How to defend against cron attacks?

A few days ago the friend said his station consumes the cloud bean to be formidable, then sees the log to discover most is the visit cron.php. And then is not the intranet IP access, and also did not add monitoring and so on, it is estimated that the malicious visit by others. But feel that the modification of the name is also somewhat unsafe, the IP blacklist effect will not be very strong.

Because IP can be changed at any time, so I added a piece of code to solve this problem. is to add a get cron.php to pass the parameters, and then in Config.yaml modified cron, the malicious access problem solved, these days the consumption must also be reduced.

This example tells us, if you are using open source program, when someone else find your open source program, you can see the code to try to consume your cloud beans. So we have to chastened wiser, although the technical content is not high, but it will be much safer. After all, he doesn't know that your cloud beans are not consumed, he is just going to try to attack your program. But I set the more wretched, because at the beginning, cron is output OK, now he does not get to pass data, but also return OK, but now the real execution succeeds, return is yes.

Let's go to the bottom of the line, and first add the following sentence to the cron.php.

if (Empty ($_get[' password ')) | | | $_get[' password ']!= ' user@test ') exit (' OK '); Both password and user@test can be modified arbitrarily.

The way to access is the domain name/program name. Php?password=user@test

Then modify the Config.yaml file,

Add a simple cron.php followed by "program name. Php?password=user@test"

Here's "program name. Php?password=user@test" is not absolute oh.

If you have modified password and user@test in the If place, you need to modify it here as well.

As in the following example.

-Description:task url:cron.php?password=user@test Schedule: */1 * * * * * *