WordPress requires some basic requirements, such as MySQL and the correct version of PHP, to function properly. In addition, you need additional settings for installed plug-ins and themes to work properly.
WP-Cron is one of the such requirements required by the WordPress website to obtain updates and reports in the dashboard. On the other hand, Cloudflare is a popular free CDN service built-in by many hosting companies.
Unfortunately, if you do not configure Cloudflare correctly, it may stop the WP-Cron job from running and cause unwanted problems. If you encounter difficulties, here is where you can try to fix a problem where WP-Cron is not working properly through the Cloudflare CDN setting.
more about WP-Cron
Cron is a command in Unix to schedule jobs to complete tasks in the background. In the WordPress world, WP-Cron is similar to Unix cron jobs and is used to schedule tasks at periodic intervals. Unlike system cron jobs that you can schedule at a specific time, WP-Cron runs and triggers scheduled tasks each time the page loads. Here are some examples to show you what WP-Cron does:
- updates WordPress dashboard gadgets, such as real-time sales gadgets.
- checks for articles in the scheduled state and publishes them as planned. The
- plug-in can run database updates, cache cleanup, and other tasks in the background.
you can also read more details about WP-Cron from the official WordPress page here.
finds WP Cron problems
when there is a problem with the operation of WP-Cron, it will directly affect the operation of scheduled tasks. You can see some failure notifications in the error logs of the dashboard and the server. The following is an example from the WP Rocket plug-in that uses WP-Cron to run a scheduled cache cleanup. If you do not clear the cache, it will slow down your site due to a large number of outdated cached content.
WP Rocket Cron Job problems
you can also use plug-ins such as WP Crontrol to monitor and find cron-related issues on your site. Once you find that there is a problem with WP-Cron, you should check your recent activities on the site. If you enable Cloudflare or change any of the settings in CDN, this is the first place to start troubleshooting.
checks WP Cron problems in Cloudflare the security settings of
Cloudflare allow you to prevent malicious robots. Unfortunately, this can also prevent automated activities like WP-Cron from being used as false positives. The good part is that you can easily find it based on the IP address and query string in the log. Because WP-Cron will run from the IP address of your managed server, you can check blocked entries against your server’s IP for more details.
- if you don’t know the IP address of the server, you can find it in the hosts panel. Alternatively, you can go to the DNS section of your Cloudflare account and find the A record with @, which points to the IP address of your server. After
- , go to the “Security>Overview” section and click the “Add filter” button.
- filters the logs based on the same IP address as the server IP.
- is here, and you should find the “Paths” section that displays “/ wp-cron.php”, as shown in the following figure.
- you can also find other details, such as the reason for blocking, which in our case is “manage defined bots”.
looks up security details for server IP
if you want more details, scroll down the page and view the activity log section. Here, you can find services and actions taken to understand that WP-Cron is blocked due to hosting rule settings and hosting challenges. Depending on your security settings, you may have selected some options with managed challenges.
View the activity log of the server IP
Click the “Edit columns” button to add additional columns that can display more details. Because the IP address already exists, select the Path and Query string check boxes.
selects the path and query string
, which adds additional columns and displays the path and query string to you. As you can see in the screenshot below, the path will be displayed as / wp-cron.php and the query string will display something like? doing_wp_cron.
lookup path and query string details
Related articles:
- WP Rocket-how to set up Cloudflare correctly using the WP Rocket plug-in?
- W3 Total Cache-how to set up Cloudflare correctly using the W3TC plug-in?
uses Cloudflare to fix WP-Cron problems
it is now clear that Cloudflare security settings prevent WP-Cron from running on your own managed server. Try the following options to resolve the problem. You may need to check your WordPress dashboard, use plug-ins, or check the server’s logs, as described above, to make sure that WP-Cron is working properly.
1. Disable absolute automation of the robot
free Cloudflare account has a simple “robot battle mode” to block automatic robots. You can go to the “Security> Bots” section and turn off this option and check that WP-Cron is running on your site.
disable Bots Fight Mode
in your free Cloudflare account if you are using an advanced Cloudflare plan, click the “Configure Super Bot Fight Mode” link in the “Security & gt; Bots” section.
configures super droid battle mode
in Cloudflare. Here, you can see that the “Definitely automated” robot is blocked by the “Managed Challenge” option. This is the “Definitely automated” you see in the activity log, as described above. Since WP-Cron must be automated in the background, Cloudflare can block and cause trouble. Click the drop-down menu and select “Allow”, Cloudflare will automatically save your settings.
Allow absolutely automated robot
in most cases, this will solve the problem that Cloudflare’s WP-Cron does not work.
2. Disable the managed rule under WAF
if you allow the robot to fail to solve the problem, the next option is to disable the managed rule automatically set by Cloudflare. Depending on the platform you use, Cloudflare will automatically enable some Web Application Firewall (WAF) rules to protect your site. You can go to the “Security> WAF” section and find the rules enabled for your site under the “Managed rules” section. Simply disable the “Managed rules” option to turn it off.
disables the managed WAF rule
in Cloudflare or, go to the page and disable only the Cloudflare WordPress rule set.
disable Cloudflare WordPress rule set
now, check that your WP-Cron is running without WAF rules from Cloudflare.
3. Whitelisting your server in IP access rules
disabling the WAF rule set is risky, which may undermine the purpose of Cloudflare security. Although you can use plug-ins such as Wordfence and AIOWPS to add firewalls, the best option is to allow your site’s server IP in the Cloudflare WAF settings. When you are in the WAF section of your Cloudflare account, go to the Tools tab. Enter your server IP, select the allow and this site option, and then click the Add button. This will add an exception and avoid blocking the activity of your own server, such as WP-Cron jobs.
adds IP exception
summary to bypass the Cloudflare firewall
Cloudflare is a popular CDN and security service, but it does not recognize another popular WP-Cron job required by the WordPress site. This is understandable because plug-ins can run WP-Cron for different reasons and cause security problems on your site.
Unfortunately, even manually scheduling cron jobs on the server will not solve the problem, because plug-in developers may use the default WP-Cron jobs. The solution is to disable the robot to protect or exclude the IP address of the server, which will allow WP-Cron jobs to run.