untagged – Protect wp-cron from hackers
I would like to get help on protecting wp-cron against hackers.
Set up: Lightsail Bitnami Apache server, headless WordPress CMS, frontend is on AWS Amplify.
My wp-admin folder is protected with htpasswd, but my wp-cron can be accessed by hackers. If I protect the whole cms from the root, which is possible since the frontend is on Amplify, the wp-cron won’t work. Alternatively I added some important cron tasks into crontab, but Wordfence has tons of cron job which I don’t feel like I should copied them over to crontab. It’s very important for Wordfence to be run in the backround to protect my cms.
Is there any solution?