skip to Main Content

The documentation for the Plesk API* gives the following cURL function.

function curlInit($host, $login, $password)


  $curl = curl_init();

  curl_setopt($curl, CURLOPT_URL, "https://{$host}:8443/enterprise/control/agent.php");

  curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

  curl_setopt($curl, CURLOPT_POST,           true);

  curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

  curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);

  curl_setopt($curl, CURLOPT_HTTPHEADER,

         array("HTTP_AUTH_LOGIN: {$login}",

                "HTTP_AUTH_PASSWD: {$password}",

                "HTTP_PRETTY_PRINT: TRUE",

                "Content-Type: text/xml")


  return $curl;

I have a couple of questions.

  1. I have never, anywhere else, seen HTTP headers with underscores in them. Is this an error in the documentation?

  2. What on Earth is HTTP_PRETTY_PRINT? Searching for this just brings me back to Plesk documentation. I can’t see it anywhere else.

  3. What’s the deal with using HTTP_AUTH_LOGIN and HTTP_AUTH_PASSWD instead of CURLOPT_USERPWD?

Incidentally, whatever options I try, I’m getting the following response from Plesk.

HTTP/1.1 404 Not Found
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html
Content-Length: 345
Date: Wed, 27 Jun 2012 14:58:15 GMT
Server: sw-cp-server
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<html xmlns="" xml:lang="en" lang="en">
  <title>404 - Not Found</title>
  <h1>404 - Not Found</h1>

* Parallels Plesk Panel 9.5:: API RPC Protocol Developer Guide > Client Code Samples > PHP Client Application



    1. Plesk uses its own headers. In a custom HTTP request you can add any valid headers. For example, some webservers add their own headers like ‘powered by: xxxx’, so it’s okay.
    2. The pretty print header is required for pretty XML output.
    3. The HTTP_AUTH_LOGIN header contains the panel user login name. The HTTP_AUTH_PASSWD header contains the panel user password. CURLOPT_USERPWD is not required.
    4. Try using these options:

      $ch = curl_init();
      curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
      curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
      curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
      curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
      curl_setopt($ch, CURLOPT_URL, $url);
      curl_setopt($ch, CURLOPT_ENCODING, 'UTF-8');
      curl_setopt($ch, CURLOPT_POSTFIELDS, $packet);
      curl_setopt($ch, CURLOPT_TIMEOUT, 1200); //wait 20min
      $response = curl_exec($ch);
    Login or Signup to reply.
  1. For point 4:

    404 would mean the file .../enterprise/control/agent.php has been removed from the server. Many were doing it few months ago to protect from security vulnerability before the patch has been shipped. I would recommend to check /usr/local/psa/admin/logs/httpsd_access_log file for errors and also availability of /usr/local/psa/admin/htdocs/enterprise/control/agent.php

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top