Page 1 of 1

Unblock API?

Posted: 06 Apr 2013, 16:11
by Chalkie
Hi there,

Is there a list of API command and connection details in order for me to create an API in my custom billing panel which will allow users to unblock themselves if they get blocked?

My main site is hosted on a different server to my main selling server.

I have tried to make heads and tails of the unblockme system for whmcs but as I'm not using WHMCS its hard to figure out.

-Chalkie

Re: Unblock API?

Posted: 06 Apr 2013, 18:04
by Chalkie
I figured it out, incase anyone else was wondering here is the link i used.

domain.tld:2087/cgi/addon_csf.cgi?action=kill&ip=XXX.XXX.XXX.XXX

-Chalkie

Re: Unblock API? grep IP, determine if blocked

Posted: 14 Oct 2013, 15:54
by we0
i've been trying to find a URL template to execute as an API and list of CSF commands usable from URLs.
i'll post what i've found here, and perhaps someone else can fill in the missing pieces to make the [font=courier]g(rep) IP[/font] URL action work.

resources/info:
http://configserver dot com/free/csf/readme.txt ----describes that the requesting IP needs to be in the file: ui.allow
shell: [font=courier]csf -help[/font] --------------- lists the commands (actions)
shell: [font=courier]csf -g 176.97.153.2[/font] -------------- shell command works to determine if an IP is in the deny table. example results below (both yes and no found)
if IP was not found,
"No matches found for 176.97.153.3 in iptables"
and "No matches found for 176.97.153.3 in ip6tables"

if IP was found:
Chain num pkts bytes target prot opt in out source destination
DENYIN 99 72 10296 DROP all -- !lo * 176.97.153.2 0.0.0.0/0
DENYOUT 99 66 16460 DROP all -- * !lo 0.0.0.0/0 176.97.153.2
ip6tables:
Chain num pkts bytes target prot opt in out source destination
No matches found for 176.97.153.2 in ip6tables
csf.deny: 176.97.153.2 # lfd: (sshd) Failed SSH login from 176.97.153.2 (GB/United Kingdom/-): 5 in the last 300 secs - Mon Oct 14 08:14:25 2013



URLs as APIs:
(note different URL path & filename from previous post)

(and once one creates the correct URL API, here's info on how to login with cURL
http://blog dot andyhunt dot info/2011/12/21/using-php-and-curl-to-log-in-to-a-website/ )


[font=courier]https://myhosting com:2087/cgi/configserver/csf.cgi?action=kill&ip=176.97.153.2

https://myhosting com:2087/cgi/configserver/csf.cgi?action=dr&ip=176.97.153.2[/font] ---- seems to be equivalent to kill (which is not listed in -help )

HOWEVER to determine from a URL (API) if an IP is blocked (in the CSF LFD deny tables),
i cannot find a URL that works, as in the [font=courier]csf -g[/font] (grep) shell command above.
[font=courier]https://myhosting com:2087/cgi/configserver/csf.cgi?action=g&ip=82.1.183.213[/font]
returns just the CSF admin web page. Note that if i intentionally mung the IP address, csf does detect that and displays an error, thus this must be the "right neighborhood" for issuing the grep command via a URL get parameter.

ANY ADVICE for making the g(rep) command action to work from a URL ???

Re: Unblock API?

Posted: 09 Aug 2015, 14:34
by ZweekoZach
Sorry to dig up an old thread, but I made some code (if you're okay with handling root passwords in PHP)

[code]
<?php
$client_ip = $_SERVER['REMOTE_ADDR'];
$server_ip = $_POST['server_ip'];
$api = curl_init();
curl_setopt($api, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($api, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($api, CURLOPT_HEADER, 0);
curl_setopt($api, CURLOPT_RETURNTRANSFER, 0);
$auth[0] = 'Authorization: Basic ' . base64_encode(sprintf("%s:%s", 'root', $_POST['root_pw'])) . "\n\r";
curl_setopt($api, CURLOPT_HTTPHEADER, $auth);
delete($_POST['root_pw']);
delete($auth);
$query = sprintf("https://%s:2087/cgi/configserver/csf.cgi?action=kill&ip=%s", $server_ip, $client_ip);
curl_setopt($api, CURLOPT_URL, $query);
$result = curl_exec($api);
curl_close($api);
print $result;
[/code]

Re: Unblock API?

Posted: 09 Aug 2015, 15:24
by we0
hi and thanks for the follow up.
this seems to be for the kill action,
i was seeking a solution for grep in order to see if an IP was blocked (i.e., in the deny list)
any advice?

Re: Unblock API?

Posted: 09 Aug 2015, 16:50
by ZweekoZach
It seems like you could just change "kill" to "g"

Re: Unblock API?

Posted: 24 Feb 2017, 08:12
by leonep
where is possible to find a guide with all actions?
thanks

Re: Unblock API?

Posted: 10 Feb 2020, 22:26
by tutume
I'm using pycpanel with is a small and simple library to work with cpanel and csf. CSF is just for very basic stuffs and the csf.

I was just looking for some way get the same result as the cli

Code: Select all

$ csf -g <ip>
.

After finding this post and doing some aditional tests, I realized that the "csf api" isn't a public api, it is just a interface for their own UI. So going to to the UI and viewing the source was the way to go.

for -g, just use grep, and probably every action you can do from the UI you can do from csf.cgi.

Regarding documentation, I doubt that they will release any documentation as I really think that it wasn't meant to be a public API.

Anyway, I hope this help others.

Cheers!