Why API is not working?

Post Reply
User avatar
myVesta
Site Admin
Posts: 924
Joined: Fri Jun 19, 2020 9:59 am
Has thanked: 8 times
Been thanked: 6 times

In myVesta, API is closed by default to all, because of better security.

You have to whitelist it for desired remote IP addresses.

How to whitelist remote IP for accessing /api/

In SSH console run:

Code: Select all

mkdir -p /usr/local/vesta/conf_web
pub_ip=$(curl -s vestacp.com/what-is-my-ip/)
local_ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
echo "$pub_ip" > /usr/local/vesta/conf_web/allow_ip_for_api.conf
if [ "$pub_ip" != "$local_ip" ]; then echo "$local_ip" >> /usr/local/vesta/conf_web/allow_ip_for_api.conf; fi
echo "127.0.0.1" >> /usr/local/vesta/conf_web/allow_ip_for_api.conf
and add to /usr/local/vesta/conf_web/allow_ip_for_api.conf any other IP that should be able to access /api/ on that server.

You can add each IP per each line.

Tags:
uttkarsh
Posts: 1
Joined: Thu Jun 16, 2022 8:45 am

Hello,

I tried the above steps and my code is working just fine on my localhost, but when I upload the same code to a server on which and whitelist the server's IP the code doesn't work. The response from API is always empty. I also tried the code by uploading it to a different server then the server on which myVesta is installed but it still doesn't work and response is still empty.


Could please anyone help??
sparkzara
Posts: 22
Joined: Mon Jun 07, 2021 9:15 am

hi,
i tried above steps.
but it doesn't seem to be working.

and regarding error: I get empty response, so not sure where exactly the error is.

Code used:

Code: Select all

            $vst_hostname = env('VESTA_HOSTNAME');
            $vst_username = env('VESTA_USERNAME');
            $vst_password = env('VESTA_PASSWORD');
            $vst_returncode = 'yes';
            $vst_command = 'v-add-domain';
            $username = env('VESTA_SUBUSER');
            $domain = $request->name;
            $postvars = array(
                'user' => $vst_username,
                'password' => $vst_password,
                'returncode' => $vst_returncode,
                'cmd' => $vst_command,
                'arg1' => $username,
                'arg2' => $domain
            );
            $postdata = http_build_query($postvars);
            $curl = curl_init();
            curl_setopt($curl, CURLOPT_URL, 'https://' . $vst_hostname . ':8058/api/');
            curl_setopt($curl, CURLOPT_RETURNTRANSFER,true);
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
            curl_setopt($curl, CURLOPT_POST, true);
            curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata);
            $answer = curl_exec($curl);
            if($answer == 0) {
                return "Domain has been successfuly created\n";
            } else {
                return "Query returned error code: " .$answer. "\n";
            }
Already added API white list ips based on above post.
also changed url endpoint with secret url like
curl_setopt($curl, CURLOPT_URL, 'https://' . $vst_hostname . ':8058/api/?secret');

still no luck. anything needs to be done to get it work?
Post Reply