Run wp-cron on all public sites in a multisite network (REST API based).
"You could have done this with a simple cron job. Why use this plugin?"
I have a cluster of WordPress sites. I did run a shell script calling wp cli, but the race condition was a problem. I needed a way to run wp-cron on all sites without overlapping. This plugin was created to solve that problem.
- Download
all-sites-cron.zip - Upload via
Network > Plugins > Add New > Upload Plugin - Network Activate the plugin.
- Disable WordPress default cron in
wp-config.php:define( 'DISABLE_WP_CRON', true );
Also available via Composer:
composer require soderlind/all-sites-cronUpdates
- Plugin updates are handled automatically via GitHub. No need to manually download and install updates.
The plugin exposes a REST API route that triggers cron across your network.
JSON usage:
https://example.com/wp-json/all-sites-cron/v1/run GitHub Actions plain text (add ?ga=1):
https://example.com/wp-json/all-sites-cron/v1/run?ga=1 Deferred mode (add ?defer=1 - responds immediately, processes in background):
https://example.com/wp-json/all-sites-cron/v1/run?defer=1 🚀 Redis Queue Support: If Redis is available, deferred mode automatically uses Redis for job queuing (more reliable and scalable). See Redis Queue documentation or Quick Start.
Combine parameters (GitHub Actions + Deferred):
https://example.com/wp-json/all-sites-cron/v1/run?ga=1&defer=1 Adding ?ga=1 outputs results in GitHub Actions compatible format:
- Success:
::notice::Running wp-cron on X sites - Error:
::error::Error message
Example GitHub Action success notice
-
(Preferred) Use a service like cron-job.org, pingdom.com, or easycron.com to call the endpoint every 5 minutes.
-
System Crontab (every 5 minutes):
*/5 * * * * curl -s https://example.com/wp-json/all-sites-cron/v1/run- GitHub Actions every 5 minutes. (5 minutes is the shortest interval in GitHub Actions):
name: All Sites Cron Job on: schedule: - cron: '*/5 * * * *' env: CRON_ENDPOINT: 'https://example.com/wp-json/all-sites-cron/v1/run?ga=1&defer=1' jobs: trigger_cron: runs-on: ubuntu-latest timeout-minutes: 5 steps: - run: | curl -X GET ${{ env.CRON_ENDPOINT }} \ --connect-timeout 10 \ --max-time 30 \ --retry 3 \ --retry-delay 5 \ --silent \ --show-error \ --failNote: Using defer=1 is recommended for GitHub Actions to prevent timeout errors on large networks.
Below is a complete list of filters provided by the plugin (including Redis + legacy aliases) that let you tune execution, performance, and infrastructure behavior.
| Filter | Type | Default | Purpose | Since |
|---|---|---|---|---|
all_sites_cron_rate_limit_seconds | int | 60 | Cooldown between runs (rate limiting) | 1.2.0 |
all_sites_cron_number_of_sites | int | 1000 | Max sites processed in one invocation | 1.0.7 (renamed 1.3.0) |
all_sites_cron_batch_size | int | 50 | Sites processed per batch (memory control) | 1.3.0 |
all_sites_cron_request_timeout | float | 0.01 | HTTP timeout per site cron dispatch (non-blocking) | 1.0.6 (renamed 1.3.0) |
all_sites_cron_use_redis_queue | bool | is_redis_available() | Whether deferred mode should use Redis queuing | 1.5.0 |
all_sites_cron_redis_host | string | 127.0.0.1 | Redis host for queue operations | 1.5.0 |
all_sites_cron_redis_port | int | 6379 | Redis port | 1.5.0 |
all_sites_cron_redis_db | int | 0 | Redis database index | 1.5.0 |
all_sites_cron_redis_queue_key | string | all_sites_cron:jobs | Redis key (list) that stores queued jobs | 1.5.0 |
https_local_ssl_verify | bool | false (contextual) | Core WP: SSL verification for local HTTP | (core) |
Notes:
https_local_ssl_verifyis a WordPress core filter, not defined by this plugin; we simply honor it when dispatching non‑blocking HTTP requests. See core docs for broader usage.- Legacy
dss_cron_*filters are still applied first internally (for backward compatibility) via theget_filter()helper, then the newerall_sites_cron_*version. Migrate to the new names; legacy ones will be removed in a future major release.
Rate limiting:
add_filter( 'all_sites_cron_rate_limit_seconds', fn( $seconds ) => 120 ); // 2 minutes between runsLimit total sites:
add_filter( 'all_sites_cron_number_of_sites', fn( $max ) => 500 ); // Cap total processed sitesBatch size:
add_filter( 'all_sites_cron_batch_size', fn( $batch ) => 25 ); // Smaller batches to reduce memoryRequest timeout:
add_filter( 'all_sites_cron_request_timeout', fn( $timeout ) => 0.05 ); // 50ms per site dispatchForce Redis (or disable):
add_filter( 'all_sites_cron_use_redis_queue', fn( $use ) => true );Redis connection:
add_filter( 'all_sites_cron_redis_host', fn() => 'redis.internal' ); add_filter( 'all_sites_cron_redis_port', fn() => 6380 ); add_filter( 'all_sites_cron_redis_db', fn() => 2 );Custom queue key:
add_filter( 'all_sites_cron_redis_queue_key', fn() => 'network_cron:jobs' );Enable SSL verification (core filter):
add_filter( 'https_local_ssl_verify', '__return_true' );Large Network Configuration (1000+ sites):
// Process more sites in smaller batches add_filter( 'all_sites_cron_number_of_sites', fn() => 2000 ); add_filter( 'all_sites_cron_batch_size', fn() => 25 ); add_filter( 'all_sites_cron_rate_limit_seconds', fn() => 180 ); // 3 minutesSmall Network Configuration (< 100 sites):
// Faster processing with larger batches add_filter( 'all_sites_cron_batch_size', fn() => 100 ); add_filter( 'all_sites_cron_rate_limit_seconds', fn() => 30 ); // 30 secondsDevelopment/Testing Configuration:
// More aggressive settings for testing add_filter( 'all_sites_cron_rate_limit_seconds', fn() => 10 ); // 10 seconds add_filter( 'all_sites_cron_batch_size', fn() => 5 ); add_filter( 'all_sites_cron_request_timeout', fn() => 0.1 );Legacy aliases still applied (old → new):
| Legacy | Current | Notes |
|---|---|---|
dss_cron_rate_limit_seconds | all_sites_cron_rate_limit_seconds | Cooldown between runs |
dss_cron_number_of_sites | all_sites_cron_number_of_sites | Total sites cap |
dss_cron_request_timeout | all_sites_cron_request_timeout | Per-site HTTP timeout |
dss_cron_sites_transient | (removed) | Removed in 1.3.0 (batch processing made it obsolete) |
Migration tip:
// Old: add_filter( 'dss_cron_number_of_sites', fn() => 300 ); // New: add_filter( 'all_sites_cron_number_of_sites', fn() => 300 );All filter callbacks receive the current value as the first parameter. You can modify relative to the incoming value instead of hard‑coding:
// Increase existing rate limit by 30 seconds (but cap at 300): add_filter( 'all_sites_cron_rate_limit_seconds', fn( $seconds ) => min( $seconds + 30, 300 ) ); // Halve the batch size dynamically (never less than 10): add_filter( 'all_sites_cron_batch_size', fn( $batch ) => max( 10, (int) floor( $batch / 2 ) ) ); // Scale the max sites based on environment variable: add_filter( 'all_sites_cron_number_of_sites', fn( $current ) => getenv( 'ASC_MAX_SITES' ) ? (int) getenv( 'ASC_MAX_SITES' ) : $current ); // Add a safety floor for the request timeout (never below 0.01): add_filter( 'all_sites_cron_request_timeout', fn( $timeout ) => max( 0.01, $timeout ) ); // Dynamically choose Redis queue key per environment (prefix existing): add_filter( 'all_sites_cron_redis_queue_key', fn( $key ) => 'prod_' . $key );If called again before the cooldown finishes the API returns HTTP 429 with JSON:
{ "success": false, "error": "rate_limited", "message": "Rate limited. Try again in 37 seconds.", "retry_after": 37, "cooldown": 60, "last_run_gmt": 1696071234, "timestamp": "2025-09-30 12:35:23" }Headers include: Retry-After: <seconds>.
- No rewrite rules to flush: activation is simpler and avoids edge cases with 404s or delayed availability.
- No unexpected 301 canonical/trailing‑slash redirects: direct, cache‑friendly 200 responses.
- Versioned, discoverable endpoint (
/wp-json/all-sites-cron/v1/run) integrates with the WP REST index and tooling. - Consistent structured JSON by default plus optional GitHub Actions text via
?ga=1. - Proper HTTP status codes (e.g. 429 for rate limiting, 400 for invalid context) instead of a blanket 200.
- Easy extensibility: future endpoints (status, logs, defer mode, auth) can be added under the same namespace without new rewrites.
- Reduced theme / front‑end interference: bypasses template loading and front‑end filters tied to
template_redirect. - Better compatibility with CDNs and monitoring: REST semantics and headers are predictable and cache‑aware.
- Straightforward integration in external systems (CI/CD, orchestration) that already speak JSON.
- Built‑in argument handling and potential for schema/permission hardening via
permission_callback. - Clean separation of concerns: routing (REST) vs. execution logic (cron dispatcher) improves maintainability.
- Clear place to implement enhancements (rate limiting, future defer/background mode, auth tokens, metrics) with minimal risk.
- Easier automated testing using WP REST API test utilities (no need to simulate front‑end rewrite resolution).
- Avoids canonical redirect filter hacks previously needed to suppress 301s on
/dss-cron. - Safer for multi‑environment deployments (no dependency on rewrite flush timing during deploy pipelines).
All Sites Cron is copyright 2024 Per Soderlind
All Sites Cron is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version.
All Sites Cron is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU Lesser General Public License along with the Extension. If not, see http://www.gnu.org/licenses/.
The plugin was renamed from "DSS Cron" (slug: dss-cron) to "All Sites Cron" (slug: all-sites-cron). The old REST namespace dss-cron/v1 is still registered for backward compatibility, but you should migrate your automation scripts to use all-sites-cron/v1. Legacy WordPress filters like dss_cron_number_of_sites continue to work; new code should use the all_sites_cron_* equivalents.