Magento cron configuration

Using the enhanced cron.sh wrapper

The default Magento cron.sh wrapper has some limitations, as it doesn't support email alerts or logging; and there are some edge cases that running the cron from the wider acc server may pose both a security risk - and the potential for path mismatch.

So the solution is to run a revised cron.sh wrapper that invokes cron.php as if it were on the web server itself.

Just replace your existing cron.sh script with the following, filling in the email recipient if you also wish to be alerted of any cron execution errors.

Download and make the file executable by using,

cd /microcloud/domains/example/domains/example.com/http
wget --no-check-certificate -O cron.sh https://raw.githubusercontent.com/sonassi/magestack-scripts/master/cli/cron.sh
chmod +x cron.sh

Setting up the crontab

Setting up your Magento cron is a simple task that requires a single edit to the www-data crontab,

crontab -e

*/5 * * * * /usr/bin/timeout 6h /bin/bash /microcloud/domains/example/domains/example.com/http/cron.sh > /dev/null 2>&1

Using the whitelist/blacklist

This feature requires Aoe_Scheduler, follow these instructions to install.

Both SCHEDULER_WHITELIST and SCHEDULER_BLACKLIST take a comma separated string of cron task names and are used to filter the tasks being executed by the cron. They should be set in the crontab execution line itself.

Eg.

* * * * * SCHEDULER_BLACKLIST="sitemap_generate,log_clean" /usr/bin/timeout 6h /bin/bash /microcloud/domains/example/domains/example.com/http/cron.sh > /dev/null 2>&1
  • Setting SCHEDULER_BLACKLIST="sitemap_generate,log_clean" would run all cron tasks other than sitemap_generate and log_clean
  • Setting SCHEDULER_WHITELIST="sitemap_generate,log_clean" would run only sitemap_generate and log_clean

When setting both whitelist and blacklist, you merely need to copy the crontab command and prefix with the appropriate whitelist/blacklist as necessary.

Eg.

*/5 * * * * SCHEDULER_BLACKLIST="sitemap_generate,log_clean" /usr/bin/timeout 6h /bin/bash /microcloud/domains/example/domains/example.com/http/cron.sh > /dev/null 2>&1
*/5 * * * * SCHEDULER_WHITELIST="sitemap_generate,log_clean" /usr/bin/timeout 6h /bin/bash /microcloud/domains/example/domains/example.com/http/cron.sh > /dev/null 2>&1

Securing cron.php against DOS attack

The cron.php is vulnerable to DOS attack, as it is typically accessible for anyone to run. It is wise to lock down this file from ever being able to be executed by the web server, this can be easily remedied with a quick addition to the domain's ___general/example.com.conf - then reload Nginx

location = /cron.php {
  deny all;
}

Examples

Re Index every X hours

The following will trigger a reindex of all indexes at 5am each day (you can adjust the command/time to suit your requirements).

0 5   * * * ( echo "cd /domains/example.com/http/shell/; php indexer.php reindexall" ) | /usr/bin/fakechroot /usr/sbin/chroot /microcloud/domains/example /bin/bash

Prune Redis every X hours

The following will prune old Redis entries every 4 hours, read installing the Redis Magento extension before use.

0 */4 * * * ( echo "cd /domains/example.com/http/shell/; php redis.php" ) | /usr/bin/fakechroot /usr/sbin/chroot /microcloud/domains/example /bin/bash