Security settings in IIS break PayPal
An interesting one that came through support the other day.
As everyone knows your sites are continually being visited by BOTs doing whatever it is their creator has designed them to do.
Normally this is fairly harmless although there are malicious BOTs out there.
What this does do however is use up your resources and this can impact your customers experience on your site.
One of our customers decided it was time to block most BOT's using the .HTACCESS file and this worked a treat.
Right up until they found that PayPal was no longer working properly for the call back after an order was made.
After a lot of debugging they finally realised that it was the changes they made to .HTACCESS that was the cause of the issue.
So the moral of this story is that you need to be VERY careful of any change you make to your site and its structure and that fixing one thing can very easily break something somewhere else.
Hope this helps anyone else who makes some changes and finds their PayPal gateway or any other gateway that uses a call back suddenly stops working.