I’m implementing Cron Jobs for my website, and since there’s no way to execute Git Bash, I have to run a script on a predefined URL.
The problem is that anyone who knowns that URL could execute it every time he wants, while I want to run that job once a day and no more.
Can you ensure that, if I add a query string to my cron job, no one can see the full URL while it is running?
you should rename that file to a gibberish text and hide it somewhere hard to guess.
Isn’t there a way for someone to get a list of all the URLs in a folder?
Yes. The easiest way to disable it is to make blank index.html in this folder
Preferably name the cron job, put it through base64 encoder, then make what @Yellow_Pikachu suggested. Or disable directory listing and make no index.
What about “Directory Privacy” under “Security” in the control panel? Could it help or does it block the cron too?
There is no way to get a list of all the URLs in a folder if you don’t want to.
Normally, if a folder doesn’t have a valid index file, then people will see a listing of all the files in a folder. But you can disable directory listing with .htaccess rules, or simply by uploading an index file to the folder (a blank file with the name index.html is enough).
And query strings are never visible in a directory listing. If you only execute your cron job when executed like https://example.com/cron.php?cronPassword=somethingverylongandrandom , only people who know the code or the password can call the cron job.
I’m not sure whether password protected directories can be used for this. I don’t think that cron jobs are exempt from the password checks.
No, that will result in asking for a password, which the vpanel may not know. I tried it once on my css files, and it asked for a password when i used an html file.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.