Payment gateways activated for WooCommerce after update

Support
#1

Hi,

After we updated 4 sites with the latest version of X (3 sites also upgraded to PRO) we noticed today that on 2 of the sites that random payment gateways had been activated.

I can’t find anything in any log files or have no clue how to figure out why this happened.

No WooCommerce files except form-coupon.php have been modified (slightly) in the child theme. As this was on our live e-commerce sites we had to deactivate the error as it caused customers not being able to complete their order if they picked the “wrong” payment option.

Any idea why this happened? How I can try to find the root cause? I feel quite lost at the moment how and why this occurred.

The sites are running on Digital Ocean (droplets) and nothing fancy. I attach the status information provided by PRO for one of the sites that had the problem.

Can it be the WooCommerce version? 3.7. I was certain that 3.7 was supported, but I’m not so sure anymore. 3.6.5 is a few months old now and doesn’t support some things we need.

Site

Site URL -
Home URL -

WordPress Environment

Version - 5.2.3
Debug is on - No
Language - sv_SE
Is Multisite - No
Memory Limit - 256M

Web Server Configuration

Software - Apache/2.4.41
PHP Version - 7.1.32
MySQL Version - 5.7.27-0ubuntu0.16.04.1-log

PHP Configuration

Post Max Size - 1024M
Time Limit - 30s
Max Upload Size - 512M

Active Theme

Name - Pro Child
Version - 3.0.2
Folder - //srv/users/serverpilot/apps/swe/public/wp-content/themes/pro-child/
Parent Theme Name - Pro
Parent Theme Version - 3.0.2
Parent Theme Folder - /srv/users/serverpilot/apps/swe/public/wp-content/themes/pro

Active Plugins

Must-Use Plugins

  • WP Migrate DB Pro Compatibility 1.1

Other Plugins

  • Gravity Forms 2.4.14
  • 404page - your smart custom 404 error page 11.0.3
  • All-in-One WP Migration Unlimited Extension 2.31
  • All-in-One WP Migration 7.7
  • BackupBuddy 8.0.0.2
  • Better Search Replace 1.3.3
  • MalCare - Pro 1.88
  • Classic Editor 1.5
  • Duplicate Post 3.2.3
  • Google Tag Manager for Wordpress 1.10.1
  • Essential Grid 2.3.3
  • Facebook for WooCommerce 1.9.15
  • FB Messenger Live Chat 1.4.10
  • FV Player 7.4.6.727
  • GDPR Cookie Compliance 2.1.6
  • Indeed Ultimate Affiliate Pro 4.5
  • Instagram Feed 1.12.2
  • Instant IDE Manager 1.6.1
  • Loco Translate 2.3.0
  • Mailchimp for WooCommerce 2.2.4
  • MC4WP: Mailchimp for WordPress 4.5.5
  • Media File Renamer (Auto Rename) 4.5.7
  • Postmark (Official) 1.11.5
  • Really Simple SSL 3.2.5
  • Redirection 4.4.1
  • Slider Revolution 6.1.2
  • ShortPixel Image Optimizer 4.14.5
  • WooCommerce Cart 1.0.2
  • Simple History 2.32
  • Simple Wp Sitemap 1.2.1
  • Tawk.to Live Chat 0.4.1
  • WooCommerce Product Feed 3.1.28
  • Woo Discount Rules 1.7.20
  • WooCommerce Admin 0.19.0
  • WooCommerce PayPal Checkout Gateway 1.6.17
  • WooCommerce Stripe Gateway 4.2.4
  • WooCommerce 3.7.0
  • Wordfence Security 7.4.0
  • Yoast SEO 12.1
  • WP GDPR Compliance 1.5.2
  • WP Migrate DB 1.0.11
#2

Hey there,

When you said that random payment gateways have been activated, did you mean they were gateways aside from what’s installed on your sites? With the site info you’ve attached, I see that only Stripe and Paypal are included. So the random gateways are those that are not on the site but have been added without your knowledge, correct?

If that is the case, I personally would find that to be alarming. You might want to consult your Digital Ocean if they find unusual activities on your site? Have you checked with the MalCare plugin if it has found vulnerabilities or even malware?

We have not experienced reports before that our themes have caused enabling of random gateways so this is sort something new.

#3

Hi @benursal!

Thx for your reply. I probably would have explained the situation better. :slight_smile:

On one site, the one that you see the details for in my initial post, a payment gateway called Klarna was installed and activated as a plugin as we’re implementing that payment option currently.´

But Klarna wasn’t activated as a payment gateway in the WooCommerce settings, anyway it “magically” showed up as an option on the checkout page after the update. I double and triple checked and I’m 100% sure it wasn’t activated in the WooCommerce settings (I cleared all caches and restarted the site without any change). The only way to get rid of it and not being available for customers was to disable the plugin.

On another site we have both the Paypal Checkout payment gateway as well as the standard Paypal gateway, only the standard Paypal was active. After (or during) the update the Paypal Checkout was activated in the WooCommerce settings.

As kind of similar things happened on two sites during the time of the update I suspect may be some compatibility issues between the latest versions of X / PRO and WooCommerce 3.7.0. But I guess it can be bad luck that the payments gateway aren’t compatible with the latest WooCommerce release.

I’ve checked the sites with MalCare (paid version), WebARX (paid version) and the free version of Wordfence and nothing seems odd, no warnings. I also checked the log files (from various sources, WP, Woo, MalCare, WebARX and DO) and cannot find any suspicios activity or even that something regarding WooCommerce payment gateways would have been changed.

So I kind of scratching my head trying to figure out how to figure out why this happened so we can prevent it from happening again. All suggestions regarding where to look, what to try is much appreciated!

I will check for the third time that no compatibility issues exists between Paypal Checkout and Klarna when running Woo 3.7.0, so I’m not looking for a solution at the wrong place. :slight_smile:

Best regards,
Daniel

#4

Hi Daniel,

Are you referring to this Klarna Checkout for Woocommerce plugin? Since this is live we might need you to setup a staging site.On this staging site, try to switch to a default theme. Check the behaviour of the plugin. It is not bundled with the theme so we cannot answer you about the behaviour of this plugin though we can try to check where this issue is coming from using the process of elimination.

Does your site server saves a regular backup? I am asking because maybe you can try to setup a copy of your site before the theme update on another staging and then we can compare the settings. I am suggesting this because we don’t know the state of your site before the update. So having 2 version the before and after update, we can check the difference.

After settings up those staging, please share site URLs and credentials inside a secure note so we can start checking. Thank you.

#5

Thx for your answer!

Klarna was one of the affected payment gateways. Why I thought it might have something to do with Pro was that it affected Paypal as well, on a different site (and on a different server + db).

I haven’t been able to reproduce this after I wrote. So I think we can close this thread and if it happens again I’ll contact support the right way. :slight_smile:

#6

You are most welcome. :slight_smile:

#7

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.