Sometime in the last 3 days or so.. somebody was able to get into my Moodle 1.9.13 installation and change the text in my "Course/Site Description" block on my site front page!! I have a couple questions regarding this.. If anybody can give me pointers on this, I sure would appreciate it!
1) Where is this text stored? Is it in a table in mysql, or in a text file somewhere in htdocs?
2) Where would the change of this block be logged? Could I find when and possibly who changed this, if it was done through the Moodle Admin interface?
3) If it wasn't done through Moodle, is there any way to determine when it was done?
I am the only Administrator on the site that has the rights to make that change and as far as I was able to determine, nobody logged in as me during the last week, which is when that block was somehow hacked.
Thanks so much!