# my.interserver.net

> InterServer customer portal for managing hosting services — VPS, web hosting,
> dedicated servers, domains, DNS, SSL, mail, backups, licenses, and billing.
> Most pages are gated behind customer authentication; programmatic access is
> available via REST API and MCP server.

This site is the management portal for [InterServer](https://www.interserver.net/)
customers. The marketing/sales surface lives at `www.interserver.net`; this host
(`my.interserver.net`) is for managing services after signup.

## Public pages

- [Login](https://my.interserver.net/login.php)
- [Sign up](https://my.interserver.net/signup.php)
- [Password reset](https://my.interserver.net/password_reset.php)
- [Contact](https://my.interserver.net/contact.php)
- [FAQ](https://my.interserver.net/faq.php)
- [API documentation](https://my.interserver.net/api-docs/)

## Programmatic access

InterServer is agent-friendly. Three transports are supported:

| Transport | Endpoint | Notes |
|---|---|---|
| REST API | `https://my.interserver.net/apiv2/` | OpenAPI 3.0 |
| MCP (client) | `https://my.interserver.net/mcp/client` | Streamable HTTP, OAuth 2.1 |
| MCP (admin) | `https://my.interserver.net/admin/mcp/admin` | Admin tools, OAuth `admin` scope |

### Discovery files

- API catalog (RFC 9727): `/.well-known/api-catalog`
- OpenAPI spec: `/spec/openapi.yaml` (also `/spec/openapi.json`)
- API docs UI: `/api-docs/`
- MCP Server Card (SEP-1649): `/.well-known/mcp/server-card.json`
- A2A Agent Card: `/.well-known/agent-card.json`
- Agent Skills index: `/.well-known/agent-skills/index.json`
- OAuth 2.0 metadata (RFC 8414): `/.well-known/oauth-authorization-server`
- OAuth Protected Resource (RFC 9728): `/.well-known/oauth-protected-resource`

### Authentication

The MCP server and REST API accept any of:

- **API key** — header `X-API-KEY: <key>`. Generate from `/account_security`
  after login. Best for non-interactive automation.
- **OAuth 2.1 / 2.0 bearer** — header `Authorization: Bearer <token>`. The
  client connects with no auth, gets a `401` with a `WWW-Authenticate` pointing
  to the protected-resource metadata, and follows the standard authorize-code
  flow. Best for interactive agents.
- **Session cookie** — header `sessionid: <id>`. For browser-driven flows.

The `admin` and `admin_login` scopes are reserved for the admin MCP server at
`/admin/mcp/admin` and are rejected on the client MCP.

## Services covered

InterServer provides:

- **VPS hosting** — Linux and Windows virtual private servers
- **Web hosting** — shared and reseller hosting
- **Dedicated servers** — bare-metal and Rapid Deploy Servers
- **Quickservers** — quick-provision servers
- **Domains** — registration, transfers, DNS (including DNSSEC)
- **SSL certificates** — DV, OV, EV
- **Backups** — managed backup storage
- **Mail** — mail.baby (transactional + relay)
- **Floating IPs** — portable IPv4
- **Scrub IPs** — DDoS-mitigated IPs
- **Licenses** — control panel and software licenses (cPanel, Plesk, etc.)

## Useful links

- [InterServer main site](https://www.interserver.net/)
- [VPS plans](https://www.interserver.net/vps/)
- [Web hosting plans](https://www.interserver.net/hosting/)
- [Dedicated servers](https://www.interserver.net/dedicated/)
- [Storage / backups](https://www.interserver.net/storage/)
- [Mail Baby](https://www.mail.baby/)

## Robots and AI usage

Per `/robots.txt`:

```
User-agent: *
Content-Signal: search=yes, ai-train=no, ai-input=yes
Disallow: /admin/
```

Public pages may be indexed for search and used as input to conversational AI,
but must not be ingested for AI model training without a separate license.