Payment gateway does not support IPV6


#1

Hi Everyone,

I asked the following question to our payment gateway provider for our WordPress/WooCommerce site:

“Can you please explain why this transaction declined twice. Ref 77535 Here is the WooCommerce error on my end. SecurePay payment failure: code 517 Invalid ip address: 2001:8003:f45b:6b00:74e5:86e2:9b3b:f9fa. Transaction ID: Order status changed from Pending payment to Failed. I’ve had another transactions decline because if invalid IP.”

They replied:

“This error is occurring because your system is sending a IPv6 address which the SecurePay system does not currently accept. From what I’ve been told, most IPv6 will still have an equivalent IPv4 address. When sending an IP address for the FraudGuard check, please make sure that you are submitting the IPv4 equivalent of the IP address.”

I initially thought it might be the payment gateway plugin, WordPress settings, or something to do with our hosting but I am now thinking it might be CloudFlare. Can anyone point me in the right direction?

Would CloudFlare’s Pseudo IPv4 help? I’m confused on whose IP address is the problem. Our website’s, or our customers?

Cheers,
Martyn


#2

Where did they get this address from?


#3

The address and error message was included in the transaction details on the payment gateway’s portal.


#4

My question was how they got that address in the first place. Did you configure it?


#5

No, I’m not sure. All I have done is install the plugin, and configure an API key.

Some transactions work but a couple were declined because of an invalid IP address. I’m not sure whose IP it is.


#6

It is not a Cloudflare address. Where did you get the error message?


#7

Ok, from our portal at https://www.securepay.com.au


#8

That is your domain and site? Can you post a screenshot of the error message?


#9

Here is the error at SecurePay our payment gateway.

Our domain is southernman.com.au


#10

That doesnt seem to come from your portal but is probably a message returned by your payment provider. It would be best to contact them and enquire how they got that address.


#11

Thank you, I really appreciate your advice.

It’s seems to be the customers IP if it’s not a CloudFlare or our website’s up (southernman.com.au), is this your understanding?


#12

I am afraid I cant provide any reasonably solid response with the amount of information so far, sorry. It might the customer’s, but it also might be something else. The address itself however is not registered with Cloudflare.


#13

Thanks Sandro, I’ll need to gain for information from the plugin developer and the payment gateway provide. Thanks for taking the time to help me out.


#14

Here is the response from the plugin developer: “It sounds like FraudGuard can’t accept IPv6 IP addresses. Unfortunately there isn’t always an IPv4 address equivalent, and it’s a required field to use FraudGuard. To continue using FraudGuard protection, I’d recommend asking your web host to enforce IPv4 connections for your site. By not accepting IPv6, you won’t have any customers trying to submit an IPv6 IP address.”

Is this actually enforce at the CloudFlare level?


#15

IPv6 is enabled here by default and can only be disabled via the API.

Again. This:

Is not a Cloudflare IP

% Information related to '2001:8000::/20'

% Abuse contact for '2001:8000::/20' is '[email protected]'

inet6num:       2001:8000::/20
netname:        TELSTRAINTERNET41-AU-20041202

I am not sure how those payment providers work exactly, but AFAIk the host connects to the payment service and Cloudflare dosn’t provide outbound connections by default. Therefore the payment gateway will see an IPv6 IP, if it is enabled on the origin server


#16

I am still not absolutely sure I understand the issue but it might be you have two options, you either disable IPv6 or - as you mentioned - you enable Pseudo IPv4.


#17

Thanks everyone. Cloudflare suggested to configure Pseudo IPv4 and the gateway plugin developer added support for the X-Forwarded-For header.