#47;xml&#47;v1&#47;request&#46;api" on this server.<P>
Reference&#32;&#35;18&#46;a781bb8&#46;1447285532&#46;18535362
</BODY>
</HTML>

11-11-2015 @ 15:45:29 - HTTP 403: Forbidden

Astir
Member

Hello @Astir

 

Checking the response, it appears you're trying to connect to a non-secure url: 

 

You don't have permission to access "http&#58;&#47;&#47;api2&#46;authorize&#46;net&#47;xml&#47;v1&#47;request&#46;api" on this server.

The API is trying to post to https:// (see uri in header section), but the reply comes from http://

 

-----------

11-11-2015 @ 15:45:29 - HTTP 403: Forbidden
11-13-2015 @ 12:45:28 - Request
method: POST
uri: https://api2.authorize.net/xml/v1/request.api
user-agent: WooCommerce-Authorize.net-AIM-Gateway/3.4.4

-----------

 

I downloaded and checked the plugin and it is indeed trying to connect securely.

 

 

From the guide at :  https://community.developer.authorize.net/t5/The-Authorize-Net-Developer-Blog/Authorize-Net-Begins-I...

 

"Your certificate store includes certificates for Root 2 - GeoTrust Global CA" 

 

Can you tell by looking at my certificate for connectw.org if that is happening?

 

 

The first few lines in the log that I missed pasting:

 


11-13-2015 @ 12:45:28 - Request
method: POST
uri: https://api2.authorize.net/xml/v1/request.api
user-agent: WooCommerce-Authorize.net-AIM-Gateway/3.4.4 (WooCommerce/2.4.10; WordPress/4.3.1)
headers: Array
(
[content-type] => application/xml
[accept] => application/xml
)

Hello @Astir

 

Please use the contact us form and provide details on the IP address of the computer you are using that is getting the access denied error.

 

Richard

Sent..

If you need the IP address of the customer, it is in the above text:

 

<customerIP>72.0.160.147</customerIP>

Note : There are probably around 8 customer IP addresses that have been refused.  None have worked since before Nov 2.

 

 

I'm getting this exact same error. Has there been a resolution to this?