For testing on my pre-live site, I'd like to allow only my own IPs and PayPal Sandbox.
For production, I'd like to allow only PayPal to my IPN listener.
I can restrict in .htaccess to my IPs, but including paypal.com causes 403 in the IPN generator on the SandBox.
I understand this may be a security issue for PayPal, but I'd like it anyway if possible.
Best Answer
If you are testing with paypal sandbox, your .htaccess allow should look like follow
That should allow incomming connection from all machine with *.paypal.com RDNS.
You maybe missing the "dot" before paypal.
If using LiteSpeed web server try following
That is IP for ipn.sandbox.paypal.com. Also check your server log and see what IPs are being reject.