Check a URL for a High-Risk or Server Administration Path in PHP

Need to check your URL or relative path to ensure it’s not a server administration path, but don’t want to spend a ton of time testing for the vulnerability? We’ve got you covered with this quick tutorial on how you can use an API in PHP to do just that.

We will begin the process by running this command to install the SDK:

composer require cloudmersive/cloudmersive_validate_api_client

Then we can call the validation function with the following code:

require_once(__DIR__ . '/vendor/autoload.php');
// Configure API key authorization: Apikey
$config = Swagger\Client\Configuration::getDefaultConfiguration()->setApiKey('Apikey', 'YOUR_API_KEY');
$apiInstance = new Swagger\Client\Api\DomainApi(

new GuzzleHttp\Client(),
$value = "value_example"; // string | URL or relative path to check, e.g. \"/admin/login\". The input is a string so be sure to enclose it in double-quotes.
try {
$result = $apiInstance->domainIsAdminPath($value);
} catch (Exception $e) {
echo 'Exception when calling DomainApi->domainIsAdminPath: ', $e->getMessage(), PHP_EOL;

And that’s it! If you need to obtain an API key, head over to the Cloudmersive website to register for a free account; this will also provide you with access to 800 calls/month across our multitude of APIs.

There’s an API for that. Cloudmersive is a leader in Highly Scalable Cloud APIs.