Tamper Protection

Base: /api/v1/security/module/tamper. Any auth user (own paths); admin = global. License: Pro/Enterprise.

List paths — GET /security/module/tamper/paths

Response 200 (verified live): { "data": [], "total": 0 }, or:

{ "data": [
    { "id": 1, "path": "/home/john/public_html/", "status": 1,
      "rule": "Default", "ps": "",
      "is_create": 1, "is_modify": 1, "is_unlink": 1,
      "is_rename": 1, "is_chmod": 1, "is_mkdir": 1,
      "is_rmdir": 1, "is_chown": 1, "is_link": 1,
      "black_exts": [".php", ".js", ".html"] } ],
  "total": 1 }

Create path — POST /security/module/tamper/paths

Request:

{ "path": "/home/john/public_html/",
  "is_create": 1, "is_modify": 1, "is_unlink": 1,
  "is_chmod": 1, "is_mkdir": 1, "is_rmdir": 1,
  "is_chown": 1, "is_link": 1, "black_exts": [".php"] }

1 = enforce that op. Response = the created path object (shape above). PUT /tamper/paths/:id; DELETE /tamper/paths/:id → { "success": true }; POST /tamper/paths/:id/toggle.

⚠️ A path with no path field defaults to /home/<user>/ with the Default rule — that protects the whole home. Always set path explicitly.

Logs — GET /security/module/tamper/logs

Response 200 (verified live): { "data": [], "page": 1, "total": 0 }.

Quick lock / safety / admin

POST /tamper/quick-lock-file · /quick-unlock-file · /quick-lock-dir · /quick-unlock-dir { "path": "/home/john/wp-config.php" }; POST /tamper/check-dir-safe { "path": "/home/john/public_html" }. White-lists POST | DELETE /tamper/paths/:id/{white-dirs,white-files, protected-files}. GET | POST | DELETE /tamper/temp-shutdown { "minutes": 30 }. Admin: sync-config, global-config, tampercore, process-whitelist, templates, backups, alerts.

Conventions → Authentication, Error Handling.