This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Centinel API

Description

This package provides API for downloading the application log file, and dumping and downloading the database. It ships with authentication middleware which protects the API routes.

Centinel API is designed to work in combination with Centinel – centralized application management system for off-site database backups and application log checks.

Requirements

  • PHP 5.6+
  • WordPress 4.4+

Usage

It’s highly recommended to use this plugin only on websites that use HTTPS!

After installing the plugin, go to Settings > Centinel API Settings in your WordPress Admin zone. From there, copy privateKey, encryptionKey and routePrefix to Centinel, and you’re ready to schedule your application log checks and database backups.

Settings

  • Private Key – random string, used for authentication
  • Encryption Key – random string, used for additional security layer
  • Route Prefix – random string, prefixing the API routes
  • Log Routes Enabled – disable if you do not wish to send logs to Centinel
  • Database Routes Enabled – disable if you do not wish to send database dumps to Centinel
  • Disable Time Based Authorization – check this option in case of your server’s and Centinel’s datetime being out of sync which results in Request time mismatch or Too many API calls error
  • Zip Password – password used when zipping the database dump. Make sure to save the Zip Password so you can restore your database in case of server crash
  • Dump Folder – folder where the database dumps are going to be created. All database dumps, along with this folder, are always deleted after being sent to Centinel.
  • MySQL Settings – various database dump options

All MySQL settings are optional. If you’re developing on Windows (WAMP, for example), you may want to set your Dump Binary Path to something like 'C:\Progra~1\wamp\bin\mysql\mysql5.7.18\bin'.

Some MySQL settings will be ignored for PHP 5.6. For more details check Spatie DB Dumper v1.5.1

For details on how to use the dump options check the installed version of the package. For PHP 7 that will be Spatie DB Dumper v2.9

API Routes

  • [POST] /{routePrefix}/create-log
  • [POST] /{routePrefix}/download-log
  • [POST] /{routePrefix}/dump-database
  • [POST] /{routePrefix}/download-database

For more details check /app/Controllers/CentinelApiApiController.php controller.

Application Logs

By default, WordPress does not write any errors to the log file. To change this, you can open up wp-config.php and set the following options:
define(‘WP_DEBUG’, true);
define(‘WP_DEBUG_LOG’, true);
define(‘WP_DEBUG_DISPLAY’, false);

You can read more about these options in WordPress documentation

Database Backups

Spatie DB Dumper is used to make database dumps. MySQL is supported, and requires mysqldump utility.

Centinel API will try to zip and password protect database dumps before sending them to Centinel. In case you’re using PHP 7.2+, it will use PHP’s native ZipArchive class to zip and encrypt the database. Otherwise, it will look for 7-Zip and Zip libraries to do so. If no option is available, dumps will be sent without being zipped and password protected.

Run Check Zip Availability in Centinel API Settings to see which library is available on your server. Note that Zip encryption algorithm is much less secure than that of ZipArchive and 7-Zip. Ultimately it is up to you to decide which level of security is satisfactory. You can always opt out of backing up your database by disabling database backups in Centinel, and additionally, unchecking Database Routes Enabled in the settings.

Authentication

For details check /app/Middleware/CentinelApiAuthorizeRequest.php middleware.

License

WordPress Centinel API is open-sourced software licensed under the MIT license.

Installation

  • upload the plugin files to the /wp-content/plugins/centinel-api directory, or install the plugin through the WordPress plugins screen directly
  • activate the plugin through the ‘Plugins’ screen in WordPress

FAQ

Installation Instructions
  • upload the plugin files to the /wp-content/plugins/centinel-api directory, or install the plugin through the WordPress plugins screen directly
  • activate the plugin through the ‘Plugins’ screen in WordPress

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Centinel API” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Centinel API” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.0.0

  • Initial release