Merchants and partners use PayPal’s Secure FTP Reporting/Batch Servers to systematically exchange files with PayPal. While the most common use of these servers is to retrieve daily reports, other uses include submitting and retrieving files for batch processing, creating and managing accounts, and processing disputes. In an effort to improve the reliability and security of these Secure FTP Servers, we have moved them to new IP addresses.
This change is complete as of May 12, 2016
NOTE: Depending on the client used to access PayPal’s Secure FTP server, you may be asked to manually update the host key associated with the endpoint you are accessing. For example, if you are connecting via Linux/Unix system command line either systematically or manually, you may need to update the known_hosts file by clearing out the existing entries associated with the endpoint.
The following endpoints can be used to access PayPal’s Secure FTP Reporting/Batch Servers and will be impacted by the IP address change:
On March 20, 2016, the following IP addresses were added to the DNS records for PayPal’s Secure FTP endpoints:
On April 14, 2016, the following IP addresses were removed from the DNS records for PayPal’s Secure FTP endpoints. On May 12, 2016, they were decommissioned and no longer route to PayPal’s Secure FTP servers:
If you have firewall rules allowing access to PayPal’s Secure FTP Servers based on specific IP addresses, you should also include the following IP address in your rules. This IP address is not normally in the DNS entry for the Secure FTP endpoints but may be added as needed for maintenance and disaster recovery:
What do I need to do for this change?
If your systems access the PayPal Secure FTP Reporting or Batch Server, notify your relevant technical and operations teams of the changes. Have them ensure that your connections use DNS to reference the servers. If your systems do use hardcoded IP addresses, they will need to be updated immediately.
Why does PayPal recommend DNS over hardcoding?
PayPal may move these and any other services to different IP addresses in the future. To avoid having to make manual changes, PayPal recommends the use of DNS.
Is the Sandbox Secure FTP environment getting new IP addresses?
Why am I receiving a “WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!” error message when I try to access the Secure FTP servers?
Your known_hosts file likely has an old entry for the Secure FTP endpoint to which you are trying to connect. To clear the error, remove entries from your known_hosts files for any of the Secure FTP endpoints.
For more help, go to https://www.paypal-techsupport.com.