Security and privacy

 
 
Picture of d.w jones
http to https
 

our moodle has been hacked and need to turn it into a https i dont know how to do this , any ideas please?.

Also we are moveing from 2.2 to 2.3 at the end of the week. can anybody adivse us on waiting until 2.3 before the http to https or shall we do it now.

thank you.

 
Average of ratings: -
James Richardson
Re: http to https
 

Hello D.W.!

Wow! Sorry to hear your site was hacked. You can force SSL for your Moodle site by doing the following.

  1. Edit the config.php file in the Moodle directory
  2. Change the following:
    $CFG->wwwroot   = 'http://yourdomain.com';
    to
    $CFG->wwwroot   = 'https://yourdomain.com';
  3. Then set a redirect up in your .htaccess to do redirect to the https:// of your site. The code will look like the following.
    RewriteEngine On 
    RewriteCond %{SERVER_PORT} 80 
    RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

This should force the site to go to your SSL connection instead of the Non SSL connection. I also wrote and article on forcing SSL sitewide that has more details. Hopefully you can get your site restored with now hacks in it. Hope this helps.

Take care

James R

 
Average of ratings:Useful (1)
Picture of d.w jones
Re: http to https
 

we have turned to https now with a licence file and all is well with our site.

 
Average of ratings: -