Repositories appear to defeat URL filtering

Repositories appear to defeat URL filtering

by Mark Landis -
Number of replies: 1

It appears that repositories defeat URL filtering.   I hope I am wrong about this.

From what I have seen with Moodle 2.2.x the request comes from the moodle server for searches of say Youtube.  

So what happens in this scenario

Teachers are allowed to use youtube
Students are NOT allowed to use youtube

Normally a browser request comes from a workstation, the user is logged in, and the filtering is done via user logon name.

So if a student logins, attempts to browse to youtube, they are blocked

If a teacher logins, attempts to browse to youtube, they are allowed.

However, it appears that repositories make the request from the moodle server.    So all requests occur from the server, rather than the workstation.

This causes user based URL filtering to fail completely.   You have to either deny all....or allow all.

Is there something I am missing here.  Maybe a setting that causes the repository to make the request occur from the workstation instead of the server?

Average of ratings: -
In reply to Mark Landis

Re: Repositories appear to defeat URL filtering

by Ken Task -
Picture of Particularly helpful Moodlers

Is your server internal (hosted locally and has an IP address within the blocks of IP addresses behind your filter) or is the Moodle server remotely hosted (external)?

In either case, the Moodle server is, in affect, 'acting' as a 'proxy'.  There is no setting in Moodle, of which am aware, for a 'proxy'.  The 'failure', however, is NOT Moodle.  The server, if hosted internally, is, for all practical purposes, just like a workstation inside the LAN.  It is filtering software configuration and capability.  If it is the entities goal to block according to user, then a 'rule' needs to be added to your filtering handles the situation described.

The following might bring debate … so be it!  Maybe it's time to review filtering … technically and philosophically (legally as well).

Consider this … your current setup is user based filtering (Teachers allowed, Students not allowed).  Who says *all* Teachers make 'correct' decisions accessing content? Seems to me, that students would be aware of that 'difference' AND, for those students determined to do, it might encourage those students so inclined to 'borrow' the Teachers accounts.   Case in point:  had a student ask me one time where passwords were kept on a remote multi-user shared system.

IF the Moodle server is acting as a 'proxy' and thus by-passing the filter, is that bad?  Seems a shame to restrict access to a good resource for educating.  What is important is *choice AND  accountability* … who requested what? (and if the content of that which was accessed was not acceptable for educating, then what is the consequence?)  Seems one is punishing all students for fear of what *might* be found/sought - even if the *majority* of students, on their own, would probably NOT make 'in-correct' choices.

I think if one explores roles in Moodle, one might be able to define a role for students (or any Moodle user) who use YouTube in-appropriately where they alone are blocked.

It's worth exploring as '21st century' education is placing teachers (as well as server admins and filtering server admins) in the role of partner to learning and assisting learners in making choices.

'spirit of sharing', Ken

Average of ratings: -