Home › Forums › BulletProof Security Free › Cpanel php -q Cron Task blocked by BPS
- This topic has 11 replies, 2 voices, and was last updated 4 years, 11 months ago by ibiza.
-
AuthorPosts
-
ibizaParticipant
Hi there!
We have to configure 2 cron tasks at Cpanel, for WP All Import Plugin, but BPS is blocking the execution with a 403 error.
The task are this (i´ve have imputed X at directories and licence key)
php -q /home/xxxxxxxxx/xxxxxxxxx/wp-cron.php?import_key=xxxxxxxxx&import_id=3&action=trigger >/dev/null 2>&1 php -q /home/xxxxxxxxx/xxxxxxxxx/wp-cron.php?import_key=xxxxxxxxx&import_id=3&action=processing >/dev/null 2>&1
After deactivating the BPS plugin, plus the .htaccess, they runned well.
Could you please update us with any steps to follow, for having BPS and .htaccess file activated and Crons running well?
Thanks in advance for your time and support 😉
ibizaParticipantHi, we have unactivated the BPS plugin and the .htaccess file, as after running the BPS wizzard option didn´t solve the problem with this cron task being blocked by an 403 error message. After doing this, crons runned well, this is why we are asking for help to solve the situation, as we need to have both your BPS plugin activated & .htaccess file, plus cron task running well. Thank you!
AITpro AdminKeymasterActivate the BPS plugin > go to the Security Log page > copy the Security Log entry that shows what is being blocked in your cron and post it in your forum reply. The BPS plugin has built-in Standard BPS troubleshooting steps > https://forum.ait-pro.com/forums/topic/read-me-first-free/#bps-free-general-troubleshooting so that you do not need to deactivate the BPS plugin for troubleshooting and can accurately isolate exactly which BPS plugin feature is causing an issue/problem.
ibizaParticipantHi and really thanks for answering, here is the log:
BPS SECURITY LOG ================= [403 GET Request: jueves 18 abril 2019 - 4:36 PM] BPS: 3.4 WP: 5.1.1 Event Code: PSBR-HPRA Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/ REMOTE_ADDR: 128.127.105.184 Host Name: swe-net-ip.as51430.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: https://xxxxxxxxxxxxxxxxxxxxxxxxx.com/wp-content/plugins/bulletproof-security/403.php REQUEST_URI: /wp-content/plugins/bulletproof-security/403.php QUERY_STRING: HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Hi againg, from our hosting company, that are trying to help, executed the cron tasks from SSH and got this error:
root@server4 [~]# wget https://jobs.xxxxxxxxx.com/wp-cron.php?import_key=xxxxxxxxxx&import_id=3&action=processing [1] 3417853 [2] 3417854 root@server4 [~]# --2019-05-02 10:26:53-- https://jobs.xxxxxxxxx.com/wp-cron.php?import_key=xxxxxxxxxx Resolving jobs.xxxxxxxxx.com... 164.132.130.49 Connecting to jobs.xxxxxxxxx.com|164.132.130.49|:443... connected. HTTP request sent, awaiting response... 403 Forbidden 2019-05-02 10:26:53 ERROR 403: Forbidden. [1]- Exit 8 wget https://jobs.xxxxxxxxx.com/wp-cron.php?import_key=xxxxxxxxxx [2]+ Done import_id=3 root@server4 [~]#
AND, this is the ones we are trying to execute at Cpanel and that are giving that executing error:
php -q /home/xxxxxxxxx/jobs.xxxxxxxxx.com/wp-cron.php?import_key=xxxxxxxxx&import_id=3&action=trigger >/dev/null 2>&1 php -q /home/xxxxxxxxx/jobs.xxxxxxxxx.com/wp-cron.php?import_key=xxxxxxxxx&import_id=3&action=processing >/dev/null 2>&1
AITpro AdminKeymasterThe wget cron is being blocked by a security rule in the BPS root htaccess file. The solution is here > https://forum.ait-pro.com/forums/topic/wget-gives-403-error-when-bps-is-active/#post-10855. Your cron is using the PHP command-line interpreter and I don’t see anything in your Security Log entries that tells me why it is being blocked. See if doing the fix in the link above gets your php cron working or not. If it still does not work then do the troubleshooting step below to confirm that something in the BPS root htaccess file code is causing the block.
Do this troubleshooting step > 1. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button. Test your cron and let me know if it works.
ibizaParticipantHi and thanks for the patience. I´ve tryed both, but none makes the cron task work. Still says you don´t have permissions, error 403. I can´t underestand why this happens. I can´t think of other plugin that is blocking…. Any other possible idea? Thanks for your time 😉
AITpro AdminKeymasterDo this troubleshooting step > 1. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button. Test your cron and let me know if it works.
I don’t see any security rules in the BPS root htaccess file that would block your php cron. Have you added any custom code in BPS Custom Code? Copy your root htaccess file contents and post your BPS root htaccess file in your forum reply.
ibizaParticipantYes, I proceeded with your instructions, 1st placed the code updated for wget where you told us at custom code (as we did with other in the past) and didn´t work. Then deactivated the root .htaccess, but didn´t work either.
Here is our .htaccess file:
[htaccess code copied and then deleted by AITpro Admin]
Thank you for all this time dedicated!
AITpro AdminKeymasterhmm maybe this problem is not being caused by BPS then. Do this additional BPS troubleshooting step > 2. On the Security Modes page, click the wp-admin Folder BulletProof Mode Deactivate button. See Custom Code Note if doing this step works. If deactivating both BPS root and wp-admin htaccess files does not allow your cron to work then either there is another htaccess file somewhere else under your hosting account that is blocking your cron or Wordfence or Mod Security or something else on your host server or in another plugin you have installed is blocking your cron.
ibizaParticipantThanks, about where you wrote Custom Code Note, what do you mean? For doing thing well following your estrict instructions :9
AITpro AdminKeymasterDisregard the “Custom Code Note”. I have already eliminated that possibility by checking your root htaccess file code you posted. Your root htaccess file code contains Wordfence htaccess code. So it appears that you have the Wordfence plugin installed. Wordfence is known to block direct crons. See this Wordfence forum topic with the solution > https://wordpress.org/support/topic/wordfence-blocks-cron-command/
ibizaParticipantGREAT! I’ve read your shared wp post and we are going to try that 🙂
I never imagined that Wordfence could block this type of things.
I shall write back in a pair of days or before, to let you know for future other BPS member doubts.
Really thanks a lot for taking all this time to help us, you did too much for us.
We LOVE your plugin and is always with us!
-
AuthorPosts
- You must be logged in to reply to this topic.