Jump to content

Paypal & Checkout problems. Error: Security header is not valid Se


Recommended Posts

Not sure if anyone can help out there but each time we try and process a purchase on our website, the following error message comes up on the basket page upon checkout.


The following errors were detected:

  • Error: Security header is not valid Security error

I notice there have been posts regarding this in the past but with no real answers.


Please help if you can!


Link to comment
Share on other sites

Not sure if this is part of your problem or not, but it is a good idea to make all skin template URL's relative when you use SSL. In other words, if you have something like an EXAMPLE link on your site - change the url in your code from http://EXAMPLE.xxx to //EXAMPLE.xxx.
I went through every skin template page to get rid of some security messages. But I did it so long ago I don't remember what error messages I was seeing way back when.

Link to comment
Share on other sites


I have now tested the site using Sandbox, (both on Paypal & Cubecart) and it works fine.

On reloading the Live API credentials supplied by Paypal however, we are still getting the same error code. Could something else be going on?

I have also noticed that on the plugins Paypal input page there is now an extra option by the 'Express Button Checkout Action' - "Redirect to Paypal" which was not there before.  Before I raised this error message issue the only option there was "Inline (Lightbox Overlay)". I was hoping that, as this action finally made sense, it might solve the problem but obviously not.

We have also been given an App ID from Paypal but I cannot see anywhere this needs to be input on Cubecart. Is it needed and if so, where do I input it?

Any opinions on this really frustrating problem would be gratefully accepted!



Link to comment
Share on other sites

We worked closely with PayPal to develop the inline integration. This loaded a PayPal login window over your store in a modal window without redirecting to paypal. The integration worked really well but PayPal decided to axe it. I think because if it were faked with cross site scripting it would be harder to detect by the consumer. Which ever you choose CubeCart will take the old redirect method so this setting can just be ignored. We need to remove it for the next release.

Back to the issue in hand. If sandbox works then live should too if you are 100% sure the API details are right then PayPal need to check your account is active and setup correctly.

Link to comment
Share on other sites

  • 1 month later...

Hi All
I just activated this with Paypal as well and I am also getting 

  • Error: Security header is not valid Security error

I'm on v5.2.12

We have updated all API details and confirmed with Paypal that these are correct.
We have verified under manage 3rd Party at Paypay which has verified Ezimerchant

We have check all options and treid options and still getting the error
Any Ideas

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...