wevads-platform/scripts/api-security-check.php

<?php
header('Content-Type: application/json');
header('Cache-Control: no-cache');

$currentIP = $_SERVER['HTTP_X_FORWARDED_FOR'] ?? $_SERVER['HTTP_X_REAL_IP'] ?? $_SERVER['REMOTE_ADDR'] ?? 'unknown';
if (strpos($currentIP, ',') !== false) {
    $currentIP = trim(explode(',', $currentIP)[0]);
}

// Charger whitelist depuis fichier config
$configFile = '/opt/wevads/config/ip-whitelist.json';
$whitelistedIPs = [];

if (file_exists($configFile)) {
    $config = json_decode(file_get_contents($configFile), true);
    if (isset($config['whitelisted_ips'])) {
        foreach ($config['whitelisted_ips'] as $entry) {
            $whitelistedIPs[] = $entry['ip'];
        }
    }
}

// Check si whitelistée
$isWhitelisted = in_array($currentIP, $whitelistedIPs);

if ($isWhitelisted) {
    $status = 'secure';
    $msg = 'Whitelisted IP';
} else {
    $status = 'warning';
    $msg = 'Unknown IP!';
}

echo json_encode(['status' => $status, 'message' => $msg, 'ip' => $currentIP]);