• DrProtocols

    (@drprotocols)


    The tests do not seem to encompass one of the primary reasons why there may be a problem which is due to non-functional WordPress cron system. This is mentioned as one of the “simple requirements”:

    “Wp-Cron needs to be operational, if for some reason cron fails to work for your install, Automatic Updates will also be unavailable”

    In my experience (premium plugin support) many people have no idea about the WordPress cron mechanism and have no idea that is it broken on their site until it is required to be working properly in order to do something that is visible to them rather than something that may just happen in the background that they are totally unaware of anyway.

    The tests as they stand will lead the ordinary user into the false sense of security that that their site will get these automatic security and maintenance updates but if (unbeknownst to them) the WordPress cron is not working on their site then this simply will not happen – and because they are led to believe they will be getting thee updates automatically they will be even less likely to be checking for available updates any other way.

    All the other simple requirements seem to be tested so it would be great to see these tests incorporate a test of the HTTP Loopback access capability to verify that the hosting/site supports WordPress making an access back to itself _and_ also that there is nothing interfering with the actual operation of the cron system in terms of the actual access to wp-cron.php and the triggering of the scheduled tasks.

    This is a great capability but users need to know with reliability whether it will work for them – tests have to test _everything_ that is required. I hope you understand my concern here ??

    https://www.ads-software.com/plugins/background-update-tester/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Andrew Nacin

    (@nacin)

    This would be a great idea. I am not sure how to best implement it. ??

    (The other missing link is whether emails can be sent to confirm success/failure…)

    Thread Starter DrProtocols

    (@drprotocols)

    Making a simple wp_remote_get() to wp-admin/admin-ajax.php is a useful way to test whether actual http loopback is working under the hosting (with no action I believe it returns a 0 or perhaps -1 on older WP versions). If loopbacks are working then that usually works even if there is some maintenance mode type plugin or theme functionality blocking the front-end type access and it _shouldn’t_ be interfered with by caching of any sort AFAIK?

    Then in addition to that to check wp-cron.php in particular perhaps a similar loopback attempt to that file with perhaps the provision of a new query string that indicates a wp-cron.php loopback test so that unlike the standard access a response is returned in the same manner as from admin-ajax.php and then the response can be tested for any any anomaly (or a response timeout) indicates some possible interference.

    Common sources of interference are: maintenance mode plugins that simply block access and almost universally they have no way of “whitelisting” anything to allow access to; or various type of http based security; or any number of other things – but anything other than an expected response should be taken as “requires investigation”.

    Also checking for simple thing like cron being disabled in wp-config.php if that isn’t done already as it is not uncommon for a host to set that without their Customer being aware. If this is set it may of course be because someone is using a server cron but that is hard to tell – so maybe if this was disabled then a string warning that unless you know why it is disabled (i.e., you did it and you know the consequences) then it needs investigation.

    If the alternate cron is enabled then _usually_ that indicates things will work because someone has actually had to go to the trouble of enabling it so they had a reason and they will have checked that it works – and of course that isn’t so easy to check whether it is actually working programmatically.

    Provided the access to wp-cron.php gets through then usually the actual execution is ok.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Missing Verification of WordPress Cron Functionality’ is closed to new replies.