Virusdie external billing transfer API #

A complete guide of external billing transfer API for Virusdie partners.

2019-02-04

API requests format #

Send HTTPS requests to //virusdie.ru/partners-api/. A common request format is:

GET /partners-api/<method>/[?query]

Authorization #

You should use your personal API key for authorization.

It should be transfered through the cookies under the name apikey (Cookie: apikey=...).

Common response format #

In response to each request, there will be a JSON object returned along format below:

{
status:   int  Error code. More in a section [Errors],
message:  str  Error message, if any,
result:   mix  Response to the request (the format depends on the requested method),
}

The format of the .result field depends on the specific method (parameter method). See Methods List.

Errors #

The HTTP response status code will always be 200.

The error code is sent to the field .status of the result.

Value 200 means that there were no critical errors and you can process the .result field.

Otherwise (.status not a 200) you should not process the .result field.

In the .message field, a text message is sent about the error that occurred.

Methods List #

Add new web site into customer’s account #

GET /partners-api/add-site/? &domain=str

.result field value in a response #

{
  "id":      int,  // Site ID (0 on errors)
  "domain": "str"  // Domain name
}

Create the new customer #

GET /partners-api/create-user/? &login=str

.result field value in a response #

{
  "login":    "str",  // Login name of new customer
  "password": "str",  // Password for the newly registered customer (it will be omitted for existing users)
  "url":      "str",  // Direct login URL
  "expires":   int    // The expiration time of the direct login URL (UNIX timestamp)
}

The URL in the .url field will be valid until the time specified in the .expires field. You can refresh this at any time by calling the user method.

Remove customer and sites #

GET /partners-api/delete-user/? &login=str

.result field value in a response #

{
  "login":    "str",  // User login (email)
}

Delete web site from account #

GET /partners-api/delete-site/? &website=str|int

.result field value in a response #

{
  "id":      int,  // Site ID (0 on errors)
  "domain": "str"  // Domain name
}

Delete site from user’s account (not from main account) #

GET /partners-api/delete-user-site/? &website=str|int &login=str

.result field value in a response #

{
  "id":      int,  // Site ID (0 on errors)
  "domain": "str"  // Domain name
}

Add site from user’s account (not from main account) #

GET /partners-api/add-user-site/? &domain=str &login=str

.result field value in a response #

{
  "id":      int,  // Site ID (0 on errors)
  "domain": "str"  // Domain name
}

New customer registration and service order #

Register new customer/website.

GET /partners-api/activate-site/? &login=str &domain=str [&rate=int]

.result field value in a response #

{
  "login":    "str",  // Login name of new customer
  "password": "str",  // Password for the newly registered customer (it will be omitted for existing users)
  "domain":   "str",  // The domain added into the customer's website list
  "url":      "str",  // Direct login URL
  "expires":   int    // The expiration time of the direct login URL (UNIX timestamp)
}

The URL in the .url field will be valid until the time specified in the .expires field. You can refresh this at any time by calling the user method.

Enable/disable site options #

GET /partners-api/set-site-option/? &login=str &website=str|int [&sendreports=int]

.result field value in a response #

{
  "website":     "str",  // The domain name from the request
  "sendreports":  int    // sendreports status (optional)
}

Enable/disable/prolong payment plans #

GET /partners-api/update-plan/? &login=str &website=str|int &plan=int &days=int

.result field value in a response #

{
  "website": "str",  // The domain name from the request
  "plan":     int,   // The plan id from the request
  "days":     int    // Total number of days the plan expires in
}

Get the recent scan report for the site #

GET /partners-api/last-report/? &login=str &website=str|int

.result field value in a response #

{
  "statistic": {             // Report summary
    "domain": "str",         // Domain name
    "checkedbytes": int,     // Total bytes scanned
    "checkedfiles": int,     // Total files scanned
    "checkeddirs": int,      // Total directories scanned
    "detectedfiles": int,    // Total files detected
    "result": {              // Files summary
      "malicious": {         // Malicious files
        "cleaned": int,      // The number of files cleaned
        "deleted": int,      // The number of files deleted
        "notcleaned": int    // The number of not cleaned files
      },
      "suspicious": int      // The number of suspicious (doubt) files
    }
  },
  "detectedfiles": {         // The list of detected files
    "file/path/name": {      // File path name (== .name)
      "name": "str",         // File path name
      "backup": int,         // Backup ID or 0
      "time": int,           // Original file modification time
      "time2": int,          // File modification time after treatment
      "mode": int,           // File permissions (decimal)
      "size": int,           // File size
      "statustext": "str",   // The one of: "CLEANED_FILE", "NOT_CLEANED_FILE", "DELETED_FILE", "CURABLE_FILE", "INCURABLE_FILE"
      "statustext2": "str",  // Result status, the one of: "INFECTED_FILE", "SUSPICIOUS_FILE" (ignored if .statustext is CLEANED_FILE/DELETED_FILE)
      // Threats in the file:
      "infected": [ threat_id, ... ],    // Malicious threats
      "suspicious": [ threat_id, ... ],  // Suspicions (doubt)
      "incurable": [ threat_id, ... ],   // Incurable threats
      "treated": [ threat_id, ... ]      // Threats removed
    }
  },
  "blacklisted": { // Blacklists lookup results (can be null)
    "Kaspersky": { "detected":true, "result":"malware site", "detail":"" },
    ...
  },
  "externalscan": [ // Virusdie external scan results (can be null)
    ["url", threat_id, "threat_title", doubt (1/0), "code_sample_base64"],
    ...
  ]
}

Get the list of user’s sites #

GET /partners-api/site-list/? &start=int &limit=int &order=str &find=str

.result field value in a response #

{
  "start":  int,   // See &start argument
  "limit":  int,   // See &limit argument
  "order": "str",  // See &order argument
  "find":  "str",  // See &find argument
  "websites": [    // The list of user's websites
    {
      "id": int,              // Site ID
      "domain": "str",        // Domain Name
      "dateadded": int,       // Date and time the site has been added to the list (UNIX timestamp)
      "paidtodate": int,      // Paid to date along basic plan (UNIX timestamp)
      "plan": int,            // Paid plan ID
      "firewallstatus": int,  // Firewall On/Off status (1/0)
      "expertservice": int,   // The date when the expert service expires (UNIX timestamp)
      "scanperiod": int,      // Automatic scan period (seconds) (0 - disabled)
      "lastscan": int,        // Last scan date (UNIX timestamp)
      "nextscan": int,        // Next scan date (UNIX timestamp)
      "detectedfiles": int,   // Number of malicious and suspicious files found (along last scan, summary)
      "malicious": int,       // Number of malicious files found (along last scan)
      "suspicious": int,      // Number of suspicious files found (along last scan)
      "autocleanup": int,     // Automatic cleanup On/Off status (1/0)
      "extrnalscan": int,     // There are threats detected by Virusdie external scan (1/0)
      "blacklisted": int      // The domain is blacklisted by some safebrowsing services (1/0)
    },
    ...
  ]
}

Get the direct login URL for the customer #

GET /partners-api/user/? &login=str

.result field value in a response #

{
  "login":   "str",  // Login name of the customer
  "url":     "str",  // Direct login URL
  "expires":  int,   // The expiration time of the direct login URL (UNIX timestamp)
  "websites": [      // The list of user's websites
    {
      "id": int,              // Site ID
      "domain": "str",        // Domain Name
      "dateadded": int,       // Date and time the site has been added to the list (UNIX timestamp)
      "paidtodate": int,      // Paid to date along basic plan (UNIX timestamp)
      "plan": int,            // Paid plan ID
      "firewallstatus": int,  // Firewall On/Off status (1/0)
      "expertservice": int,   // The date when the expert service expires (UNIX timestamp)
      "scanperiod": int,      // Automatic scan period (seconds) (0 - disabled)
      "lastscan": int,        // Last scan date (UNIX timestamp)
      "nextscan": int,        // Next scan date (UNIX timestamp)
      "detectedfiles": int,   // Number of malicious and suspicious files found (along last scan, summary)
      "malicious": int,       // Number of malicious files found (along last scan)
      "suspicious": int,      // Number of suspicious files found (along last scan)
      "autocleanup": int,     // Automatic cleanup On/Off status (1/0)
      "extrnalscan": int,     // There are threats detected by Virusdie external scan (1/0)
      "blacklisted": int      // The domain is blacklisted by some safebrowsing services (1/0)
    },
    ...
  ]
}

The URL in the .url field will be valid until the time specified in .expires field. You should always check the URL expiration time before showing the URL to the user. You can request the new URL at any time. Any previously created URL will continue to work as expected until it will be expired.

Get list of customers #

GET /partners-api/users/? &login=str
[
	{
		"login":   "str",  // Login name of the customer
		"url":     "str",  // Direct login URL
		"expires":  int,   // The expiration time of the direct login URL (UNIX timestamp)
	},
	...
]

Download user’s synchronizaion file for Virusdie SAAS (PHP) #

If You need to connect the user’s site to Virusdie SAAS, You need to place the user’s synchronization file in the root directory of this site. This file can be downloaded from syncfile endpoint.

GET /partners-api/syncfile/? &login=str

Response #

User’s synchronizaion file contents (PHP code) will be sent in response. File name is sent in Content-Disposition HTTP header. The file must be saved under this name.

Any error will be reported via HTTP status codes (400, 404, 500).


Methods List