Day-to-day operations can present many challenges. Whether you’re wearing multiple hats within the same department or a project lead managing dozens, even hundreds of web applications – time is always the concern.
How late do I need to stay up tonight?
How much longer will this take? What did I miss?
I’ve heard this communicated a number of different ways, but the one takeaway is that leveraging APIs is invaluable to your everyday workflow when working with third-party vendors.
Benefits of Using APIs
Here are some of the benefits of using APIs:
- Automation. With APIs, computers rather than people manage the work. Agencies can also update workflows to make them quicker and more productive.
- Updates. An API allows new information generated from multiple properties to distribute across different vendors’ systems.
- Customization. Through APIs, customizing the data or content and services used the most, makes it even more invaluable.
- Adaptation. Needs change over time and APIs help make this easier. Migrations are conducted more smoothly allowing for better flexibility in transitioning to other technologies your CMS might depend on.
APIs and Website Security
It can feel like a challenge to be able to build around new content pushes (or other data changes) when you think about your website’s production needs vs. your security requirements.
Managed providers help to an extent because they alleviate the load of tasks – like updates and backups – but they may not necessarily provide a robust detection tool or the ability to adjust protection to fit your application’s needs.
However, Sucuri’s Website Security Platform has built over time APIs that can help communicate with our dashboard to accomplish just about anything you require it to as events like the following occur:
- New remote developer joins team: new trusted IP to grant access to systems.
- Notice of unusual behavior: plugin alerts to an IP attempt brute force breaches.
- Content changes to the site: ensure existing caching layers are purged in order.
Here are some examples of our most popular API tools being used by developers and systems architects alike for events like these, respectively, and many others:
1- Whitelist New Trusted IP
It whitelists your current IP address (or another defined IP address) so it won’t be blocked by some of our security rules. It will also have access to your admin panels if you have it restricted to only trusted IP addresses on our security settings. Here’s an example:
curl 'https://waf.sucuri.net/api?v2' --data 'k=API_KEY' --data 's=API_SECRET' --data 'a=whitelist_ip' --data 'ip=IP_ADDRESS'
2- Update Firewall Settings
You can use our API to directly change your account settings. Below are a few examples, but there are many more options in your dashboard.
3- Clear Cache from Sucuri’s CDN
This option can be used to clear the Sucuri Website Firewall cache after any website changes have been made. This will reflect live as soon as you call it. Here is an example:
curl 'https://waf.sucuri.net/api?v2' --data 'k=API_KEY' --data 's=API_SECRET' --data 'a=clear_cache'
4- Add/Remove Sites from Monitoring
You can also streamline being able to add/remove a site from our automated monitoring. You have to use the “add” or “delete” action in the API url, along with the hostname. Here is an example of adding it to our platform:
$ curl -q "https://monitor00.sucuri.net/api.php?k=1a2bc34d5e6f7g&a=add&host=www.google.com" .. OK: Added: http://google.com
If you’re a host or managed provider that thrives on API usage, we’d be happy to discuss the other type of opportunities you can take advantage through our Partner program.
*** This is a Security Bloggers Network syndicated blog from Sucuri Blog authored by Victor Santoyo. Read the original post at: https://blog.sucuri.net/2018/06/how-apis-can-streamline-your-operations.html