Cron Job security, CHMOD

[bambinou1980]

Hello,

 

I would like to setup a cron job in my cpanel. This cron job is situated in:

public_html/protected/commands/cron.php

 

I do not want people to call this url from the web as it could hit the server ressources if started too often.

 

Is there a way to set this cronjob in a way that it is only executable from the server itself and not from the web. Please tell me if I am wrong but what I did is set up the command as:

 

/usr/bin/php -q /home/account_name/public_html/protected/commands/cron.php

 

And set the cronjob.php file to 644.

 

Is this right?

 

Thank you.

 

Ben

[SurrealScripts]

644 is anyone can read. 600 is owner only which is what you're looking for as long as that file wasn't created by the web server user.

[bambinou1980]

Thank you so much for your fast reply.

 

What about the cronjob path, sometime I see people adding -q or -php front of the path, what does this changes please, any idea?

 

Thank you,

 

Ben

[Ch0cu3r]

If you do not want visitors to your site accessing cron.php then do not store in your public_html folder (aka your document root). Store it outside of the document root. 

 

 

I see people adding -q or -php front of the path, what does this changes please, any idea?

It doesn't change anything it is telling the server which program to execute, and passing command line option -q to PHP and stating the path the php file to be executed

[bambinou1980]

Thank you for your help :-)