B I T M I T I G A T E

Loading

Getting Started

BitMitigate's API is simply and easy to use. It is accessible via HTTPS and uses JSON to send and receive data. API keys can be instantly created and deleted from within the control panel. All of the API calls follow the same general architecture with slight changes in input data based on the action being performed.

All API calls are sent to the same URL: https://bitmitigate.com/user-panel/api.php

A post variable "apikey" must also be specified which contains an API for your account.

Additionally another POST parameter "data" must be sent which contains the action and associated input data. This parameter should be a stringified JSON value ex. { action: "get-websites"}
This an example API call in JavaScript for the "get-websites" action.

var xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function () {
	if (this.readyState == 4 && this.status == 200) {
		console.log(this.responseText);
	}
};
xhttp.open("POST", "https://bitmitigate.com/user-panel/api.php", true);
xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");

var data = {};
data.action = "get-websites";

xhttp.send("apikey=c2988a8566a0458814e591cfce2d16b4&data=" + JSON.stringify(data));

Actions

Action: get-websites

Input Parameters: none

Description: Returns a list of all the websites you have in the system.
Action: add-website

Input Parameters: websites (sub components: website (sub component: origins (sub component: origin (sub component: address, port)))

Description: Adds a website to the system
Action: remove-website

Input Parameters: wid (website ID)

Description: Removes a website from the system.
Action: add-api-key

Input Parameters: name

Description: Adds an API key to the system
Action: add-api-key

Input Parameters: kid (key ID)

Description: Removes an API key from the system
Action: get-website-data

Input Parameters: domain or wid

Description: Returns the data for a website
Action: update-website-data

Input Parameters: domain or wid, deferjavascript, hyperloader, minify, imageoptimizer, smartimages, progressiveimages, dnsprefetching, forcessl, brotli, forcehsts, defensemode, httpsrewriting, smartcaching, filecompression, developmentmode)

Description: Updates a website's settings
Action: update-page-rule

Input Parameters: domain or wid, path, browserinspection, useragentprotection, sqlinjectionprotection, httpsrewriting, corsbypass, fileinjection, ipwhitelistblacklist['type'] (None, Whitelist, Blacklist), ipwhitelistblacklist['ips']

Description: Creates a page rule if it doesn't exist, updates it if it does exist.
Action: get-locations

Input Parameters: domain or wid

Description: Gets a list of page rules for a domain.
Action: delete-location

Input Parameters: domain or wid, path

Description: Deletes a page rule.
Action: add-firewall-rule

Input Parameters: domain or wid, type (1 = Cookie, 2 = IP Address, 3 = Hostname, 4 = User Agent, 5 = Referrer), operator (1 = Equals, 2 = Does not Equal), Value

Description: Creates a firewall rule.
Action: delete-firewall-rule

Input Parameters: domain or wid, fid

Description: Deletes a firewall rule.
Action: delete-firewall-rule

Input Parameters: domain or wid

Description: Gets a list of firewall rules.
Action: get-certificate

Input Parameters: domain or wid

Description: Returns your certificate and private key.
Action: update-defense-page

Input Parameters: domain or wid, customdefensepage

Description: Updates your defense page contents
Action: upload-custom-ssl-certificate

Input Parameters: domain or wid, customsslcertificatepem, customsslkeypem

Description: Uploads a custom SSL certificate
Action: add-nws

Input Parameters: protectedip, protectedport, originip, originport

Description: Creates a new non web service
Action: add-nws

Input Parameters: sid

Description: Deletes a non web service
Action: get-nws

Input Parameters: none

Description: Returns a list of non web services