How to Fix WP-Cron Not Working Issue with Cloudflare?

WordPress needs some basic requirements like MySQL and correct PHP version to run properly. In addition, you also need additional setup needed for the installed plugins and theme to work properly. WP-Cron is one such requirement needed for WordPress sites to get updates and reporting in the dashboard. On other hand, Cloudflare is the popular free CDN service that comes in-built with many hosting companies. Unfortunately, if you do not configure it properly it can stop the WP-Cron jobs to run and cause undesired problems. If you are stuck, here are the solutions you can try to fix WP-Cron not working issue in WordPress with Cloudflare CDN.

More About WP-Cron

Cron is a command in Unix for scheduling jobs to complete tasks in background. In WordPress world, WP-Cron is similar to Unix cron job for scheduling tasks with periodic interval. Unlike system cron job which you can schedule for a particular time, WP-Cron runs on each page load and triggers the scheduled tasks. Here are some examples for you to understand what WP-Cron does:

• Update WordPress dashboard widgets like real-time sales widgets.
• Check the posts in scheduled status and publish as per the schedule.
• Plugins can run tasks like database update, cache purge, etc. in the background.

You can also read more details about WP-Cron from the official WordPress page here.

Finding WP Cron Issues

When there is a problem in running WP-Cron, it will directly affect running of scheduled tasks. You can see some failure notices in the dashboard and also in your server’s error log. Below is an example from WP Rocket plugin which uses WP-Cron for running scheduled cache purge. When cache is not purged, it will slow down your site with big size of outdated cached content.   

You can also use plugins like WP Crontrol to monitor and find cron related issues in your site. Once you find there is an issue with WP-Cron, you should check the recent activities you have done on the site. if you have enabled Cloudflare or changed any settings in CDN, then that’s the first place to start your troubleshooting.  

Checking WP Cron Issues in Cloudflare

Cloudflare’s security settings allows you to block bad bots. Unfortunately, this can also block automated activities like WP-Cron as a false positive. The good part is that you can easily find this based on the IP address and query string from the log. Since WP-Cron will run from your hosting server’s IP address, you can check the blocked entries based on your server’s IP to find more details.

• If you do not know you server’s IP address, you can find this from your hosting panel. Alternatively, you can go to the DNS section of your Cloudflare account and find the A record with @ which will point to your server’s IP address.
• After that, go to “Security > Overview” section and click on “Add filter” button.
• Filter the log based on the IP address equals to your server’s IP.
• Here you should find the “Paths” section showing “/wp-cron.php” as shown in the below picture.
• You can also find other details like the reason for blocking which in our case is “manage defined bots”.

If you want to find more details, scroll down on the page and check activity log section. Here you can find the service and action taken to understand WP-Cron was blocked due to managed rules settings with managed challenge. This is based on your security settings where you might have selected some option with managed challenge.

Click on “Edit columns” button to add additional columns that can reveal more details. Since IP address is already present, select “Path” and “Query string” checkboxes.

This will add additional columns and show you the path and query string. As you can see in the below screenshot, path will show as /wp-cron.php and the query string will show something like ?doing_wp_cron.

---

Learn More:

• WP Rocket – How to properly setup Cloudflare with WP Rocket plugin?
• W3 Total Cache – How to properly setup Cloudflare with W3TC plugin?
• SiteGround Webmail – Learn how to setup MX records for SiteGround Webmail in Cloudflare.

---

Fixing WP-Cron Issues with Cloudflare

Now that it is clear that Cloudflare security settings block WP-Cron running on your own hosting server. Try the following options to resolve the issue. You may need to check your WordPress dashboard, use the plugin or check server’s log as explained above to confirm WP-Cron is working fine.

1. Disable Definitely Automated Bots

Free Cloudflare account has a simple “Bot Fight Mode” to block automated bots. You can go to “Security > Bots” section and turn off this option and check if WP-Cron is running on your site.

If you are using premium Cloudflare plans, then click on “Configure Super Bot Fight Mode” link when you are in “Security > Bots” section.

Here you can see the “Definitely automated” bots are blocked with “Managed Challenge” option. This is the “Managed Challenge” you see in the activity log as explained above. Since WP-Cron is definitely automated in the background, Cloudflare will block and cause trouble. Click on the dropdown and select “Allow”, Cloudflare will automatically save your settings.  

In most cases, this will resolve the WP-Cron not working issue with Cloudflare.

2. Disable Managed Rules under WAF

If allowing bots do not fix the issue, then the next option is to disable managed rules automatically set by Cloudflare. However, this option is available only for premium plan users. Based on the platform you use, Cloudflare will automatically enable certain set of Web Application Firewall (WAF) rules to protect your site. You can go to “Security > WAF” section and find the rules enabled for your site under “Managed rules” section. Simply disable the “Managed rules” option to turn it off.   

Alternatively, go down on the page and only disable Cloudflare WordPress ruleset.

Now, check your WP-Cron is running without WAF rules from Cloudflare.

3. Whitelist Your Server in IP Access Rules

Disabling WAF ruleset is risky which may defeat the purpose of Cloudflare security. Though you can use plugins like Wordfence and AIOWPS to add firewall, the best option is to allow your website’s server IP in Cloudflare WAF setting. When you are in WAF section of your Cloudflare account, go to “Tools” tab. Enter you server’s IP, select allow and this website options and click “Add” button. This will add an exception and avoid blocking your own server’s activities like WP-Cron job.

Final Words

Cloudflare is the popular CDN and security service, however, it fails to recognize another popular WP-Cron job required by WordPress sites. This is understandable as plugins can run WP-Cron for different reasons and cause security issue to your site. Unfortunately, even manually scheduling cron job on the server will not resolve the problem as plugin developers may use default WP-Cron job. The solution is to disable bot protection or exclude IP address of your server which will allow running WP-Cron jobs.