Consider copy-and-edit OWASP Secure Software Contract Annex
As I understand your interface is a website, I suggest you check the
laws of the jurisdiction you claim in your certificate locality, both for enforceable action you take against attackers, and enforceable actions others can take against you. If you have a choice, I've personally found Michigan's anti-computer-crime statutes (especially required prior registration of hacking attempts) to best prevent litigation.
I suggest you check with your lawyer and accountant before posting your terms of service.