Pull Information From Client Websites via API?

[bugmagnet]

I'm consulting for a Google Ads reseller. They use WHM and cPanel to interactively administer their client accounts. All of their client accounts use WordPress and have the Sucuri plugin installed. Sucuri stores logs in a php file in the /wp-content/uploads/sucuri/ folder. They want to be able to pull those files using a task scheduler and dump them into a database.

I didn't get very far with the Perl library -- it doesn't like Windows. I'm currently using the PHP but have tried the C# (the preferred option.)

I've worked out how to get the list of accounts from WHM. With that data I can then log into cPanel on the client sites.

What I'm trying to work out now is how to dig into the file tree on the client site. At present, even though I'm looking at the public_html folder,

    $data = $cpanel->execute_action(
       '3',
        'Fileman',
        'list_files',
        'sshostin', array(
            'dir'=>'/home/sshostin/public_html',
            'type'=>'file|dir'
        )
    );

I'm not seeing any of the WordPress folders or files.

{
  "module": "Fileman",
  "result": {
    "metadata": {
      "transformed": 1
    },
    "messages": null,
    "data": [{
        "exists": 1,
        "humansize": "4 KB",
        "fullpath": "/home/sshostin/public_html/cgi-bin",
        "file": "cgi-bin",
        "size": "4096",
        "absdir": "/home/sshostin/public_html",
        "ctime": 1512349235,
        "uid": 1059,
        "gid": 1062,
        "type": "dir",
        "nicemode": "0755",
        "mode": 16877,
        "mtime": 1512349235,
        "path": "/home/sshostin/public_html"
      }
    ],
    "errors": null,
    "status": 1,
    "warnings": null
  },
  "apiversion": 3,
  "func": "list_files"
}

Where to from here?

 

[cPAusaf]

Does the Google Ads reseller have just reseller access to WHM or full root? If it is root, they should be able to create a cron that copies all those logs files to a place of their choosing.

If it's a reseller who has it do it at the cPanel API level, then may need some more information on how the API call is being made. Feel free to open a support ticket if you would like us to take a closer look. I tried with a test WP account:

[03:40:44] [root] [~]$ uapi --user=rscdump Fileman list_files dir=public_html/tools | grep wp
      file: wp
      fullpath: /home/rscdump/public_html/tools/wp
      file: wp-admin
      fullpath: /home/rscdump/public_html/tools/wp-admin
      file: wp-content
      fullpath: /home/rscdump/public_html/tools/wp-content
      file: wp-includes
      fullpath: /home/rscdump/public_html/tools/wp-includes
      file: wp-activate.php
      fullpath: /home/rscdump/public_html/tools/wp-activate.php
      file: wp-blog-header.php
      fullpath: /home/rscdump/public_html/tools/wp-blog-header.php
      file: wp-comments-post.php
      fullpath: /home/rscdump/public_html/tools/wp-comments-post.php
      file: wp-config-sample.php
      fullpath: /home/rscdump/public_html/tools/wp-config-sample.php
      file: wp-config.php
      fullpath: /home/rscdump/public_html/tools/wp-config.php
      file: wp-cron.php
      fullpath: /home/rscdump/public_html/tools/wp-cron.php
      file: wp-links-opml.php
      fullpath: /home/rscdump/public_html/tools/wp-links-opml.php
      file: wp-load.php
      fullpath: /home/rscdump/public_html/tools/wp-load.php
      file: wp-login.php
      fullpath: /home/rscdump/public_html/tools/wp-login.php
      file: wp-mail.php
      fullpath: /home/rscdump/public_html/tools/wp-mail.php
      file: wp-settings.php
      fullpath: /home/rscdump/public_html/tools/wp-settings.php
      file: wp-signup.php
      fullpath: /home/rscdump/public_html/tools/wp-signup.php
      file: wp-trackback.php
      fullpath: /home/rscdump/public_html/tools/wp-trackback.php
      file: wptool
      fullpath: /home/rscdump/public_html/tools/wptool[code]