Why API is not working?

Post Reply
User avatar
myVesta
Site Admin
Posts: 756
Joined: Fri Jun 19, 2020 9:59 am

In myVesta, API is closed by default to all, because of better security.

You have to whitelist it for desired remote IP addresses.

How to whitelist remote IP for accessing /api/

In SSH console run:

Code: Select all

mkdir -p /usr/local/vesta/conf_web
pub_ip=$(curl -s vestacp.com/what-is-my-ip/)
local_ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
echo "$pub_ip" > /usr/local/vesta/conf_web/allow_ip_for_api.conf
if [ "$pub_ip" != "$local_ip" ]; then echo "$local_ip" >> /usr/local/vesta/conf_web/allow_ip_for_api.conf; fi
echo "127.0.0.1" >> /usr/local/vesta/conf_web/allow_ip_for_api.conf
and add to /usr/local/vesta/conf_web/allow_ip_for_api.conf any other IP that should be able to access /api/ on that server.

You can add each IP per each line.

Tags:
uttkarsh
Posts: 1
Joined: Thu Jun 16, 2022 8:45 am

Hello,

I tried the above steps and my code is working just fine on my localhost, but when I upload the same code to a server on which and whitelist the server's IP the code doesn't work. The response from API is always empty. I also tried the code by uploading it to a different server then the server on which myVesta is installed but it still doesn't work and response is still empty.


Could please anyone help??
sparkzara
Posts: 15
Joined: Mon Jun 07, 2021 9:15 am

hi,
i tried above steps.
but it doesn't seem to be working.

and regarding error: I get empty response, so not sure where exactly the error is.

Code used:

Code: Select all

            $vst_hostname = env('VESTA_HOSTNAME');
            $vst_username = env('VESTA_USERNAME');
            $vst_password = env('VESTA_PASSWORD');
            $vst_returncode = 'yes';
            $vst_command = 'v-add-domain';
            $username = env('VESTA_SUBUSER');
            $domain = $request->name;
            $postvars = array(
                'user' => $vst_username,
                'password' => $vst_password,
                'returncode' => $vst_returncode,
                'cmd' => $vst_command,
                'arg1' => $username,
                'arg2' => $domain
            );
            $postdata = http_build_query($postvars);
            $curl = curl_init();
            curl_setopt($curl, CURLOPT_URL, 'https://' . $vst_hostname . ':8058/api/');
            curl_setopt($curl, CURLOPT_RETURNTRANSFER,true);
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
            curl_setopt($curl, CURLOPT_POST, true);
            curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata);
            $answer = curl_exec($curl);
            if($answer == 0) {
                return "Domain has been successfuly created\n";
            } else {
                return "Query returned error code: " .$answer. "\n";
            }
Already added API white list ips based on above post.
also changed url endpoint with secret url like
curl_setopt($curl, CURLOPT_URL, 'https://' . $vst_hostname . ':8058/api/?secret');

still no luck. anything needs to be done to get it work?
Post Reply