"The BPS plugin has been deactivated" emails since using direct Cron Jobs

Home Forums BulletProof Security Pro "The BPS plugin has been deactivated" emails since using direct Cron Jobs

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
  • #36161


    On a multisite WP, I replaced the standard Cron Jobs with a Direct Cron Jobs using this script https://bjornjohansen.no/wordpress-cron-wp-cli and now, I receive this email alert every 5 minutes.

    I saw the notice that “DISABLE_WP_CRON constant is in use”, and checked that the Cron Jobs are executed in Pro-Tools/Scheduled Crons so I guess there is no real issue?

    I disabled the “BPS Pro MU Tools” plugin to get rid of these alerts, but I’m a little concerned that I would miss an important warning should a critical problem arise.

    AITpro Admin

    The BPS Pro MU Tools must-use plugin can be disabled without causing any other issues or problems.  See the description below for the only 2 features/functions that the BPS Pro MU Tools must-use plugin does.  Direct Cron jobs are fine to use, but the top status display times may not match exactly with the BPS Pro time option settings that you have chosen.  That’s a very minor thing so no big deal.  I see this info about the Direct Cron job code > “This will make sure your system runs the script every minute…”.  So everything should work fine without any issues/problems.

    Checks if the /bulletproof-security/ plugin folder has been renamed or deleted. Checks if the BPS Pro plugin has been deactivated. Email alerts are sent every 5 minutes when the BPS Pro plugin folder has been renamed or deleted or the BPS Pro plugin has been deactivated. To disable these checks and the email alerts click the Disable Link. When you click the Disable Link you will see an Enable Link if you would like to enable the BPS Pro MU Tools must-use plugin again.


    Thanks for your answer.

    To be sure, I enabled again the BPS Pro MU Tools plugin, and received again the “BPS plugin deactivated” mails.

    After checking again that BPS was *not* deactivated, renamed or deleted, I commented the Cron Jobs and reverted to the default WP false Cron, and BPS Pro MU Tools doesn’t complain anymore (hence the proof that BPS Pro is neither deactivated nor renamed nor deleted or anything strange).

    So either the Cron script I use has a flaw somewhere, or BPS Pro MU Tools plugin doesn’t like Cron Jobs.

    AITpro Admin

    Yep, then it sounds like there is an issue somewhere with standard WP Crons vs Direct Crons, when Standard WP Cron Jobs have been disabled.  Sounds like we need to add an extra code condition > ie “if wp standard crons are disabled do X > else do Y”.  I’ve added this to the Scheduled Task List so testing can be done to see what needs to be added/done/changed. For now just continue to disable the BPS Pro MU Tools plugin.  The BPS Pro MU Tools plugin is not any sort of significant security protection type of thing and more of a secondary security level protection thing (or even 3rd or 4th level thing…).  ie not a big deal.  😉

    Edit|Update:  I should have checked the background post as suggested in the link that you posted, which dates back a few years.  The background post dates back to JULY 18, 2013 and WordPress has made significant changes to Standard WP Crons since then (heartbeat, etc).  Anyway we have decided to just add a “return” condition in the BPS Pro MU Tools plugin if disable the DISABLE_WP_CRON constant is in use.  Keeping it simple since the checks are not any sort of significant/important security feature.

    AITpro Admin

    Actually we are just going to get rid of the BPS Pro MU Tools must-use plugin in the next version release.  It has been more of a nuisance than a benefit.  So time to dump it.


    Thanks for the follow-up.

    Nice to know you’re always keeping track of issues, whether they’re significant or not, and I feel relieved knowing I have no serious issue on my install.



    cron was making a huge resources leak with my server so i disabled it by DISABLE_WP_CRON’

    now there is a “BPS Notice: DISABLE_WP_CRON constant is in use”

    BPS Notice: DISABLE_WP_CRON constant is in use
    The WordPress DISABLE_WP_CRON constant is in use, which disables all Standard WP Crons. Several BPS Pro features use Standard WP Crons. If a plugin is being used that disables Standard WP Crons and uses Direct Cron Jobs instead or your Web Host is disabling Standard WP Crons then no further action is required by you and you can safely dismiss this Dismiss Notice.
    To Dismiss this Notice click the Dismiss Notice button below. To Reset Dismiss Notices click the Reset|Recheck Dismiss Notices button on the Display & Alert Options page.

    I know the text speaks for itself, my question is just to relief my mind.

    Is BPS pro working less secure now after disabling wp cron?


    Sorry for reviving old thread, thought it’s better to add additional info here.

    AITpro Admin

    disabling WP Crons without setting up a Direct Cron in your web host control panel means:  The AutoRestore|Quarantine cron job will no longer check files, the Plugin Firewall AutoPilot Mode cron will no longer create whitelist rules automatically, the log file cron job will no longer zip and email log files to you, the BPS Pro plugin update cron will no longer check for newer BPS Pro versions, etc etc etc.  Also any other plugins and themes that use WP Crons will no longer run automated tasks on your website.  It’s pretty easy to setup a Direct Cron in a web host control panel and it should use less resources then WP Crons, which barely use any resources if your website does not have any problems.

    Most likely what is really happening is whatever web host tool you are looking at that is telling you cron jobs are using a lot of resources is simply wrong or there is a problem with your web host server configuration.

Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.