I am running Moodle version 2.0.1 on a Bluehost shared server. The server is running PHP version 5.2.17. When I am logged in and check Server Notifications, I get the message: Your site configuration my not be secure. Please make sure that your directory (/../../public_html/Moodle/moodledata) is not directly accessible via the web. When I checked with Bluehost tech-support, they told me that this was a Moodle issue and had nothing to do with the host setup. Moodle was installed using Simple Scripts. Another concern is that I can login to my account using 3 different URL's:
.com/Moodle/
.com/Moodle/login/index.php
.com/Moodle/admin
I want to make sure that my site configuration is secure and I don't understand the server notification message and I am wondering if it's normal to be able to login using 3 different URL's.
Thanks in advance for any help to resolve these concerns. I am posting to this forum because the Server Notification mentions a possible security issue.
I am also considering doing an upgrade to Moodle 2.0.2 on the same server running PHP version 5.2.17 to address these issue.