wp-cron with .htaccess — cron jobs not running

A look at my server log shows that the wp_cron.php requests are being denied (401 – unauthorized) although the ip of the site is allowed in .htaccess (which otherwise requires a username and password)

WHAT MUST I DO to get it all working???

Fix the .htaccess to allow hits to work. If it’s sending a 401, then clearly the protection is causing the block.

If I were you, I’d simply turn off the protection for all hits to wp-cron.php. It won’t hurt anything, WP has its own verification method for disallowing invalid hits to it.

Thank you Otto42 — I don’t know HOW to turn off the protection for all hits to wp-cron.php — any thoughts?

I just tried hacking cron.php to replace (WP 2.6.3) line 84
$cron_url = get_option( ‘siteurl’ ) . ‘/wp-cron.php’;
with
$cron_url = ‘https://user:[email protected]/blog/wp-cron.php’;

but that did not seem to fix or affect anything… I still have all these old WP-cron entries — if I run one now (using Crontrol plugin) it adds itself to the end of the list but doesn’t seem to DO anything…

NO — wait — maybe at line 102 ?? OK — spoon feed me here — what should my hack be??? Or is there a better way (short of unprotecting the directory which is against the organization’s rules)???

MORE HELP!!!

OR — how, exactly, do I go about turning off the protection for all hits to wp-cron.php???

Thanks,

Mike

Stop editing WordPress. That won’t fix the problem. Put it back the way it was.

You need to edit the .htaccess file. The problem is that I can’t tell you exactly how because I have no idea what the heck is in your .htaccess file.

Most likely, you’ll do something involving a <Files> block to make it not ask for authentication for wp-cron.php.

Yes, yes, yes… Been there done that! LOL! I realized I was barking up the wrong tree last night, and put WP back the way it was this morning.

my .htaccess:

## password begin ##
AuthUserFile xxxxxxxxxxxxxxxxxxxxx
AuthName “Protected”
AuthType Basic
<files wp-cron.php>
order allow,deny
allow from all
</files>
<Limit GET POST PUT>
require valid-user
allow from xxxxxxxxxxxx
allow from xxxxxxxxxxxx
</Limit>
<Files .passwd>
deny from all
</Files>
## password end ##
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /news/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /news/index.php [L]
</IfModule>

BUT… Still NOT working — I won’t be able to see error until tomorrow, but I ASSUME it’s still 401 (unauthorized) — the two ip addreses allowed are the apparent ip as reported in the error 401 and the server ip as suggested by the host — no help either.

SUGGESTIONS???

WAIT — WAIT… OMG!!! It’s… WORKING!!!

Perhaps my host has done something?
Whatever! YAY!!!

If not action by my host, then I suspect it was the files section after all! Maybe I just didn’t notice before!?!

Anyway, THANKS SO MUCH for the hand-holding and good advice!!!

— Mike

OH — I am about to SHOOT myself!!! OK — it didn’t work after all!

I inadvertantly deleted my .htaccess and (duh) THEN it worked…

I’ve restored my .htaccess now, and (crap) it no longer works…

cron jobs are still not scheduled! MORE HELP! Current .htaccess is:

## password begin ##
AuthUserFile xxxxxxxxxxxxxxxxxxxxx
AuthName “Protected”
AuthType Basic
<Limit GET POST PUT>
require valid-user
Allow From xxxxxxxxxxxx
Allow From xxxxxxxxxxxx
</Limit>
<Files .passwd>
deny from all
</Files>
<Files wp-cron.php>
allow from all
</Files>
## password end ##
Allow From xxxxxxxxxxxx
Allow From xxxxxxxxxxxx
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /news/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /news/index.php [L]
</IfModule>

should have said cron jobs are no longer executed — they’re still scheduled, of course — just never RUN due to 401 authorization req.

Try this:

<Files “wp-cron.php”>
Allow from All
Satisfy Any
</Files>

Alternatively, eliminating that entirely and changing this to have the Satisfy Any should also work:

<Limit GET POST PUT>
require valid-user
Allow From xxxxxxxxxxxx
Allow From xxxxxxxxxxxx
Satisfy Any
</Limit>

Basically, “Allow” does not override a “Require” because the default setting is “Satisfy All”. For the Require to be ignored by an allow, you have to have it to “Satisfy Any”.

Otto — THANK YOU — THAT SEEMS TO HAVE DONE THE TRICK!!

At least my ‘test’ do_pings just got eaten up — I don’t know WHICH section ‘did it’ — I’ll test and will let you know, but I believe you have HIT THE BULLSEYE!!!

A MILLION THANKS!!!

OK — results are IN — the effective .htaccess section to get wp-cron.php working again was:

<Files wp-cron.php>
allow from all
Satisfy Any
</Files>

So the NEXT guy suffering with wordpress behind .htaccess protection — add the above four lines to your .htaccess file in the WordPress directory (where wp-cron.php lives) and your cron events should be properly executed!