If you get the error message “security header is not valid” when checking out at your site running Paid Memberships Pro, this is a PayPal error indicating that the API credentials are incorrect.
The list of PayPal error codes doesn’t say much on how to fix this.
What you need to do is:
- Make sure you’ve selected the correct Gateway Environment (Sandbox/Testing or Live).
- Make sure you are using the correct Account Email, API Username, API Password, and API signature for the environment you selected. (Your live and test API information will be different.)
If in the test environment, make sure that you are logged into developer.paypal.com. This shouldn’t be required anymore but is worth a shot.
- Make sure that your web server is running up to date SSL/TLS software.
- Make sure you have a Site Title set in your WP dashboard General Settings.
- Try removing any special characters from your membership level names.
That should do it!