All problems (or almost all problems), have a solution, here is a small collection of problems and how to solve them. This is a compilation of problems for both the Redsys Plugin on WordPress.org and the Premium Plugin you can buy from WooCommerce
If you can’t find the solution to your problem and are using the WordPress.org Plugin, check the forums or open a new thread on WordPress.org.
If you are using the premium Plugin and have an up-to-date license, open a ticket on WooCommerce.com. You must select the Redsys Plugin from the drop-down menu to get it to me directly.
On both sites you can write directly in English since I provide the support myself.
▼ ¿Cómo abrir un ticket de soporte en WooCommerce.com?
▼ Tarjeta de crédito que debes utilizar para las pruebas en Redsys
You will find this information in the welcome email you should have received, but you can use this data without any problems:
Card number: 4918019199883839
Expirydate:
12/32
CVV2 code: 123
To force a card error in the tests, you can use this one:
Card number: 4907271141151707
Expiration: 12/32
Remember that Redsys always asks you to have at least one correct order without errors, and then force a mistake to also be communicated to the trade.
For BIZUM you can use these data, but some banks always return errors after entering the data correctly.
Bizum phone:
700000000Bizumkey:
1234SMScode:
12345678
That the cost of the order to perform the tests is low, less than 10 I usually create a 1 euro product to make sure it works in tests.
▼ ¿Funciona el plugin de Redsys de WooCommerce.com en WordPress.com?
Yes, it does work, there are already many customers who are using it on WordPress.com without any problems. If for some reason orders are not marked as paid, or you get an error 500, you should contact WordPress.com support and access a live chat at https://wordpress.com/help/contact (especially the Live Chat, don’t go to the forums) and tell them you get an error 500 at https://tusitio.com/?wc-api=WC_Gateway_redsys or https://tusitio.wpcomstaging.com/?wc-api=WC_Gateway_redsys.
They’ll fix it for you to function. That happens because of security measures implemented, but since it is a plugin recognized and audited by Automattic (owners of WordPress.com and WooCommerce) through WooCommerce.com, they will make it work without problems, if it doesn’t work from the beginning.
▼ ¿Cómo debo configurar Redsys?
Just make sure that Redsys has it configured as in the following screenshot.

Online notifications: (HTTP + Email Commerce) –> Email
EntitySynchronization: SynchroURL
OK: NadaURL
KO: NothingSend
parameters in URLs: NO
▼ Extensión de PHP mcrypt_encrypt() para PHP igual o inferior a 5.6
In order to send data to Redsys correctly in PHP 5.6 or lower, it is necessary that the hosting you contract has the PHP extension mcrypt_encrypt() installed and activated. If it is not, you will not be able to use Redsys. So make sure your hosting has it installed and if it doesn’t, ask it to install it on the server and activate it in php.ini
▼ Extensión de PHP encrypt_3DES() para PHP igual o superior a 7.0
In order to send data to Redsys correctly in PHP 7.0 or higher, it is necessary that the hosting you contract has the PHP extension encrypt_3DES() installed and activated. If it is not, you will not be able to use Redsys. So make sure your hosting has it installed and if it doesn’t, ask it to install it on the server and activate it in php.ini
▼ Los pedidos se quedan a la espera de pago en WooCommerce (NO utilizo CloudFlare)
This is by far the biggest problem that exists in WooCommerce with Redsys.
The reasons for an order not being marked as paid can be several.
As a rule, this is because a security certificate is used that is not compatible with Redsys, for example, Let’s Encrypt, Comodo and others.
The way to solve this is to mark in the plugin configuration the compatibility with SNI certificates.
If your hosting forces the redirection of all requests to HTTPS, you should also disable this forced redirection.
If you use a plugin such as Really Simple SSL, you should enable forced redirection via the .htaccess file, disable redirection via WordPress, and finally, disable it from making any further changes to the htaccess file.

Once we have everything configured, we must add the following line in the code added by Simple SSL or the plugin we use:
RewriteCond %{QUERY_STRING} !^wc-api=WC_Gateway_(.*)redsys
Whether we have a code added by another plugin or not, we should have this code in the htaccess file. If you have any other redirection code, delete it.
The following code is for both the WordPress.org Plugin and the WooCommerce.com Premium. Add an exception for all payment options that the premium plugin adds.
# REDIRECTION
CERTIFIEDSSL REDSYS BY JOSE CONTI V.2.0RewriteEngine
onRewriteCond
%{QUERY_STRING} !^wc-api=WC_Gateway_(.*)redsysRewriteCond
%{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# END REDIRECT SSL REDSYS CERTIFICATE BY JOSE CONTI V.2.0
Another possibility is that the firewall, either of the server or of a plugin we use, for example the AllIn One SEO Pack anti-bot, is blocking Redsys’ IP. We must check that none of the IPs blocked by the firewall belong to Redsys. In the case of the All In One SEO Pack, disable the Anti Bots protection, as there is no way to add exceptions and it will always block you to Redsys.
Finally, we have not correctly configured Redsys and we do not have active HTTP notification and we only have active email notification. Go to Redsys and check that the notifications to the site are correctly configured. HTTP notification must be selected, either alone or together with email notification.
▼ Los pedidos quedan a la espera en WooCommerce y utilizo iThemes Security
It is very simple what to do.
First, go to Security > Settings > Banned Users

We’ll have to disable “Enable HackRepair.com’s blacklist feature”

If you have active System Tweaks, access it.

Once you’re in, look for “Filter Long URL Strings” and make sure it’s turned off.

Note that I have also marked Suspicius Query String. There are times when this setting can interfere and cause orders not to be marked as paid.
Once you have made these checks, you can try again if you don’t have any of the other reasons why an order is not marked as paid (Let’sEncrypt and CloudFlare) which is the case, keep looking at how to fix it.
▼ Los pedidos se quedan a la espera de pago en WooCommerce (utilizo CloudFlare)
You should go to the Firewall tab on CloudFlare, where we will prevent CloudFlare from confusing Redsys’ notification to our site as a malicious bot. Inside the Firewall tab, we will access the “Tools” submenu
In the submenu Tools, we will have to add the following
: In “Enter an IP”, we will put“
195.76.9.0/24“, in the
drop-down list we will select “whitelist”, in the following drop-down list we will select if we want it for the active site, or for all that we have, and finally, we will be able to put a note to it, or to press directly “Add
Once you have added the above range of IPs, repeat the action, but with this other range “193.16.243.0/24“
And again with this other range “194,224,159,0/24”
Once added, it should look like this (plus the second rank).

▼ He activado el pago por referencia, pago con un clic o tokenización y no funciona
Firstly, your bank must have activated the payment by reference, if they do not activate it you will not be able to use it. On the other hand, due to the characteristics of WooCommerce, it is necessary for Redsys to send several data. If you don’t do this, the one-click payment will not work, and orders will not be marked as paid. In some cases, errors of 500 could even occur. Without those fields, the tokenization does not work on WooCommerce. So even though the tokens are not really necessary for the use of the tokens, they are necessary for the use of WooCommerce, since it makes use of them. Without them, it simply cannot work.
In order for the one-click payment to work properly, you must first ask for it to be activated. Secondly, you must ask for the following data to be sent to you in the callback that Redsys will make to confirm the payment.
– Ds_Card_Brand-
Ds_ExpiryDate-
Ds_Card_Number
If any of the above fields are not sent, it will happen that the orders will not be marked as paid, the 1-click payment will not work and the plugin will send the installation administrator an email warning of this problem.
Without the above data, WooCommerce will not be able to save the card brand, the numerical termination of the card and the expiration date, and therefore will not save the token. There is even another reason why they should be sent, namely that the customer knows which card is saved thanks to the brand and the numeric termination.

Note the above screenshot that puts Visa ending in 004 12/20
This is mounted via the fields that Redsys must send. If you do not submit it, WooCommerce will not be able to mount this page, and therefore will not accept the token submitted by Redsys.
▼ Pago con un clic sin salir de la página web
To be able to use this option, you must first have 1-click payment enabled in Redsys and in the plugin. Please note that all fields must be sent to you as explained in the previous point.
The second thing you must have active at Redsys, is that the terminal is not secure. If the terminal is not secure, the one-click payment will not work without leaving the website.
▼ Utilizo Booking y no se envían emails de confirmación
If you use WooCommerce.com Booking and no emails are sent after payment, make sure in wp-admin > Booking > Settings > Calendar Connection that the connection is active in case you have configured it. If the connection has been requested, there will be a fatal error at the time of payment, and the emailing process will not be performed.
▼ Las Preautorizaciones no me funcionan
Pre-authorizations must be activated by Redsys. So first make sure they have them active.
Make sure that normal transactions (charge at time) are marked as paid in WooCommerce.
If preauthorizations do not work for you, you should ask Redsys to activate them.
▼ ¿Qué necesito para realizar suscripciones con el plugin premium de Redsys
To make the subscriptions you need a number of things.
- You need the Redsys plugin from WooCommerce.com
- You need the WooCommerce Subscriptionsplugin
- You need to have activated in your terminal the payment by reference (payment by tokenization), and comply with what was explained in “I have activated the payment by reference, payment by a click or tokenization and it does not work”
- The terminal you use must be activated as unsafe, or it will not work.
▼ No me funcionan las suscripciones con el plugin WooCommerce Subscriptions
- Make sure everything is in the latest version that the Redsys plugin of WooCommerce.com is equal or higher than version 5..0.0.
- To rule out any previous issues, first try making a normal one-click purchase without payment. Disable. If you go through Redsys and payments are marked as paid, continue, if not, review the other points in the FAQ or open a ticket on WooCommerce.com to help you solve it.
- If in the previous point the orders are marked as paid, activate the one-click payment.
- If the order is marked as paid in the previous point, activate the one-click payment without leaving the page.
- If the previous point is marked as paid, make the payment with the subscription.
- If any of the above fails and you do not see the solution, contact me through WooCommerce.com opening a ticket for the plugin. As a general rule I will answer you very quickly.
▼ ¿Cómo utilizo el filtro redsys_modify_data_to_send?
Before creating the Redsys submission form, this filter is executed in the case that we are using it.
All we have to do is use the data we want to make the changes.
Example:
▼ Antes utilizabas el plugin de modulosdepago.es y ahora no te funciona Subscriptions o el pago con 1 clic
This is a very common error, and it is because of the way the modulosdepago.es plugnin handles tokens, it is simply not the right one within WooCommerce since they do not use the tokenization API.
Here you can find a post where I explain how to fix this.