How to disable ISPConfig system cronjobs

Greetings,
I recently moved my system from an old VPS running CentOS 7 to a RockyLinux 9 VPS. I ran into several issues where I had a hard time understanding what was going on.

One such example is certbot certificate renewal. Another one is rkhunter. Through a somewhat long investigation, I came to understand that ISPConfig (3.2.12) runs its own scheduled jobs. One the ISPConfig cronjobs, defined in "/usr/local/ispconfig/server/lib/classes/cron.d/100-monitor_rkhunter.inc.php" runs rkhunter with arguments "--update --checkall --nocolors --skip-keypress". This baffled me when I took a look at the rkhunter log file as I couldn't link this set of arguments with a cron job or systemd timer on the system.

I've sifted through the ISPConfig manual I've purchased years ago, but it refers to version 3.1 and is dated September 2016. I'm not sure if it's still relevant. In any case, I haven't found what I was looking for: does the GUI allow seeing the jobs that ISPConfig runs and possibly disabling one?

The reason I am asking this is that I noticed the rkhunter logs growing really fast in size and I was trying to understand what was going on. For instance, in the span of just 48 hours, I found 21 executions in the log file. It's as if the first execution on one day read the entire log file and spewed it again before appending its own lines to it. Therefore, searching for "Info: Start date is", I can see:

• [00:00:08] Info: Start date is Wed Nov 13 12:00:08 AM CET 2024
• [03:44:03] Info: Start date is Wed Nov 13 03:44:03 AM CET 2024
• [03:44:10] Info: Start date is Wed Nov 13 03:44:10 AM CET 2024
• [00:00:08] Info: Start date is Wed Nov 13 12:00:08 AM CET 2024 (a repetition starts here)
• [03:44:03] Info: Start date is Wed Nov 13 03:44:03 AM CET 2024
• [03:44:10] Info: Start date is Wed Nov 13 03:44:10 AM CET 2024
• [00:00:10] Info: Start date is Thu Nov 14 12:00:10 AM CET 2024
• [03:38:03] Info: Start date is Thu Nov 14 03:38:03 AM CET 2024
• [03:38:09] Info: Start date is Thu Nov 14 03:38:09 AM CET 2024
• [00:00:08] Info: Start date is Wed Nov 13 12:00:08 AM CET 2024 (another repetition starts here, only longer)
• [03:44:03] Info: Start date is Wed Nov 13 03:44:03 AM CET 2024
• [03:44:10] Info: Start date is Wed Nov 13 03:44:10 AM CET 2024
• [00:00:08] Info: Start date is Wed Nov 13 12:00:08 AM CET 2024
• [03:44:03] Info: Start date is Wed Nov 13 03:44:03 AM CET 2024
• [03:44:10] Info: Start date is Wed Nov 13 03:44:10 AM CET 2024
• [00:00:10] Info: Start date is Thu Nov 14 12:00:10 AM CET 2024
• [03:38:03] Info: Start date is Thu Nov 14 03:38:03 AM CET 2024
• [03:38:09] Info: Start date is Thu Nov 14 03:38:09 AM CET 2024
• [00:00:09] Info: Start date is Fri Nov 15 12:00:09 AM CET 2024
• [03:44:03] Info: Start date is Fri Nov 15 03:44:03 AM CET 2024
• [03:44:09] Info: Start date is Fri Nov 15 03:44:09 AM CET 2024

Obviously, this is quite odd.

Many thanks.

 

Thanks for your replies, Till. I now have a clearer picture of what's going on.
I have indeed ascribe the first run to the ISPConfig cron job.
My solution to this weird duplication is to use ISPConfig for the scheduled jobs that it handles, and disable the system one (either via cron or via systemd timers) if there's a duplication.