API not working ( Hestia Control Panel v1.9.2)

Hello, I am trying to create a snippet that will auto-create a Hestia user account when someone buys the subscription in WooCommerce, but the API is not connecting on my end. Not sure what’s wrong. I keep getting

Error: data received is null or invalid; check https://hestiacp.com/docs/server-administration/rest-api.html.

I enable the API for all users and try also for admin only. Still persists. I added whitelisted the server API, the local API, and the site where WooCommerce is installed. when I run v-list-users in SSH, it displays all users and API enabled. when I try to connect or run the curl command, it gets refused. I try direct

nyc3.mydomain.com:2083/api/?hash=Qu6nDQXc0OLiYqCBWkkK:aKm64UZ5iyKDTlcZTXxa4aaSEauq5Eq2sBx3pF7D&cmd=v-list-users&returncode=yes

I get Error: data received is null or invalid, check https://hestiacp.com/docs/server-administration/rest-api.html

I try

curl -k -v -X POST "https://nyc3.mydomain.com:2083/api/" \ -d "hash=Qu6nDQXc0OLiYqCBWkkK:aKm6wUZ5iyKDTlcZTXxahaaSEauq5Eq2sBx3pF7D" \ -d "returncode=yes" \ -d "cmd=v-list-sys-config"

I get this

Host nyc3.mydomain.com:2083 was resolved. IPv6: 2606:4700:3030::6815:6001, 2606:4700:3030::6815:4001, 2606:4700:3030::6815:1001, 2606:4700:3030::6815:2001, 2606:4700:3030::6815:3001, 2606:4700:3030::6815:5001, 2606:4700:3030::6815:7001 IPv4: 104.21.48.1, 104.21.96.1, 104.21.80.1, 104.21.64.1, 104.21.32.1, 104.21.16.1, 104.21.112.1 Trying 104.21.48.1:2083... Trying [2606:4700:3030::6815:6001]:2083... Immediate connect fail for 2606:4700:3030::6815:6001: Address not available Trying [2606:4700:3030::6815:4001]:2083... Immediate connect fail for 2606:4700:3030::6815:4001: Address not available Trying [2606:4700:3030::6815:1001]:2083... Immediate connect fail for 2606:4700:3030::6815:1001: Address not available Trying [2606:4700:3030::6815:2001]:2083... Immediate connect fail for 2606:4700:3030::6815:2001: Address not available Trying [2606:4700:3030::6815:3001]:2083... Immediate connect fail for 2606:4700:3030::6815:3001: Address not available Trying [2606:4700:3030::6815:5001]:2083... Immediate connect fail for 2606:4700:3030::6815:5001: Address not available Trying [2606:4700:3030::6815:7001]:2083... Immediate connect fail for 2606:4700:3030::6815:7001: Address not available ipv4 connect timeout after 1497ms, move on! Trying 104.21.96.1:2083... ipv4 connect timeout after 748ms, move on! Trying 104.21.80.1:2083... ipv4 connect timeout after 372ms, move on! Trying 104.21.64.1:2083... Connection timed out after 3002 milliseconds Closing connection curl: (28) Connection timed out after 3002 milliseconds (exit status 28)

The snippet I am traying to run

// === 1. Trigger function when WooCommerce order status changes ===
add_action('woocommerce_order_status_changed', 'process_hestiacp_account', 10, 3);

function process_hestiacp_account($order_id, $old_status, $new_status) {
    $order = wc_get_order($order_id);
    $user_id = $order->get_user_id();
    $product_id = 2622; // Subscription Product ID
    $domain_name = get_user_meta($user_id, 'domain_name', true);

    // If no domain is found, stop execution
    if (!$domain_name) {
        return;
    }

    // Get user details
    $user_info = get_userdata($user_id);
    $username = 'user' . $user_id; // Generate username from user ID
    $password = wp_generate_password(12, false); // Generate random password
    $email = $user_info->user_email;
    $package = 'basic'; // Basic package

    // HestiaCP API credentials
    $hst_hostname = 'nyc3.mydomain.com';
    $hst_port = '2083';
    $hst_returncode = 'yes';
    $hst_api_key = 'tPyurKpfOW0V3bfvsuMb:sybWse4FnHuPtntK6NBR8JumZUdTRnH=ui5zXn1y';

    // If order is completed, create user & assign domain
    if ($new_status == 'completed') {
        hestiacp_create_user($hst_hostname, $hst_port, $hst_api_key, $username, $password, $email, $package);
        hestiacp_add_domain($hst_hostname, $hst_port, $hst_api_key, $username, $domain_name);
    } elseif ($new_status == 'failed' || $new_status == 'cancelled') {
        // Suspend user account
        hestiacp_suspend_user($hst_hostname, $hst_port, $hst_api_key, $username);
    }
}

// === 2. Function to create a HestiaCP user & send welcome email ===
function hestiacp_create_user($hst_hostname, $hst_port, $hst_api_key, $username, $password, $email, $package) {
    $hst_command = 'v-add-user';
    $postvars = [
        'hash' => $hst_api_key,
        'returncode' => 'yes',
        'cmd' => $hst_command,
        'arg1' => $username,
        'arg2' => $password,
        'arg3' => $email,
        'arg4' => $package,
        'arg5' => 'yes' // ENABLE WELCOME EMAIL
    ];
    hestiacp_api_request($hst_hostname, $hst_port, $postvars);
}

// === 3. Function to add a domain ===
function hestiacp_add_domain($hst_hostname, $hst_port, $hst_api_key, $username, $domain) {
    $hst_command = 'v-add-domain';
    $postvars = [
        'hash' => $hst_api_key,
        'returncode' => 'yes',
        'cmd' => $hst_command,
        'arg1' => $username,
        'arg2' => $domain
    ];
    hestiacp_api_request($hst_hostname, $hst_port, $postvars);
}

// === 4. Function to suspend a user ===
function hestiacp_suspend_user($hst_hostname, $hst_port, $hst_api_key, $username) {
    $hst_command = 'v-suspend-user';
    $postvars = [
        'hash' => $hst_api_key,
        'returncode' => 'yes',
        'cmd' => $hst_command,
        'arg1' => $username
    ];
    hestiacp_api_request($hst_hostname, $hst_port, $postvars);
}

// === 5. Function to make API requests ===
function hestiacp_api_request($hst_hostname, $hst_port, $postvars) {
    $postdata = http_build_query($postvars);
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, 'https://' . $hst_hostname . ':' . $hst_port . '/api/');
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
    curl_setopt($curl, CURLOPT_POST, true);
    curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata);
    
    $response = curl_exec($curl);
    $http_code = curl_getinfo($curl, CURLINFO_HTTP_CODE);
    curl_close($curl);

    if ($http_code !== 200) {
        error_log("HestiaCP API Error: HTTP $http_code - Response: $response");
    }
}

I verified firewall also and port is allow

I hard encoded the admin username due that admin name is not working when the admin change

Not sure what else can be any other input?

setup

Nginx+mariadb
ubuntu 22.4
hestia v1.9.2
Cloudflare
DigitalOcean Droplet

I also write here about the API problem: