Hi Guys,
I have a problem with the Payment Provider configuration of Paypal. I want to create IPN with my PP Account. But if i want to access my
Access Log:
The error logs are empty. I use nginx with php7 and letsencrypt.
My nginx Conf:
Greets Sp4x
I have a problem with the Payment Provider configuration of Paypal. I want to create IPN with my PP Account. But if i want to access my
payment_callback.php i get an 403 in my logs and the site isn't loading. All other php files works perfectly. Only the access to payment_callback.php is denied.Access Log:
Code:
xxx:xx:xxxx:xxxx:xxx:xxx:xxxx: - - [26/Feb/2018:22:48:44 +0000] "GET /payment_callback.php HTTP/2.0" 403 234 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"The error logs are empty. I use nginx with php7 and letsencrypt.
My nginx Conf:
Code:
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name xxxxxx
ssl on;
ssl_certificate /etc/letsencrypt/live/xxxxx/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxxxx/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/xxxxx/chain.pem;
resolver 208.67.222.222;
#aktiviert X-Frame-Options
add_header X-Frame-Options "SAMEORIGIN";
#aktiviert X-XSS-Protection
add_header x-xss-protection "1; mode=block" always;
#aktiviert X-Content-Type-Options
add_header X-Content-Type-Options "nosniff" always;
#Logging
error_log /var/log/nginx/error.log warn;
root /var/www/xf2;
index index.html index.htm index.php;
if ($ssl_protocol = "") {
return 301 https://$server_name$request_uri;
}
#location ^~ /data {
# deny all;
#}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
# snippet for updating letsencrypt certificates
include snippets/certbot-webroot.conf;
}Greets Sp4x
