We generally follow the web host recommendations given by WordPress.org. As they do, we recommend:
- PHP version 7 or greater
- MySQL version 5.6 or greater or MariaDB version 10.0 or greater
To view your server specifications, head to Simple Pay Pro → System Report in your WordPress admin.
Stripe requires that any page hosting a live checkout form be SSL (they should start with
https://). Make sure to review Stripe’s integration security guide for details. In addition, WordPress itself strongly recommends HTTPS for all sites. You can also continue to use Test mode on non-SSL sites.
If you don’t have an SSL certificate, you can get one for as low as $10/year that meets all the necessary security standards. We like Namecheap. Some WordPress hosts offer free SSL certificates through Let’s Encrypt as well, such as WP Engine and SiteGround.
Here’s a guide to moving an existing WordPress site from HTTP to HTTPS along with installing an SSL certificate.
Finally, Stripe recommends using the SSL Server Test by Qualys SSL Labs to make sure you have everything set up in a secure way.
PHP and WP Version Support
At a bare minimum, the official Stripe PHP library included in WP Simple Pay Pro requires PHP 5.4 even in legacy environments. PHP 7.0 or higher is still strongly recommended for security and performance reasons and may be required depending on when you signed up for your Stripe account (read above).
We highly recommend that you keep your version of WordPress current, but we generally support a few versions back as long as the latest security patches have been applied.
Increasing the WP Memory Limit
You may experience errors or performance issues if your WP Memory Limit is set too low. By default, WordPress sets this at 40 MB, though some hosts may change this for you automatically. We recommend setting it to 256 MB or higher (whatever your host allows).
To make this change, you’ll need to edit or add this constant to your wp-config.php file.
define( 'WP_MEMORY_LIMIT', '256M' );
If needed, see how to edit your wp-config.php file.
Stripe API Version
When you view or change your Stripe API keys in your Stripe dashboard (found here), do you see an “Upgrade Available” button? Just like WordPress itself, we recommend you keep your active Stripe API version reasonably current. Stripe requires that you update it manually (no automatic updates done for you).
Stripe doesn’t introduce major API changes affecting WP Simple Pay Pro very often, and it’s usually fine to just update it once in a while. But if the Stripe API version you’re using gets too old, unforeseen issues may arise.
WP Simple Pay Pro is always tested against the latest Stripe API version within a week or less of a new Stripe API update. If a WP Simple Pay Pro patch is needed, we will roll it out as soon as possible.
Although Stripe is taking care of storing all credit card data, this data is still passing through your checkout pages, so they need to adhere to the PCI-DSS (Payment Card Industry Data Security Standard). This means Stripe requires all communication to meet the TLS 1.2 standard.
Yes, that’s a few too many acronyms, but luckily you can simply download and run the TLS 1.2 Compatibility Test plugin to verify your compliance.