News

Meet WisPanel — The next-gen control panel built for speed, security && simplicity!

Your powerful WisPanel 1.13.19 is here !

API Documentation

Integrate WisPanel with your applications using our comprehensive REST API.

API Reference

Base URL

https://your-server-ip:2083/api/v1

All API endpoints are relative to this base URL.

WordPress Toolkit

WordPress Toolkit

Base: /api/v1/wordpress. Operates on installs in the user's domains. Auth: Authorization: Bearer wsp_…

Installations — GET /api/v1/wordpress/installations

Response 200 (verified live):

[
  { "id": "wp_2f686f6d6", "domain": "wispanel123.com",
    "domain_id": 0,
    "path": "/home/wispanel/domains/wispanel123.com/public_html",
    "version": "6.9.4", "site_title": "My Site",
    "site_url": "https://wispanel123.com",
    "admin_url": "https://wispanel123.com/wp-admin/",
    "db_name": "wispanel_wispanel_g2if7lvk",
    "db_user": "wispanel_wispanel_g2if7lvk",
    "db_host": "localhost", "table_prefix": "wp_u9fh_",
    "debug": false, "multisite": false }
]

GET /wordpress/status (verified live) → { "wp_cli_available": true, "installations": [ … ] }. GET /wordpress/installation · /wordpress/install/:id/progress.

Install — POST /api/v1/wordpress/install

Request:

{ "domain": "blog.com", "path": "public_html",
  "title": "My Blog", "admin_user": "admin",
  "admin_password": "S3cure•pass", "admin_email": "[email protected]",
  "db_name": "blog_wp" }

Response 400 (verified live — empty body):

{ "success": false, "code": "VALIDATION_ERROR",
  "error": "Missing fields. Got: domain_name=\"\", path=\"\", db_name=\"\", domain=\"\"",
  "message": "…", "status": 400 }

Lifecycle / plugins / themes / cache / backup / security

POST /wordpress/clone { "source_id": "wp_…", "target_domain": "staging.blog.com" }; /core/update · /reinstall-core · /maintenance { "id": "wp_…", "enabled": true } · /search-replace { "id": "wp_…", "search": "http://", "replace": "https://" }; DELETE /wordpress/delete { "id": "wp_…" }. Admin/login POST /wordpress/admin/create · /auto-login · /password/reset. Plugins GET /wordpress/plugins; POST /wordpress/plugins/{install,activate,deactivate,update,delete} { "id": "wp_…", "plugin": "wordfence" }. Themes: same under /wordpress/themes. Cache GET /wordpress/cache; POST /wordpress/cache/{enable,disable,flush,purge}. Backup GET /wordpress/backups; POST /wordpress/backup · /restore. Security GET /wordpress/security · /verify-checksums; POST /wordpress/security/{disable-file-edit,file-protection, hide-login,toggle-debug}.

Conventions → Authentication, Error Handling.

Backup & Restore Users

Rate Limiting

API requests are limited to 60 requests per minute per API token.

  • X-RateLimit-Limit: Maximum requests per minute
  • X-RateLimit-Remaining: Remaining requests
  • X-RateLimit-Reset: Unix timestamp when limit resets