We generally follow the web host recommendations given by WordPress.org. As they do, here’s what we recommend for running WP Simple Pay:
- PHP version 7.4 or greater
- MySQL version 5.6 or greater or MariaDB version 10.1 or greater
- HTTPS support
Stripe requires that any page hosting a live checkout form be SSL (they should start with
https://). Make sure to review Stripe’s integration security guide for details. In addition, WordPress itself strongly recommends HTTPS for all sites. You can also continue to use Test mode on non-SSL test and staging sites.
If you don’t have an SSL certificate, you can get one for as low as $10/year that meets all the necessary security standards. We like Namecheap. Many WordPress hosts offer free SSL certificates through Let’s Encrypt as well, such as WP Engine and SiteGround.
Here’s a guide to moving an existing WordPress site from HTTP to HTTPS along with installing an SSL certificate.
Finally, Stripe recommends using the SSL Server Test by Qualys SSL Labs to make sure you have everything set up in a secure way.
Excluding Confirmation Pages from Cache
Some web hosts, such as WP Engine, implement aggressive caching to boost the overall performance of your sites. In these cases, you’ll need to contact your host and let them know to exclude your payment success and failure pages (URLs) from caching. For additional details, see Troubleshooting Caching Issues.
PHP and WP Version Support
At a bare minimum, the official Stripe PHP library included in WP Simple Pay requires PHP 5.6 even in legacy environments. PHP 7.4 or higher is still strongly recommended for security and performance reasons.
We highly recommend that you keep your version of WordPress current, but we generally support a few versions back as long as the latest security patches have been applied.
Increasing the WP Memory Limit
You may experience errors or performance issues if your WP Memory Limit is set too low. By default, WordPress sets this at 40 MB, though some hosts may change this for you automatically. We recommend setting it to 256 MB or higher (whatever your host allows).
To make this change, you’ll need to edit or add this constant to your wp-config.php file.
define( 'WP_MEMORY_LIMIT', '256M' );
If needed, see how to edit your wp-config.php file.
For you’re own troubleshooting and if you need to contact support, you’ll need to have your server and hosting specifications available. To view these go to Simple Pay → System Report in your WordPress admin.
Stripe API Version
In the Developers section of your Stripe dashboard, do you see an “Upgrade Available” button? Just like WordPress itself, we recommend you keep your Stripe API version reasonably current. Stripe does not update this automatically. You must update manually.
Stripe doesn’t introduce major API changes affecting WP Simple Pay very often, and it’s usually fine to just update it once in a while. But if the Stripe API version you’re using gets too outdated, unforeseen issues may arise.
WP Simple Pay is always tested against the latest Stripe API version within a week or less of a new Stripe API update. If a WP Simple Pay update is needed, we will roll it out as soon as possible.
Although Stripe is taking care of storing all credit card data, this data is still passing through your checkout pages, so they need to adhere to the PCI-DSS (Payment Card Industry Data Security Standard). This means Stripe requires all communication to meet the TLS 1.2 standard.
Yes, that’s a few too many acronyms, but luckily you can simply download and run the TLS 1.2 Compatibility Test plugin to verify your compliance.