I've just been playing with the remote API via PHP, and it's working nicely so far. But one thing I was wondering, if it's possible to restrict access to the API to just the local LAN (10.x.x.x range), as there'll be no need for external access to it outside of the cluster LAN - only our own website would ever use it - and this would improve the security.
You can set the allowed IP addresses for the API in the current ISPConfig version in the remote user settings.
Excellent. Good reason for me to perhaps be a little more diligent in keeping it all up to date, as the feature I'm looking for is already in the latest version.
