Are you experiencing issues with unauthorized usage of your cron jobs and struggling to identify the responsible user? Don’t worry, I have a straightforward solution for you. I’ve developed a script that scans through your users’ cron jobs and sends you a detailed report via email. However, please note that this method requires root access. Let’s get started with the process:

• Login to your server via SSH
• Type:
  cd /root
• Create a new file named “scanCron.sh” using the text editor “pico”:
  pico scanCron.sh
  If “pico” is not available, you can use “nano” instead:
  nano scanCron.sh
• Copy and paste the following code into the file:
  #!/bin/sh
emailAddress=$1
if [ -n "$emailAddress" ] ; then
mycrontmp=/root/scanCron.tmp.$$
for i in `cat /etc/passwd | cut -f1 -d ':' | grep -v '#'`; do
echo "--------------------------------------------------"
echo "Username: ${i}"
echo "--------------------------------------------------"
crontab -u ${i} -l 2>&1
echo "--------------------------------------------------"
done > $mycrontmp
cat $mycrontmp | mail -s "Cron jobs report for `hostname`" ${emailAddress}
rm -f $mycrontmp
else
echo "Please supply a valid email address."
exit
fi
• Save the file by pressing “Ctrl” + “O” in the text editor.
• Grant execution permissions to the script by typing:
  chmod +x scanCron.sh
• To run it, just type:
  ./scanCron.sh [email protected]
Replace “[email protected]” with your preferred email address.

If you wish to automate this process, you can add it to a cron job by following these steps:

• [*] Type:
  crontab -e
• [*] Insert the following after the last line:
  10 1 * * * /root/scanCron.sh [email protected]
  This will run everyday at 1:10am.

This can be applied to cPanel server.

Good luck!