API interface

The AlterCPA One API function interface allows checking visits directly through filtering systems. To connect the API, go to your profile page in the system. Interaction with the service is carried out via the HTTP protocol. The request format is pure POST. The result format is JSON. There is no limit on the number of requests.

Filtering

Filtering functions allow you to check visits to your sites as quickly as possible. They are placed in a separate interface, which has the minimum response time and maximum performance.

Check the visit

URL: https://www.altercpa.one/fltr/{user}-{key}-{id}

In the function address, instead of {user} and {key}, specify the API ID and key from the profile, instead of {id} specify the identifier of the filter site you added. You can get the specific URL by clicking on the "Manual" button of the corresponding site in your your personal account.

To check your visit, you need to send a POST request to the above URL. Pass the fields of your array $_SERVER as the body of the request - we will parse them and show the response in JSON format. A successful response includes the status, action and url fields. The status field always contains the value ok. The action field of the response will contain allow or deny depending on the verification results, the url field will contain the corresponding URL. In the error response, the status field will contain error, the error code will be indicated in the error field.

The POST part of the request must be in x-www-form-urlencoded format, JSON format is not supported. We parse the following fields from the $_SERVER array:

HTTP_USER_AGENT, HTTP_ACCEPT, HTTP_ACCEPT_CHARSET, HTTP_ACCEPT_ENCODING, HTTP_ACCEPT_LANGUAGE, HTTP_AUTHORIZATION, HTTP_CACHE_CONTROL, HTTP_CONNECTION, HTTP_CONTENT_DISPOSITION, HTTP_DATE, HTTP_EXPECT, HTTP_FROM, HTTP_HOST, HTTP_IF_MATCH, HTTP_IF_MODIFIED_SINCE, HTTP_IF_NONE_MATCH, HTTP_IF_RANGE, HTTP_IF_UNMODIFIED_SINCE, HTTP_MAX_FORWARDS, HTTP_PRAGMA, HTTP_PROXY_AUTHORIZATION, HTTP_RANGE, HTTP_REFERER, HTTP_TE, HTTP_TRAILER, HTTP_TRANSFER_ENCODING, HTTP_UPGRADE, HTTP_VIA, HTTP_X_FORWARDED_FOR, REMOTE_ADDR, REMOTE_PORT, REQUEST_METHOD, REQUEST_URI, QUERY_STRING, HTTP_CF_CONNECTING_IP, HTTP_CLIENT_IP, HTTP_X_REAL_IP, HTTP_X_PURPOSE, HTTP_X_FB_HTTP_ENGINE

The result of executing the function is an associative array:

Field Description
status The result of the operation: ok in case of successful execution, error in case of an error
action Action required based on verification results:
  • allow - legitimate visit, show target site
  • deny - suspicious visit, show dummy site
url The site URL for the request depends on the results of the check.
target The URL of the target site, if available, is always shown regardless of the check results.
dummy The URL of the dummy site, if available, is always shown regardless of the check results.
error Error ID: access-denied if there is no access to the verification system, bad-request if the verification URL is incorrectly specified, bad-site if specified site not found.

An example of the implementation of sending a request:

$curl = curl_init( 'https://www.altercpa.one/fltr/123-abcd-45' );
curl_setopt( $curl, CURLOPT_POST, true );
curl_setopt( $curl, CURLOPT_POSTFIELDS, $_SERVER );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, true );
$result = curl_exec( $curl );
curl_close( $curl );
$result = $result ? json_decode( $result, true ) : [];
if ( isset( $result['action'] && $result['action'] == 'allow' ) {
    include( 'target-index.php' );
} else include( 'dummy-index.php' );

Successful server responce example:

{
   "status": "ok",
   "action": "allow",
   "url": "http://black.site/url"
}

Error response example:

{
   "status": "error",
   "error": "access-denied"
}