Skip to main content

Automating cPanel from a Desktop Program

Comments

11 comments

  • Indinfer
    Thank you very much. This is the kind of information I am seeking. I am studying the leads. Thank you.
    0
  • Indinfer
    I construct my code based on the Secure Remote Logins documentation. Maybe I am further along, but still not there yet. Meaning: I think I should be getting a CP session token and am not, should get an "OK" but am getting "Access Denied", etc. I think I'm capturing the headers maybe both ways. To make this post okay to post publicly, I am substituting "my-website.com" "my-password", etc. for the real website domain, password, and so forth. I present my Lisp code (with a walkthrough explanation), then the headers both ways, and then all the results returned by my lisp function "login". I suspect the headers will be the most useful in your being able to tell me what I am doing wrong and am missing. The results are labeled =========== Result n ========== where n is the result number. I am abbreviating the HTML returned as the Result 1 by using <... html for cPanel logging webpage ...> instead of all the HTML code. Here it is: My Lisp Code and Walkthrough (defun login () (drakma:http-request "https://my-website.com:2083/cpanel" :parameters (list (cons "user" "my-user") (cons "pass" "my-password") (cons "hostname" "my-website.com") (cons "service" "cpanel") (cons "goto_uri" "/"))))
    "defun" says we are defining a function "login" is the name of the function "drakma" is the name of the Lisp library to compose, send, and receive HTTPS. "http-request" is the drakma function. It is doing SSL secure connection because the URL starts HTTPS instead of HTTP. Probably you can see what happens with the parameters by comparing with the headers. Because I do not specify POST, I am sending using GET method. I understand that you might not need to look at this Lisp code part. Headers Both Ways GET /cpanel?user=my-user&pass=q8C%250g!4tX&hostname=my-website.com&service=cpanel&goto_uri=%2F HTTP/1.1 Host: my-website.com:2083 User-Agent: Drakma/2.0.4 (LispWorks 7.1.0; Windows NT; Windows 10: 10.0 (build 16299) ; Drakma - A Common Lisp HTTP client) Accept: */* Connection: close HTTP/1.1 401 Access Denied Connection: close Content-Type: text/html; charset="utf-8" Date: Tue, 27 Mar 2018 20:20:38 GMT Cache-Control: no-cache, no-store, must-revalidate, private Pragma: no-cache Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: cpsession=%3aRjubuDXY5TQz7OkZ%2ce0ca8fee57083b7592ea352dc6300996; HttpOnly; path=/; port=2083; secure Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: Horde=expired; HttpOnly; domain=.my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: horde_secret_key=expired; HttpOnly; domain=.my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/horde; port=2083; secure Set-Cookie: PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: imp_key=expired; HttpOnly; domain=my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: key=expired; HttpOnly; domain=my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/3rdparty/squirrelmail/; port=2083; secure Set-Cookie: SQMSESSID=expired; HttpOnly; domain=my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure Set-Cookie: Horde=expired; HttpOnly; domain=.my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083 Set-Cookie: horde_secret_key=expired; HttpOnly; domain=.my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083 Cache-Control: no-cache, no-store, must-revalidate, private Content-Length: 28012
    Results Returned from drakma:http-request ============= Result 1 HTML of Webpage Returned ================= " <... html for cPanel loggin webpage ...> " ============= Result 2 Status Code ================= 401 ============= Result 3 Headers ================= (:)CONNECTION . "close") :)CONTENT-TYPE . "text/html; charset=\"utf-8\"") :)DATE . "Tue, 27 Mar 2018 20:20:38 GMT") :)CACHE-CONTROL . "no-cache, no-store, must-revalidate, private,no-cache, no-store, must-revalidate, private") :)PRAGMA . "no-cache") :)SET-COOKIE . "cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure,cpsession=%3aRjubuDXY5TQz7OkZ%2ce0ca8fee57083b7592ea352dc6300996; HttpOnly; path=/; port=2083; secure,roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure,roundcube_sessauth=expired; HttpOnly; domain=my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure,Horde=expired; HttpOnly; domain=.my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure,horde_secret_key=expired; HttpOnly; domain=.my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure,Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure,Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/horde; port=2083; secure,PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure,imp_key=expired; HttpOnly; domain=my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure,key=expired; HttpOnly; domain=my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/3rdparty/squirrelmail/; port=2083; secure,SQMSESSID=expired; HttpOnly; domain=my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure,Horde=expired; HttpOnly; domain=.my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083,horde_secret_key=expired; HttpOnly; domain=.my-website.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083") :)CONTENT-LENGTH . "28012")) ============= Result 4 URL ================= # ============= Result 5 Stream ================= # ============= Result 6 Must Close (T=true, nil=false) ================= T ============= Result 7 Reason Phrase ================= "Access Denied" ============= No more results ==========
    In Result 3, you see how Lisp likes to wrap everything in parenthesis. I hope you can help me understand (probably from Headers Both Ways) what cPanel's response means and what I might need to do to do the Secure Remote Login.
    0
  • Indinfer
    The forum editor gave me some unexpected bolding and converted some parentheis+characters to emoji. It's fine. Just that you should know some of my post above is not as I typed it.
    0
  • cPanelMichael
    I hope you can help me understand (probably from Headers Both Ways) what cPanel's response means and what I might need to do to do the Secure Remote Login.

    Do you notice any specific output in /usr/local/cpanel/logs/login_log when authentication fails? Thank you.
    0
  • Indinfer
    I opened File Manager. I could not follow the path you gave me exactly, maybe because I am at "Website Owner" level with just cPanel access. Or, maybe I simply did not understand. I found "logs" directory. Path is /home/my-user-name/logs/ I have these GZ compressed files: my-website.com-Mar-2018.gz my-website.com-ssl_log-Mar-2018.gz I don't see anything with "login" such as "login_log". I did download "my-website.com-ssl_log-Mar-2018.gz" and extracted the file. Just before I downloaded, I ran my program at somewhere around 8:30 PM my time. The date on the GZ compressed files is "Today 8:26 AM" about 12 hours before. Maybe the servers are in India or Singapore? Anyway, I opened the file. Here are the last few lines: 69.140.87.176 - - [27/Mar/2018:10:50:27 -0700] "GET /cpanel HTTP/1.1" 200 12517 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36" 69.140.87.176 - - [27/Mar/2018:12:36:11 -0700] "GET /cpanel HTTP/1.1" 200 12516 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36" 69.140.87.176 - - [27/Mar/2018:13:07:36 -0700] "GET /?user=someusr&pass=xxxxxxxxxxxxx&hostname=assigned-email-example.com&service=cpanel&goto_uri=%2F HTTP/1.1" 200 6860 "-" "Drakma/2.0.4 (LispWorks 7.1.0; Windows NT; Windows 10: 10.0 (build 16299) ; http://weitz.de/drakma/)" 35.162.70.167 - - [28/Mar/2018:02:19:22 -0700] "GET / HTTP/1.1" 200 2746 "-" "Magic Browser" 35.162.70.167 - - [28/Mar/2018:02:19:23 -0700] "GET / HTTP/1.1" 200 2746 "-" "Magic Browser" 173.244.48.51 - - [28/Mar/2018:02:22:48 -0700] "GET / HTTP/1.0" 200 2746 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/537.36"
    So, I don't know. I see "Drakma" in one line in the whole file. Maybe I succeeded once yesterday with a GET request? But I don't see an entry for what I just did, like a login success or fail. Am I looking in the place you intended? Seems like I should have a log to inspect that shows what I just did. But I don't know where to look.
    0
  • cPanelMichael
    Hello, Actually, /usr/local/cpanel/logs/login_log isn't a log file you have access to as a cPanel user. You can check with your web hosting provider to see if they can provide you with the specific output that appears in that log file when authentication from your application fails. Thank you.
    0
  • Indinfer
    Probably be sometime next week that I am able to check with my website hosting service, GoDaddy. I hope to post the results.
    0
  • Indinfer
    GoDaddy did not seem to be able to help me. However, I believe I got a successful login. I will share my Common Lisp answer as code with a walkthrough which I hope is suitable for those unfamiliar with Common Lisp. Then I will state what I learned. Maybe this will help others, or maybe myself if I forget how I did it. Code: (defun login-to-cpanel () (setf *login-result* (multiple-value-list (drakma:http-request "https://my-website.com:2083/login/" :method :post :cookie-jar *cookies* :parameters (list (cons "user" username) (cons "pass" password))))))
    Walkthrough: defun login-to-cpanel (): defines a function called "login-to-cpanel" that takes no parameters setf *login-result* : sets the variable *login-result* (the asterisks are part of the variable name) to the result. The result is that which is returned on the next line. multiple-value-list : a lisp function that collects the multiple values returned from the following function (drakma:http-request ...) and formats the "multiple values" into a "list of values". Lisp functions can return multiple values. But for this sample, don't need to get stuck trying to understand it. drakma:http-request : this is the Drakma-Lisp-Library function through which I am making my login-call. "Comment: This is a browser-style login. I did not figure out how to do the remote login. What I Learned: The URL was the thing that was preventing me from logging in. I needed to have "/login/" appended to the domain ("my-website.com") with port :2083 . I don't know whether this kind of URL will work for all web hosting services providing cPanel. I would appreciate a comment whether the required URL could be different for different web hosting services. --- I know I need to learn a lot more. Maybe I am doing things in a way that is contra-recommended, or maybe this kind of program login is okay. Therefore, I will appreciate comments and suggestions.
    0
  • cPanelMichael
    The URL was the thing that was preventing me from logging in. I needed to have "/login/" appended to the domain ("my-website.com") with port :2083 . I don't know whether this kind of URL will work for all web hosting services providing cPanel. I would appreciate a comment whether the required URL could be different for different web hosting services.

    Hi @Indinfer, Thank you for taking the time to share the solution. I do see other examples where appending /login/ to the URL allows the post method to work: The method you used should also work for WHM and Webmail, but let us know if you notice any further issues. Thank you.
    0
  • virtualworldGlobal
    Is there any application to connect cPanel from our Desktops ? We earlier used WHAM for some time but no clue why they closed shop...
    0

Please sign in to leave a comment.