RSFirewall! blocks PayPal responses

If you are encountering this scenario, there are some solutions available in order to create an exception in the component so that the responses are allowed to pass the security filters.

The first solution is to make sure that the empty User Agents option is not select for the Deny access to the following User Agents setting (Components > RSFirewall! > Firewall Configuration > Active Scanner). The response from PayPal is sent without an User Agent or with a blank one.

Another option would be to add the IP the PayPal response is received from to the component's Safelist, but this is not such a viable solution since the response is not always received from the same IP. You can add an IP to the Safelist by going to Components > RSFirewall! > Safelist/Blocklist, clicking the New button and entering the IP in the new window.