Wednesday, June 11, 2014

Adding random number to your cronjob URL

Update on Aug 22, 2014: Adding two more keywords: __account__ and __cronjob__. This feature is now supported in both URL and POST data (click Edit cronjob > More options > select HTTP Method: POST or PUT).

To prevent your web server from caching your cron script result, you can now add these keywords into your URL and POST data, and it'll automatically be replaced with a number when your cronjob is executed:

__random__ will be replaced with a random number
__timestamp__ will be replaced with the current Unix timestamp
__account__ will be replaced with your SetCronJob account ID
__cronjob__ will be replaced with your cronjob ID
(You can suggest more keywords by contacting me.)

For example, you can add it into your cronjob URL like this:
http://yoursite.com/path/to/cron.php?name=value&random=__random__

Each time your cronjob is executed, SetCronJob will replace that keyword with a random number, for example:
http://yoursite.com/path/to/cron.php?name=value&random=1875782368
http://yoursite.com/path/to/cron.php?name=value&random=2100737957
http://yoursite.com/path/to/cron.php?name=value&random=2134219102

If you have any question or need any help, feel free to contact me or leave a comment below.

Thursday, April 10, 2014

Security Update: Heartbleed

Hello all,

You may recently hear about Heartbleed, an OpenSSL bug that allows attackers stealing protected information. 2 years ago, SetCronJob went 100% SSL to make sure your data is safe and secured. Like many other teams, we took action immediately to fix the vulnerability.

Now SetCronJob is no longer vulnerable. You can test it here.

We also regenerate our SSL certificate as recommended by security experts. However, you're strongly recommended to change your password at SetCronJob and many services that you've logged in recently.

BTW, your password is not stored on SetCronJob server. We use the best one-way encrypted function to encode your password, so even when our database is exposed, attackers can't get your plain password.

If you have any questions or concerns, please email me.

Best regards,
Nguyen An Thuan.