SSH, WAF & Rate Limit
SSH, WAF & Rate Limit
Role: admin. Base: /api/v1/security/module.
Earlier docs listed
/api/v1/security/ssh/*and/api/v1/security/firewall/*— those do not exist.
SSH — GET /security/module/ssh/status
Response 200 (verified live):
{ "enabled": true, "port": 8686, "protocol": "2",
"permit_root_login": "yes", "password_auth": true,
"pubkey_auth": false, "rsa_auth": false,
"max_auth_tries": 6, "login_grace_time": 120,
"has_key": false, "key_type": "",
"fail_count": 755, "success_count": 99 }
POST /ssh/toggle { "enabled": true }; PUT /ssh/port
{ "port": 2222 }; PUT /ssh/config
{ "permit_root_login": "no", "password_auth": false };
PUT /ssh/root-password { "password": "•••" };
GET /ssh/login-logs · /ssh/login-stats. SSH key: GET /ssh/key;
POST /ssh/key/generate { "type": "rsa", "bits": 4096 };
GET /ssh/key/download; DELETE /ssh/key.
ModSecurity — GET /security/module/modsecurity/status
Response 200 (verified live):
{ "data": { "installed": true, "enabled": false,
"log_only": false, "paranoia_level": 1, "ruleset": "owasp",
"webserver": "nginx_apache", "crs_installed": true,
"crs_version": "v4.9.0", "rule_count": 672 },
"success": true }
POST /modsecurity/enable · /disable · /rules/update ·
/rules/install; GET | PUT /modsecurity/rules/custom;
PUT /modsecurity/config · /ruleset; DELETE /modsecurity/rules.
Rate Limit — GET /security/module/ratelimit/summary
Response 200 (verified live):
{ "blocks": 20, "challenges": 0,
"recent_events": [
{ "id": 136, "remote_ip": "42.96.13.67",
"endpoint": "/api/v1/auth/login-as/wispanel",
"request_count": 20, "action": "block",
"resolved": false,
"window_start": "2026-05-13T09:06:52+07:00",
"created_at": "2026-05-13T09:06:53+07:00" } ] }
GET /ratelimit/events · /ratelimit/whitelist;
POST /ratelimit/toggle { "enabled": true };
POST /ratelimit/whitelist { "ip": "203.0.113.5" };
DELETE /ratelimit/whitelist/:ip.
Conventions → Authentication, Error Handling.