My moodle site (1.5.3. version) at http://www.trizthailand.com/elearningx/ was hacked ,(config.php injected with spammed link). I have tried to upgrade it to 1.9.6 version but the Thai fonts in the old database have conflict with UTF-8 (when being upgraded) and can not display correctly, so I started a new site with moodle-1.9.6. at http://www.trizthailand.com/elearning2/ with new database.
The problem is that I still want to refer to the old dicussions in the old forum at the old site. But the hackers keep coming back and inject my config.php all the time even I have changed my password, permission and done all necessary security measures. so I think that the problem must come from the security hole in moodle-1.5.3
Is there any easy way to close the security hole and keep on using moodle-1.5.3 just for forum viewing purpose only ( no other activities like login, registering or enrollment)
Any advices will be highly appreciated.
Anyway to keep on using moodle-1.5.3 just for forum viewing purpose only
Number of replies: 5
In reply to Trizit Benjaboonyazit
Re: Anyway to keep on using moodle-1.5.3 just for forum viewing purpose only
by Chris Collman -
My site administrator is also interested in this, same issues, same versions 
In reply to Chris Collman
Re: Anyway to keep on using moodle-1.5.3 just for forum viewing purpose only
by Helen Foster -
Trizit, I assume you tried upgrading to Moodle 1.6 first and converted your site to Unicode, as explained in the documentation Upgrading to Moodle 1.9?
Sorry I don't know how you can secure your Moodle 1.5 site. My only suggestion would be to contact a Moodle Partner - see http://moodle.com/support/ - for help with upgrading your site to 1.9.
Sorry I don't know how you can secure your Moodle 1.5 site. My only suggestion would be to contact a Moodle Partner - see http://moodle.com/support/ - for help with upgrading your site to 1.9.
In reply to Trizit Benjaboonyazit
Re: Anyway to keep on using moodle-1.5.3 just for forum viewing purpose only
by Frank Ralf -
Hi Trizit,
This might very well not be a problem with Moodle but with the underlying MySQL database.
MySQL switched to using unicode internally from version 4.1. So you will make sure the encoding of your database is correct before upgrading Moodle.
See the following links for further information:
http://dev.mysql.com/tech-resources/articles/4.1/unicode.html
http://dev.mysql.com/doc/refman/5.5/en/charset.html
You cannot upgrade directly from Moodle 1.5 to 1.9 but should upgrade in steps: 1.5 > 1.6. > 1.8. > 1.9. see Upgrading#Upgrading_more_than_one_version and Upgrading_to_Moodle_1.6 for details. There you also find information on the encoding related issues.
hth
Frank
PS
You could post an excerpt of your database for testing purposes.
PPS
MySqlDumper is a very reliable tool for database backups and management: http://www.mysqldumper.net
This might very well not be a problem with Moodle but with the underlying MySQL database.
MySQL switched to using unicode internally from version 4.1. So you will make sure the encoding of your database is correct before upgrading Moodle.
See the following links for further information:
http://dev.mysql.com/tech-resources/articles/4.1/unicode.html
http://dev.mysql.com/doc/refman/5.5/en/charset.html
You cannot upgrade directly from Moodle 1.5 to 1.9 but should upgrade in steps: 1.5 > 1.6. > 1.8. > 1.9. see Upgrading#Upgrading_more_than_one_version and Upgrading_to_Moodle_1.6 for details. There you also find information on the encoding related issues.
hth
Frank
PS
You could post an excerpt of your database for testing purposes.
PPS
MySqlDumper is a very reliable tool for database backups and management: http://www.mysqldumper.net
In reply to Frank Ralf
Re: Anyway to keep on using moodle-1.5.3 just for forum viewing purpose only
Thank you for you all.
My old version moodle uses MySQL 4
My new version moodle uses MySQL 5.1
I have given up trying to upgrade my moodle, it is too good and too complicate for my simple purpose.
just for forum viewing purpose only.
I just wonder where the hackers come in and want to delete that part.
My old version moodle uses MySQL 4
My new version moodle uses MySQL 5.1
I have given up trying to upgrade my moodle, it is too good and too complicate for my simple purpose.
just for forum viewing purpose only.
I just wonder where the hackers come in and want to delete that part.
In reply to Trizit Benjaboonyazit
Re: Anyway to keep on using moodle-1.5.3 just for forum viewing purpose only
by Frank Ralf -
I'd rather help you upgrade your database and installation than wasting time on an outdated and unsecure Moodle installation.
I would recommend to make a local copy of you Moodle installation for developing and testing purposes and try upgrading from 1.5 to 1.9. See Installing AMP for details.
hth
Frank
I would recommend to make a local copy of you Moodle installation for developing and testing purposes and try upgrading from 1.5 to 1.9. See Installing AMP for details.
hth
Frank