Best Practice / Approach User of Wall Garden and Cron Job Protection.
Dear SIr,
What would be the best practice or approach to achieve the followings?
1. I want to make the front page (the page you see when you call myhotfb.com) go through Wall Garden. The front page uses a plugin by Tom.
2. At the present anyone can type https://www.myhotfb.com/cron/hourly/ on browser url. This I want to disable or protect like when you try to run https://www.myhotfb.com/upgrade.php it will fail and redirect you to login.
3. Speaking of the above no. 1. The objective is to limit exposure by having wall garden pass the front page plug through wall garden. I don't want .htaccess solution or should I? cuz I think I should be able to pass the front page through Wall Garden.
Kindly Please Advise.
Elgg Technical Support
Get support from other Elgg users
- Rohit Gupta@Rohit_1990_3676
Rohit Gupta - 1 like
- Nikolai Shcherbin@rivervanrain
Nikolai Shcherbin - 1 like
- MyHoTFB.COM ®@myHoTFB
MyHoTFB.COM ® - 0 likes
- MyHoTFB.COM ®@myHoTFB
MyHoTFB.COM ® - 0 likes
- iionly@iionly
iionly - 0 likes
You must log in to post replies.Which elgg version are you using? Elgg 3 already has this feature.
There is https://github.com/hypejunction/elgg-cli to replace the cron running via browser with the cron running via command.
But I recommend to move on latest Elgg.
Dear Rohit,
I am using Elgg version : Release - 2.3.14, Version - 2016092300.
Yes, I have seen that in 3x cron job protection is built in but 3 x is over my head. It is overwhelming. for me. However, I do want to learn 3 in a development environment. .
Dear RvR,
Thanks for your kind reply. You said "But I recommend to move on latest Elgg."
I am using the latest and recommended version of elgg 2.3.14, which has a LTS (Long Term Support). I appreciate you giving me a link to solve this problem. I have come across this plugin in past. My concept of cli install is not clear and as the Elgg manual says, if you do not understand a problem, there are no reasons to through resources at it,
So, kind of stuck. Right?
You could use the Security Tools plugin (https://elgg.org/plugins/1941178) as starting point. While it does not protect the cron urls it does so for upgrade.php. With this functionality you might be able to extend it to work also with the cron urls.