Miks Posted March 17, 2015 Share Posted March 17, 2015 Is there a way to prevent users from running the cron jobs manually? Or should I relabel them? Quote Link to comment Share on other sites More sharing options...
G7470 Posted March 17, 2015 Share Posted March 17, 2015 In MCCodes, it requires a GET code in order to kick off a cron job at all. You could make that code as complex as you would want, really. Relabeling them may also help make it more difficult for those attempting to run your crons manually to do so, but I would say the built-in GET code with MCCodes is your best bet. ~G7470 Quote Link to comment Share on other sites More sharing options...
Miks Posted March 17, 2015 Author Share Posted March 17, 2015 I bought Raven Mafia Script which looks like a copy of Mccodes, I'm pretty sure I read somewhere they have a license to sell it. I just tested my cron from logging into a standard user and they were able to run the cron directly. How would I go about preventing this, can you copy and paste what you use? Quote Link to comment Share on other sites More sharing options...
Veramys Posted March 17, 2015 Share Posted March 17, 2015 You need to make sure it selects the code from the config file. Then if the code is not right or not there have the page quit. Quote Link to comment Share on other sites More sharing options...
NonStopCoding Posted March 17, 2015 Share Posted March 17, 2015 (edited) I bought Raven Mafia Script which looks like a copy of Mccodes, I'm pretty sure I read somewhere they have a license to sell it. I just tested my cron from logging into a standard user and they were able to run the cron directly. How would I go about preventing this, can you copy and paste what you use? as far as i am aware ravens is a ripped of version of mccodes and you will require a license from mccodes.com to run a game (correct me if i am wrong) it also has a ton of paid mods that i am sure are not allowed to be there also i am sure i read someplace that the layout is stolen too Ravens is a junk you should of purchased the latest version of mccodes if you wanted to go down that path for your issue open up config.php and look for 'code' => 'some long code here', in your cron file you will need to create a small bit of code (i believe mccodes v2.05b already has this) that will check if the code matches the code from the config.php if it doesn't then kill the page otherwise run the cron. Edited March 17, 2015 by NonStopCoding Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted March 17, 2015 Share Posted March 17, 2015 Remove the crons from your public_html or www folder. Then in your cron job manager you will just supply the path to the file like /home/username/your_file.php Quote Link to comment Share on other sites More sharing options...
Truefalse Posted March 17, 2015 Share Posted March 17, 2015 Remove the crons from your public_html or www folder. Then in your cron job manager you will just supply the path to the file like /home/username/your_file.php Something to add here, if you do this. You will need to execute and parse the PHP file (rather than wget or curl) php -f /path/to/cron.php Quote Link to comment Share on other sites More sharing options...
JMB Gaming Posted March 17, 2015 Share Posted March 17, 2015 Make a folder not in public_html or www but the one before that. Label it crons then in your cron files change the file includes (I think they include config or global_noauth?) should be something like "../public_html/config.php" In the cron job manager in the cPanel put this in the command /usr/bin/php -q /home/USERNAME/cron/cron_minute.php Change the username to whatever yours might be. This method you do not need the config code so could be deleted if you really wanted too :) Quote Link to comment Share on other sites More sharing options...
SRB Posted March 17, 2015 Share Posted March 17, 2015 1. Move crons below document root; 2. Change paths of includes to go above the level they are at; 3. Change cron tab locations; Quote Link to comment Share on other sites More sharing options...
Guest Posted March 18, 2015 Share Posted March 18, 2015 1. Move crons below document root; 2. Change paths of includes to go above the level they are at; 3. Change cron tab locations; You sure you don't mean above? Quote Link to comment Share on other sites More sharing options...
Miks Posted March 19, 2015 Author Share Posted March 19, 2015 Thanks guys, my crons are now secured! I went with JMG Gamings suggestion [MENTION=70347]NonStopCoding[/MENTION] For the record I do have a license for Mccodes from 2012 and have pointed it to our domain which was the script from Ravan Mafia Game. I can see how Ravan mafia has ripped Mccodes but after downloading the "latest" version of mccodes it doesnt look like its changed much over the years and is still pretty basic. Thanks for everyone that helped and left there suggestions, much appreciated Quote Link to comment Share on other sites More sharing options...
NonStopCoding Posted March 19, 2015 Share Posted March 19, 2015 Thanks guys, my crons are now secured! I went with JMG Gamings suggestion [MENTION=70347]NonStopCoding[/MENTION] For the record I do have a license for Mccodes from 2012 and have pointed it to our domain which was the script from Ravan Mafia Game. I can see how Ravan mafia has ripped Mccodes but after downloading the "latest" version of mccodes it doesnt look like its changed much over the years and is still pretty basic. Thanks for everyone that helped and left there suggestions, much appreciated well you will be fine then :) good luck with your game Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.