Anti-DDoS Reseller API

Complete API documentation for managing Anti-DDoS protection. Configure filters, monitor attacks, and manage protection rules.

Authentication

All API requests must include the following headers for authentication:

API Key

Your API key is provided when you become a reseller. Include it in every request:

X-API-KEY: your_key_here

API Playground

Test the API endpoints with your credentials. Enter your API key and try the requests.

API Key *

Select Endpoint

Get the list of available applications (protocols and services like Minecraft, TCP, UDP).

Request URL

GET https://api.xeniahosting.com/reseller-api/antiddos/applications

https://api.xeniahosting.com/reseller-api/antiddos/applications

API Endpoints

GET

/reseller-api/antiddos/applications

Get the list of available applications (protocols and services like Minecraft, TCP, UDP).

Example Request

curl -X GET "https://api.xeniahosting.com/reseller-api/antiddos/applications" \
  -H "Authorization: Bearer "

Example Response

{
  "status": "success",
  "data": [
    {
      "app_id": 1,
      "name": "Minecraft",
      "note": "Java Protocol",
      "protocol": "TCP"
    },
    {
      "app_id": 2,
      "name": "HTTP",
      "note": "Web Server",
      "protocol": "TCP"
    }
  ]
}

Error Codes

400Bad request

401Unauthorized - Invalid API key

429Rate limit exceeded

500Internal server error

{
  "status": "error",
  "message": "Error description"
}

GET

/reseller-api/antiddos/attacks

Get list of attacks mitigated on the service. Supports pagination and keyword search (IP address or timestamp).

Parameters

Name	Type	Required	Description
`page`	integer	Optional	Page number (default: 1, minimum: 1)
`max_view`	integer	Optional	Items per page (default: 10, max: 100, set to 0 for all)
`keyword`	string	Optional	Keyword to search with, could be an IP Address or timestamp

Example Request

curl -X GET "https://api.xeniahosting.com/reseller-api/antiddos/attacks?page=1&max_view=10&keyword=192.168.1.1" \
  -H "Authorization: Bearer "

Example Response

{
  "status": "success",
  "data": [
    {
      "attack_id": 1,
      "ip": "192.168.1.1",
      "started_at": "2025-09-06 10:23:00",
      "ended_at": "2025-09-06 10:25:00",
      "maximum_peak": "1.5 Gbps",
      "raw_maximum_peak": 187500000,
      "flags": {
        "flags": [
          "SYN_FLOOD",
          "UDP_FLOOD",
          "ICMP_FLOOD",
          "HANDSHAKE"
        ]
      }
    }
  ],
  "total_rows": 25
}

Error Codes

400Bad request

401Unauthorized - Invalid API key

429Rate limit exceeded

500Internal server error

{
  "status": "error",
  "message": "Error description"
}

GET

/reseller-api/antiddos/attacks/{attack_id}

Get detailed information about a specific attack including port breakdown.

Parameters

Name	Type	Required	Description
`attack_id`	integer	Required	Attack ID (minimum: 1)

Example Request

curl -X GET "https://api.xeniahosting.com/reseller-api/antiddos/attacks/1" \
  -H "Authorization: Bearer "

Example Response

{
  "status": "success",
  "attack_details": {
    "attack_id": 1,
    "ip": "192.168.1.1",
    "started_at": "2025-09-06 10:23:00",
    "ended_at": "2025-09-06 10:25:00",
    "maximum_peak": "1.5 Gbps",
    "flags": "SYN,ACK"
  },
  "attack_ports": [
    {
      "port": 80,
      "protocol_name": "TCP",
      "packets_peak": 1000000
    },
    {
      "port": 443,
      "protocol_name": "TCP",
      "packets_peak": 500000
    }
  ]
}

Error Codes

400Bad request

401Unauthorized - Invalid API key

404Attack not found

429Rate limit exceeded

500Internal server error

{
  "status": "error",
  "message": "Error description"
}

GET

/reseller-api/antiddos/overview

Get overview of attacks. The IP in query_ip must belong to the reseller and cannot be .0, .1, or .255.

Parameters

Name	Type	Required	Description
`overview_period`	string	Optional	Overview period (10m, 1h, 1d, 1w) - default: 10m
`query_ip`	string	Optional	Filter by IP or CIDR (optional, IPv4 format)

Example Request

curl -X GET "https://api.xeniahosting.com/reseller-api/antiddos/overview?overview_period=1h&query_ip=192.168.1.1" \
  -H "Authorization: Bearer "

Example Response

{
  "status": "success",
  "bandwidth_data": [
    {
      "time": "2025-09-06T10:23:00Z",
      "total_pass_traffic": "1.22",
      "total_drop_traffic": "0.38"
    }
  ],
  "pass_unit": "Kb",
  "drop_unit": "Kb"
}

Error Codes

400Bad request

401Unauthorized - Invalid API key

429Rate limit exceeded

500Internal server error

{
  "status": "error",
  "message": "Error description"
}

GET

/reseller-api/antiddos/prefixes

Get prefixes assigned to the reseller. Returns exactly what is in the database: subnets (e.g., 2.58.84.0/24), ranges (e.g., 38.211.244.239-254), or single IPs (e.g., 31.57.112.2).

Example Request

curl -X GET "https://api.xeniahosting.com/reseller-api/antiddos/prefixes" \
  -H "Authorization: Bearer "

Example Response

{
  "status": "success",
  "message": "Service prefixes retrieved successfully",
  "data": [
    "192.168.1.0/24",
    "10.0.0.0/8"
  ]
}

Error Codes

400Bad request

401Unauthorized - Invalid API key

429Rate limit exceeded

500Internal server error

{
  "status": "error",
  "message": "Error description"
}

GET

/reseller-api/antiddos/rules

Get list of rules. If keyword is a valid IP, it will be verified that it belongs to the reseller.

Parameters

Name	Type	Required	Description
`page`	integer	Optional	Page number (default: 1, minimum: 1)
`max_view`	integer	Optional	Items per page (default: 10, max: 100, set to 0 for all)
`keyword`	string	Optional	Keyword to search with, could be an IP Address, protocol or application name

Example Request

curl -X GET "https://api.xeniahosting.com/reseller-api/antiddos/rules?page=1&max_view=10&keyword=Minecraft" \
  -H "Authorization: Bearer "

Example Response

{
  "status": "success",
  "data": [
    {
      "rule_id": 1,
      "ip": "192.168.1.1",
      "port": 80,
      "protocol": "TCP",
      "name": "Minecraft",
      "internal_state": "working"
    }
  ],
  "total_rows": 150
}

Error Codes

400Bad request

401Unauthorized - Invalid API key

429Rate limit exceeded

500Internal server error

{
  "status": "error",
  "message": "Error description"
}

POST

/reseller-api/antiddos/rules

Create a new rule. The IP must belong to the reseller and cannot be .0, .1, or .255. Port must be between 1 and 65535. Protocol must be TCP or UDP.

Parameters

Name	Type	Required	Description
`application_id`	integer	Required	Application ID (minimum: 1)
`ip`	string	Required	IP Address (IPv4 format)
`port`	integer	Required	Port Number (1-65535)
`protocol`	string	Required	Protocol (TCP or UDP)

Example Request

curl -X POST "https://api.xeniahosting.com/reseller-api/antiddos/rules" \
  -H "Authorization: Bearer " \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "application_id=1&ip=192.168.1.1&port=25565&protocol=TCP"

Example Response

{
  "status": "success",
  "message": "Rule created successfully"
}

Error Codes

400Bad request

401Unauthorized - Invalid API key

429Rate limit exceeded

500Internal server error

{
  "status": "error",
  "message": "Error description"
}

PUT

/reseller-api/antiddos/rules/{rule_id}

Update an existing rule. If IP is modified, it must belong to the reseller and cannot be .0, .1, or .255.

Parameters

Name	Type	Required	Description
`rule_id`	integer	Required	Rule ID (minimum: 1)
`application_id`	integer	Optional	Application ID (optional, minimum: 1)
`ip`	string	Optional	IP Address (optional, IPv4 format)
`port`	integer	Optional	Port Number (optional, 1-65535)
`protocol`	string	Optional	Protocol (optional, TCP or UDP)

Example Request

curl -X PUT "https://api.xeniahosting.com/reseller-api/antiddos/rules/1" \
  -H "Authorization: Bearer " \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "port=25566&protocol=UDP"

Example Response

{
  "status": "success",
  "message": "Rule updated successfully"
}

Error Codes

400Bad request

401Unauthorized - Invalid API key

404Rule not found

429Rate limit exceeded

500Internal server error

{
  "status": "error",
  "message": "Error description"
}

DELETE

/reseller-api/antiddos/rules

Delete rules. If only IP is specified, deletes all rules for that IP. If IP, port, and protocol are specified, deletes the specific rule.

Parameters

Name	Type	Required	Description
`ip`	string	Optional	IP address to delete rules for
`port`	integer	Optional	Port number (required if IP and protocol are specified)
`protocol`	string	Optional	Protocol: TCP or UDP (required if IP and port are specified)

Example Request

curl -X DELETE "https://api.xeniahosting.com/reseller-api/antiddos/rules?ip=38.211.244.239" \
  -H "Authorization: Bearer "

Example Response

{
  "status": "success",
  "message": "Rules deleted successfully"
}

Error Codes

400Bad request

401Unauthorized - Invalid API key

403Forbidden - IP does not belong to reseller

429Rate limit exceeded

500Internal server error

{
  "status": "error",
  "message": "Error description"
}

DELETE

/reseller-api/antiddos/rules/{rule_id}

Delete a rule by ID. Verifies that the rule's IP belongs to the reseller before deleting.

Parameters

Name	Type	Required	Description
`rule_id`	integer	Required	Rule ID (minimum: 1)

Example Request

curl -X DELETE "https://api.xeniahosting.com/reseller-api/antiddos/rules/1" \
  -H "Authorization: Bearer "

Example Response

{
  "status": "success",
  "message": "Rule deleted successfully"
}

Error Codes

400Bad request

401Unauthorized - Invalid API key

404Rule not found

429Rate limit exceeded

500Internal server error

{
  "status": "error",
  "message": "Error description"
}

Code Examples

Code examples for integrating the Anti-DDoS APIs in different programming languages:

curl -X GET "https://api.xeniahosting.com/reseller-api/antiddos/applications" \
  -H "X-API-KEY: your_key_here"

Rate Limiting

APIs have rate limits to ensure stability and performance. The default limit is 100 requests per minute per API key.

200Request successful

429Rate limit exceeded - wait before making more requests

Error Handling

All error responses follow this format:

{
  "status": "error",
  "message": "Error description"
}

Support

Need help? Contact us through one of these channels:

Ticket

Open a ticket in client area

Discord

Join our Discord server

Services

Company

Support

Partners

XeniaGroup

Our Partners

Legal

Billing

Fair Usage Policy

XeniaHosting is a Hosting Provider, with locations in Italy and Netherlands.
We offer latest generation Hardware and Networks, with high level Anti-DDoS protections.

VAT: IT01849280191 - REA: CR-337979 - Social Capital €10.000
Company under management and coordination by XeniaGroup S.R.L.

VPS

Dedicated

Game Servers

Web Hosting

Infrastructure

Status

Company

Anti-DDoS Reseller API

Authentication

API Key

API Playground

Request URL

API Endpoints

Example Request

Example Response

Error Codes

Parameters

Example Request

Example Response

Error Codes

Parameters

Example Request

Example Response

Error Codes

Parameters

Example Request

Example Response

Error Codes

Example Request

Example Response

Error Codes

Parameters

Example Request

Example Response

Error Codes

Parameters

Example Request

Example Response

Error Codes

Parameters

Example Request

Example Response

Error Codes

Parameters

Example Request

Example Response

Error Codes

Parameters

Example Request

Example Response

Error Codes

Code Examples

Rate Limiting

Error Handling

Support

Services

Company

Support

Partners

Legal

© XeniaHosting 2022-2026 - All rights reserved.