Cron job not running if directory is protected

Username (e.g. epiz_XXX) or Website URL

epiz_25518692

Error Message

None; CRON job does not run

Other Information

I have my website and use the directory protection. If I schedule a CRON job using a file within this directory, cron “fails” and is removed.
How to use directory security (password protect so others can’t see it) with CRON?

Thanks

As far as i know, changing permission is enough for that security. Maybe change the CRON file permission to 444.

You could also move your “secret files” into a subfolder, then create a .htaccess file in there that prevents access to that file from everyone, except the server that is running the Cronjob.

Example:

DENY FROM ALL
ALLOW FROM 123.123.123.123

*Replace 123.123.123.123 with your Main IP

-I don’t see how making my files ONLY read-only by all users (they already are readable by all) will allow CRON to execute them.

-How do I find out what server IP is running CRON (I’m using CRON from InfinityFree)?

Is it possible to prevent other users from seeing my files using InfinityFree’s directory security facilities, yet have InfinityFree’s CRON facility execute certain files? Do I need to create a special user in those directories?

Directory security will prompt for a pass. Cron jobs don’t know the password. Consider making the file all perms to owner and group, but not public.

1 Like

To my knowledge, this is an oversight in the cron job design. There is no recommended way to protect a script but still allow our cron tool to execute it.

Maybe you could create a simple script which writes the value of $_SERVER['REMOTE_ADDR'] to a text file and then have that script execute with cron? That should log the IP address(es) of the Cron tool.

I don’t think this would help. After all, both your visitors and the cron tool execute the script through the web server. So either your file permissions are set to a way that everyone can execute them, or nobody can.

4 Likes

So, maybe implementing the .htaccess rule would help? or rather not?

I also want to know this if its really possible or not.

An IP filter would work, although it’s not an officially supported use case. We don’t publish the cron IPs anywhere, and I can’t guarantee that they won’t change over time.

4 Likes

Ok, thanks for the information, @Admin. Now i learned a new thing.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.