Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By zigma on
It appears anyone can call www.example.com/cron.php for a drupal website.
I guess anyone visiting the site can visit this link and result in manual execution of cron. We maynot want this to run at anytime.
Is there anyway to secure this?
Comments
Yes. See
Yes. See http://drupal.org/cron "Security notes", Deny from all, Allow from ... etc.