Magento compliant with PayPal security changes on 2018

How to check whether my Magento  CE 1.9.3.3 is already compliant in regards to PayPal security changes on the following?
  • IPN Verification Postback to HTTPS
  • Discontinue Use of GET Method for Classic NVP/SOAP APIs

If it is not compliant, what should I change to continue using PayPal?

Here is the PayPal link:
https://www.paypal.com/hk/webapps/mpp/merchant-security-roadmap?locale.x=en_HK
Boon Chye PhangAsked:
Who is Participating?
 
btanConnect With a Mentor Exec ConsultantCommented:
For postback, it is stated in the rel notes.
https://devdocs.magento.com/guides/m1x/ce19-ee114/ce1.9_release-notes.html#ce19-1933
Support for PayPal's update to its Instant Payment Notification (IPN) server URL. PayPal provides more information about this feature in IPN Verification Postback to HTTPS Microsite. This update is essential for retaining uninterrupted service after June 30.

SUPEE-8167, an older patch that also contains this fix, was added on May 8, 2017
look out for ($postbackUrl = $this->_config->getPostbackUrl(); previously it was "...->getPaypalUrl();") in  magento\app\code\core\Mage\Paypal\Model\Ipn.php

For the SOAP API, it would be using POST already.
Magento supports two API standards, SOAP/XML-RPC and REST. Distinctive characteristics of SOAP (Simple Object Access Protocol) is that it uses XML as it's message format, and when used over HTTP it delivers data trough POST request method.
http://www.techytalk.info/magento-extension-for-logging-soap-v1-and-v2-api-requests/
0
 
Boon Chye PhangAuthor Commented:
Yes the release note stated the compliance with PayPal IPN, and the other link stated Magento uses POST method. Thanks!
0
All Courses

From novice to tech pro — start learning today.