After applying SUPEE-6788 , cron stopped working

magento.stackexchange https://magento.stackexchange.com//questions/88335

Question

I am using 1.9.2.1. After applying SUPEE-6788 , cron stopped working. Why?? I attached the cron setting of my system.

enter image description here

Was it helpful?

Solution

You probably set up your cronjob to call cron.php via HTTP, which is now forbidden by default.

This is the new rule in .htaccess:

###########################################
## Deny access to cron.php
    <Files cron.php>

############################################
## uncomment next lines to enable cron access with base HTTP authorization
## http://httpd.apache.org/docs/2.2/howto/auth.html
##
## Warning: .htpasswd file should be placed somewhere not accessible from the web.
## This is so that folks cannot download the password file.
## For example, if your documents are served out of /usr/local/apache/htdocs
## you might want to put the password file(s) in /usr/local/apache/.

        #AuthName "Cron auth"
        #AuthUserFile ../.htpasswd
        #AuthType basic
        #Require valid-user

############################################

        Order allow,deny
        Deny from all

    </Files>

The best solution would be to not call the cron like that. If your system crontab looks like this:

* * * * * wget http://example.com/cron.php

Change it to something like this:

* * * * * php /path/to/magento/cron.php -mdefault
* * * * * php /path/to/magento/cron.php -malways

If for some reasons you cannot use a regular cronjob and need to call it via HTTP, you should either make it password protected as described in the comments above, or add an IP whitelist to only allow access from localhost (or the IP which triggers your cronjob)

For example, to allow access from localhost, replace 

Deny from all

in your .htaccess file with

Allow from 127.0.0.1

Update based on screenshot

Your screenshot shows something entirely different than your first comment. This is some web based cron management, where you cannot specify the crontab directly with cron syntax. Maybe you can choose an option other than "http" and "https" in the first dropdown to actually specify a path but probably not, so this is one of the cases where you cannot use a regular cronjob.

Luckily your web interface allows using password authentication (see advanced settings), so you can follow the instructions in the htaccess file to create a .htpasswd password file.

Licensed under: CC-BY-SA with attribution
Not affiliated with magento.stackexchange
scroll top