Jump to content

How to disable Local API User

elonmusk
 Share

Recommended Posts

elonmusk Junior Member

elonmusk

Posted
  • Author
Posted (edited)

I have checked all admin users' logs, and nothing shows about the API log. One admin user had API access in the permission given below:

Manage API Credentials

API Access

I have turned it off.

All I see in the activity log is a Local API User.

Does restricting Api access affect billing gateways' ability to update invoices as we use their API to update the invoice? Is there any way to turn off creating users via API?

 

Edited by elonmusk
0
Link to comment
Share on other sites
elonmusk Junior Member

elonmusk

Posted
  • Author
Posted (edited)

I have deleted these clients now. I checked the logs before, and nothing was a special user created; email verification and a welcome email were there. 

it seems it is a bug in  Version 8.11.2 I have to update it first.

Edited by elonmusk
0
Link to comment
Share on other sites
  • WHMCS Support Manager
WHMCS John Senior Member

WHMCS John

Posted
  • WHMCS Support Manager
Posted

Hi @elonmusk,

The LocalAPI user is invoked locally. Ie. By a file on your website that isn't a part of the stock WHMCS software.

This will likely be an after-market customisation, perhaps something like a custom order form.

I suggest comparing your WHMCS files against the stock ones for any additionals you may have, as they could be the cause.

1
Link to comment
Share on other sites
elonmusk Junior Member

elonmusk

Posted
  • Author
Posted (edited)
1 hour ago, WHMCS John said:

Hi @elonmusk,

The LocalAPI user is invoked locally. Ie. By a file on your website that isn't a part of the stock WHMCS software.

This will likely be an after-market customisation, perhaps something like a custom order form.

I suggest comparing your WHMCS files against the stock ones for any additionals you may have, as they could be the cause.

I also suspect this. I use WS OnePage Checkout from @wsa, and they have not updated it to a new version even though it is not compatible with PHP 8. Their license server was also compromised before, and they released an update silently for the users. I have disabled the one-page cart for now. Let's see if it helps. I can share the file here if anyone can analyze the code.

 

@townhalldental06 What do you feel is necessary to give an opposing point? you just joined 40 minutes ago.

Edited by elonmusk
0
Link to comment
Share on other sites
bear Senior Member

bear

Posted
Posted
13 minutes ago, elonmusk said:

I can share the file here if anyone can analyze the code.

If it's a paid addon, it's unlikely that would be ok with the seller, though I'm sure others (and myself) would like to try and spot the issue.

1
Link to comment
Share on other sites
elonmusk Junior Member

elonmusk

Posted
  • Author
Posted

Yes, it is a paid add-on. I have also paid for the updates, but they are not updating and keep saying we are working on it. I am not sharing the license code, so files without a license code can be shared here for testing.

I also checked server access logs with the IP address used to create the user and found that the domain registration URL is showing in the logs. It does not work in PHP 8, so I was using PHP 7.4. I have also requested it many times here, but it has not been updated yet. All the IP addresses used by users have the same domain registration URL. 

 [12/Mar/2025:09:36:19 +0000] "GET /cart.php?a=add&domain=register HTTP/2" 302 0 "-" "Mozilla/5.0 (iPad; CPU OS 17_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/132.0.6834.100 Mobile/15E148 Safari/604.1"'


[12/Mar/2025:09:36:19 +0000] "GET /index.php?m=opc&domainaction=register HTTP/2" 200 13722 "-" "Mozilla/5.0 (iPad; CPU OS 17_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/132.0.6834.100 Mobile/15E148 Safari/604.1"'


 [12/Mar/2025:09:36:20 +0000] "POST /cart.php?a=add&domain=register HTTP/2" 302 0 "https://xxxx.com/cart.php?a=add&domain=register" "Mozilla/5.0 (iPad; CPU OS 17_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/132.0.6834.100 Mobile/15E148 Safari/604.1"'


 [12/Mar/2025:09:36:20 +0000] "POST /index.php?m=opc&domainaction=register HTTP/2" 200 25 "https://xxx.xom/cart.php?a=add&domain=register" "Mozilla/5.0 (iPad; CPU OS 17_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/132.0.6834.100 Mobile/15E148 Safari/604.1"'

 

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept