{"id":53,"date":"2009-08-13T10:02:34","date_gmt":"2009-08-13T15:02:34","guid":{"rendered":"http:\/\/blogs.wp.stage.cpanel.net\/2009\/08\/using_whm_remote_authentication\/"},"modified":"2009-08-13T10:02:34","modified_gmt":"2009-08-13T15:02:34","slug":"using_whm_remote_authentication","status":"publish","type":"post","link":"https:\/\/devel.www.cpanel.net\/blog\/products\/using_whm_remote_authentication\/","title":{"rendered":"Using WHM remote authentication"},"content":{"rendered":"
One thing that I have noticed while working with other people developing software that interacts with WHM\u2019s XML API is that they always use basic HTTP authentication. It is okay to use basic authentication, but it is held to the same security restrictions in place for people using browsers. When working with cPanel in a remote fashion, having to work around these restrictions is unnecessary. Inside of our DNS clustering system, we developed a solution for just this problem called WHM Remote Access Keys<\/em> or \u201cWHM auth\u201d.<\/p>\n The way that WHM auth works is by passing a key inside of the HTTP headers to cpsrvd<\/em> (cPanel\u2019s HTTP daemon). Your access key can be accessed and regenerated via Setup Remote Access Keys<\/em> in WHM, or viewed via the file system at ~\/.accesshash<\/em>. These work both for root and resellers with support for cPanel users coming in the future.<\/p>\n When sending a WHM auth header to WHM, you\u2019ll need to add the following as an HTTP header: where $hash<\/em> is your access hash, stripped of all new lines.<\/p>\n When working with this functionality inside of scripts, it\u2019s generally easiest to use an HTTP library for adding these headers. For example, if you wanted to use WHM auth inside of PHP & curl, you would simply add the following to the curl object before query: Of course, not everyone wants to use PHP for handling remote interactions, and I personally would not feel proper discussing how to authenticate to WHM without talking about Perl and LWP.<\/p>\n As always with Perl, there is more than one way to do it, so we will simply discuss the most simple. When calling LWP\u2019s get function, you simply make the second argument a hash named \u201cAuthorization\u201d with a value of something similar to At this point, you can treat $response<\/em> like a normal HTTP::Response object.<\/p>\n","protected":false},"excerpt":{"rendered":" One thing that I have noticed while working with other people developing software that interacts with WHM\u2019s XML API is that they always use basic HTTP authentication. It is okay to use basic authentication, but it is held to the same security restrictions in place for people using browsers. When working with cPanel in a […]<\/p>\n","protected":false},"author":77,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[49],"tags":[341,345,317,201,309],"class_list":["post-53","post","type-post","status-publish","format-standard","hentry","category-products","tag-authentication","tag-authorization","tag-inside-cpanel","tag-whm","tag-xml-api"],"acf":[],"yoast_head":"\n
\nAuthorization: WHM $user:$hash<\/code><\/p>\n
\n$hash = \u201c81a \u2026.. 0af\u201d; # Set up the Hash
\n$hash = preg_replace(\u2018(\/r|\/n)\u2019, \u201c\u201d, $hash); # Strip newlines from the hash
\n$auth_header[0] = \u201cAuthorization: WHM $username:$hash\u201d; # set up the Header Array
\n$curl_setopt($curl, CURLOPT_HTTPHEADER, $auth_header); # tell curl to use the header array<\/code><\/p>\n
\nWHM $user:$hash. my $access_hash = \u201c81a \u2026 0af\u201d; # set up the accesshash $access_hash =~ s\/(n|r)\/\/g; # Remove newlines from the accesshash my $auth_string = \u201cWHM $user:$access_hash\u201d; # create the authentication string $response = $lwp->get( $url, Authorization => $auth_string ); # send auth header with req <\/code><\/p>\n