开发者

Run a script.php on cron job on linux/apache server but restrict public access to the php file

开发者 https://www.devze.com 2023-01-27 13:44 出处:网络
I have this script.php file which i want to run as a cron job on my linux/apache server. However, i do not want public to access www.mycompanyname.c开发者_C百科om/script.php and also run the script c

I have this script.php file which i want to run as a cron job on my linux/apache server.

However, i do not want public to access www.mycompanyname.c开发者_C百科om/script.php and also run the script concurrently.

How can we prevent that? How can we restrict the script to the server's access only? Is it using chmod or setting something inside .htaccess file, something along the line?

Any advice ?


You can do this as the first line of PHP in script.php...

if (PHP_SAPI !== 'cli') {
    exit;
}

If someone hits your script via HTTP, the PHP_SAPI will be cgi I believe, and not cli, causing your script to exit straight away.

Of course, this relies on your cron calling php script.php.

You could also send...

header('HTTP/1.0 404 Not Found');

... or of course, leave it outside your web root.


If you put the script outside of the webroot folder it will not be accessible through your webserver. e.g. your webroot is at /var/www/public_html/ you put the script.php outside of that folder, for example: /var/www/


You probably have something like a public_html directory, in which you have all the phps. Just put it outside of that directory.


Method 1.

If you are executing PHP directly from the Cron Job e.g. php /path/to/your_script.php then add the following line at the top of your PHP script:

if (php_sapi_name() !='cli') exit;

Method 2.

If the Cron Job uses wget, curl or lynx to run your script via its URL, then insert this code at the top of your PHP script (change the User Agent string to one known only by you) :

if ($_SERVER['HTTP_USER_AGENT'] != 'yourSecretAgent') exit;

You will also have to set the User Agent in the Cron Job; as in this wget example:

wget -O - --user-agent=“yourSecretAgent” http://example.com/your_script.php
0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号