- PHP 100%
The account password rides in the WHM API request query string (the API token is correctly in the Authorization header, but createAccount/changePassword pass the password as a query arg), so a Guzzle exception on a WHM failure embedded the cleartext password in its message, which the module wrote to laravel.log via raw Log::error. Every Log::error 'error' context now scrubs through SecretRedactor. The ProvisioningResult::fail path was already scrubbed. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| config | ||
| resources/lang | ||
| src | ||
| .gitattributes | ||
| .gitignore | ||
| composer.json | ||
| LICENSE.md | ||
| README.md | ||
LiBilling cPanel Provisioning Module
A LiBilling server module for cPanel/WHM. Provides automated hosting account lifecycle management via the WHM JSON API, including provisioning, suspension, termination, SSO, package changes, and usage stats.
Features
- Account Lifecycle: Create, suspend, unsuspend, terminate hosting accounts
- Single Sign-On: Customer SSO to cPanel and admin impersonation via WHM
- Password Management: Change hosting account passwords
- Package Changes: Upgrade/downgrade hosting plans
- Usage Stats: Disk usage from
accountsummary - Quick Shortcuts: 8 deep links into cPanel (File Manager, Email, phpMyAdmin, etc.)
- Service Info: Control panel URL, shared IP, username, package name
- Deferred Cancellation: Optional suspend-then-delete with configurable grace period
Installation
This package is loaded as a local Composer path repository. No separate installation is needed when developing within the LiBilling monorepo.
For standalone installation:
composer require libilling/libilling-cpanel
Configuration
Publish the config file:
php artisan vendor:publish --tag=libilling-cpanel
Config Options
| Key | Env | Default | Description |
|---|---|---|---|
deferred_cancellation_enabled |
CPANEL_DEFERRED_CANCELLATION_ENABLED |
false |
Enable deferred cancellation |
deferred_cancellation_reason |
CPANEL_DEFERRED_REASON |
Deferred Account Cancellation |
Suspension reason text |
deferred_cancellation_days |
CPANEL_DEFERRED_DAYS |
30 |
Grace period before permanent deletion |
verify_ssl |
CPANEL_VERIFY_SSL |
true |
Verify SSL when connecting to WHM |
Capabilities
Declared via supports() using ModuleCapability constants:
sso: Customer single sign-on to cPanelimpersonate: Admin impersonation via WHM sessionchange_password: Password changeschange_package: Plan upgrades/downgradessuspend/unsuspend/terminate-- Account lifecycleusage_stats: Disk usage datashortcuts: 8 cPanel panel deep linksservice_info: CP URL, IP, username, packagedeferred_cancel: Present when deferred cancellation is enabled
Self-Registration
The module registers itself automatically via its service provider:
$this->app->make(ServiceProvisioningRegistry::class)
->register('cpanel', new Cpanel());
No manual wiring required -- install the package and add a server.
Dependencies
lithiumhosting/laravel-cpanel-api: WHM/cPanel JSON API client
Testing
vendor/bin/sail artisan test --filter=ModuleSystemTest
License
LiBilling is (C) Lithium Holdings, LLC. All components except for third-party modules and select packages with their own license are licensed under a Commercial License. Contact licensing@lithiumholdings.com for licensing enquiries. Any dissemination of material herein is prohibited without expressed written consent of Lithium Holdings.
This package, libilling-cpanel is licensed under The MIT License (MIT). Please see License File for more information.
Is it any good?
Yes.
When people first hear about a new product, they frequently ask if it is any good. A Hacker News user remarked:
Note to self: Starting immediately, all raganwald projects will have a "Is it any good?" section in the readme, and the answer shall be "yes.".