Cpanel API Digest

Hello every one! Let’s eat some tricks…

 

Cpanel Security token

“Security token” URLs were added in cPanel & WHM 11.25 as a security measure, and they were enabled by default in version 11.28. They help combat a common type of attack called a Cross-Site Request Forgery (XSRF).

So, what does a “security token” look like? Take, for example, this URL:

https://example.com:2087/i/love/cpanel

With security tokens enabled, this would become:

https://example.com:2087/cpsessYYYYYYY/i/love/cpanel

The token is available in the environment variable ‘cp_security_token’.

my $APIurl = "http://127.0.0.1:2087$ENV{'cp_security_token'}/xml-api/$url";

Find more information click here.

========================

 

 

 

PHP Security Sources

Founded in January 2005, the PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards.

Website Adress:

http://phpsec.org/projects/guide

 

To be continued…