Starlin Starlin - 5 months ago 28
PHP Question

Ensure a PHP script is only ever run as a cron job?

How can I ensure a user can not run a PHP script and that it is only ever run as part of a cron job?

Answer Source

You can set an environment variable in your crontab. A line like IS_CRON=1 can be placed at the beginning of your crontab, then check in your php program for get_env("IS_CRON") == 1.

Of course, you should also use file permissions as they're not so easily bypassed. If this is run as part of root's cron, chown root:root yourscript.php and chown 700 yourscript.php.


As ircmaxell says, it'd be better to run as a user other than root assuming you don't need root permissions for what you're doing. I was just taking a guess about your setup.