Cpanel php -q Cron Task blocked by BPS

Home Forums BulletProof Security Free Cpanel php -q Cron Task blocked by BPS

Viewing 12 posts - 1 through 12 (of 12 total)
  • Author
    Posts
  • May 2, 2019 at 4:57 am #37170
    ibiza
    Participant

    Hi there!

    We have to configure 2 cron tasks at Cpanel, for WP All Import Plugin, but BPS is blocking the execution with a 403 error.

    The task are this (i´ve have imputed X at directories and licence key)

    php -q /home/xxxxxxxxx/xxxxxxxxx/wp-cron.php?import_key=xxxxxxxxx&import_id=3&action=trigger >/dev/null 2>&1

php -q /home/xxxxxxxxx/xxxxxxxxx/wp-cron.php?import_key=xxxxxxxxx&import_id=3&action=processing >/dev/null 2>&1

    After deactivating the BPS plugin, plus the .htaccess, they runned well.

    Could you please update us with any steps to follow, for having BPS and .htaccess file activated and Crons running well?

    Thanks in advance for your time and support 😉

    May 2, 2019 at 5:15 am #37171
    ibiza
    Participant

    Hi, we have unactivated the BPS plugin and the .htaccess file, as after running the BPS wizzard option didn´t solve the problem with this cron task being blocked by an 403 error message. After doing this, crons runned well, this is why we are asking for help to solve the situation, as we need to have both your BPS plugin activated & .htaccess file, plus cron task running well. Thank you!

    May 2, 2019 at 8:22 am #37172
    AITpro Admin
    Keymaster

    Activate the BPS plugin > go to the Security Log page > copy the Security Log entry that shows what is being blocked in your cron and post it in your forum reply.  The BPS plugin has built-in Standard BPS troubleshooting steps > https://forum.ait-pro.com/forums/topic/read-me-first-free/#bps-free-general-troubleshooting so that you do not need to deactivate the BPS plugin for troubleshooting and can accurately isolate exactly which BPS plugin feature is causing an issue/problem.

    May 2, 2019 at 10:24 am #37173
    ibiza
    Participant

    Hi and really thanks for answering, here is the log:

    BPS SECURITY LOG
=================

[403 GET Request: jueves 18 abril 2019 - 4:36 PM]
BPS: 3.4
WP: 5.1.1
Event Code: PSBR-HPRA
Solution: https://forum.ait-pro.com/forums/topic/security-log-event-codes/
REMOTE_ADDR: 128.127.105.184
Host Name: swe-net-ip.as51430.net
SERVER_PROTOCOL: HTTP/1.1
HTTP_CLIENT_IP:
HTTP_FORWARDED:
HTTP_X_FORWARDED_FOR:
HTTP_X_CLUSTER_CLIENT_IP:
REQUEST_METHOD: GET
HTTP_REFERER: https://xxxxxxxxxxxxxxxxxxxxxxxxx.com/wp-content/plugins/bulletproof-security/403.php
REQUEST_URI: /wp-content/plugins/bulletproof-security/403.php
QUERY_STRING:
HTTP_USER_AGENT: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

    Hi againg, from our hosting company, that are trying to help, executed the cron tasks from SSH and got this error:

    root@server4 [~]# wget https://jobs.xxxxxxxxx.com/wp-cron.php?import_key=xxxxxxxxxx&import_id=3&action=processing
[1] 3417853
[2] 3417854
root@server4 [~]# --2019-05-02 10:26:53-- https://jobs.xxxxxxxxx.com/wp-cron.php?import_key=xxxxxxxxxx
Resolving jobs.xxxxxxxxx.com... 164.132.130.49
Connecting to jobs.xxxxxxxxx.com|164.132.130.49|:443... connected.
HTTP request sent, awaiting response... 403 Forbidden
2019-05-02 10:26:53 ERROR 403: Forbidden.

[1]- Exit 8 wget https://jobs.xxxxxxxxx.com/wp-cron.php?import_key=xxxxxxxxxx
[2]+ Done import_id=3
root@server4 [~]#

    AND, this is the ones we are trying to execute at Cpanel and that are giving that executing error:

    php -q /home/xxxxxxxxx/jobs.xxxxxxxxx.com/wp-cron.php?import_key=xxxxxxxxx&import_id=3&action=trigger >/dev/null 2>&1

php -q /home/xxxxxxxxx/jobs.xxxxxxxxx.com/wp-cron.php?import_key=xxxxxxxxx&import_id=3&action=processing >/dev/null 2>&1
    May 2, 2019 at 12:53 pm #37177
    AITpro Admin
    Keymaster

    The wget cron is being blocked by a security rule in the BPS root htaccess file.  The solution is here > https://forum.ait-pro.com/forums/topic/wget-gives-403-error-when-bps-is-active/#post-10855. Your cron is using the PHP command-line interpreter and I don’t see anything in your Security Log entries that tells me why it is being blocked.  See if doing the fix in the link above gets your php cron working or not.  If it still does not work then do the troubleshooting step below to confirm that something in the BPS root htaccess file code is causing the block.

    Do this troubleshooting step > 1. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button.  Test your cron and let me know if it works.

    May 5, 2019 at 12:31 am #37220
    ibiza
    Participant

    Hi and thanks for the patience. I´ve tryed both, but none makes the cron task work. Still says you don´t have permissions, error 403. I can´t underestand why this happens. I can´t think of other plugin that is blocking…. Any other possible idea? Thanks for your time 😉

    May 5, 2019 at 5:53 am #37221
    AITpro Admin
    Keymaster

    Do this troubleshooting step > 1. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button.  Test your cron and let me know if it works.

    I don’t see any security rules in the BPS root htaccess file that would block your php cron.  Have you added any custom code in BPS Custom Code?  Copy your root htaccess file contents and post your BPS root htaccess file in your forum reply.

    May 5, 2019 at 6:20 am #37224
    ibiza
    Participant

    Yes, I proceeded with your instructions, 1st placed the code updated for wget where you told us at custom code (as we did with other in the past) and didn´t work. Then deactivated the root .htaccess, but didn´t work either.

    Here is our .htaccess file:

    [htaccess code copied and then deleted by AITpro Admin]

    Thank you for all this time dedicated!

    May 5, 2019 at 6:36 am #37225
    AITpro Admin
    Keymaster

    hmm maybe this problem is not being caused by BPS then.  Do this additional BPS troubleshooting step > 2. On the Security Modes page, click the wp-admin Folder BulletProof Mode Deactivate button. See Custom Code Note if doing this step works. If deactivating both BPS root and wp-admin htaccess files does not allow your cron to work then either there is another htaccess file somewhere else under your hosting account that is blocking your cron or Wordfence or Mod Security or something else on your host server or in another plugin you have installed is blocking your cron.

    May 5, 2019 at 6:44 am #37226
    ibiza
    Participant

    Thanks, about where you wrote Custom Code Note, what do you mean? For doing thing well following your estrict instructions :9

    May 5, 2019 at 6:46 am #37227
    AITpro Admin
    Keymaster

    Disregard the “Custom Code Note”.  I have already eliminated that possibility by checking your root htaccess file code you posted.  Your root htaccess file code contains Wordfence htaccess code.  So it appears that you have the Wordfence plugin installed.  Wordfence is known to block direct crons.  See this Wordfence forum topic with the solution > https://wordpress.org/support/topic/wordfence-blocks-cron-command/

    May 5, 2019 at 6:55 am #37228
    ibiza
    Participant

    GREAT! I’ve read your shared wp post and we are going to try that 🙂

    I never imagined that Wordfence could block this type of things.

    I shall write back in a pair of days or before, to let you know for future other BPS member doubts.

    Really thanks a lot for taking all this time to help us, you did too much for us.

    We LOVE your plugin and is always with us!

  • Author
    Posts
Viewing 12 posts - 1 through 12 (of 12 total)
  • You must be logged in to reply to this topic.