Moodle hacked, file permissions in IIS

Re: Moodle hacked, file permissions in IIS

Howard Miller
Number of replies: 3
Core developers 사진 Documentation writers 사진 Particularly helpful Moodlers 사진 Peer reviewers 사진 Plugin developers 사진

Yep - the installation instructions (although somewhat Unix biased) tell you to make sure that the web server user cannot write to the Moodle program directory.

평균 등급 : -
In reply to Howard Miller

Re: Moodle hacked, file permissions in IIS

Dave Keller

So you think completely removing the first entry (IUSR) will bring it in line with recommendations?

Thanks for the replies, much appriciated.

평균 등급 : -
In reply to Dave Keller

Re: Moodle hacked, file permissions in IIS

Howard Miller
Core developers 사진 Documentation writers 사진 Particularly helpful Moodlers 사진 Peer reviewers 사진 Plugin developers 사진

Just change it's permission to 'Read and execute'. What you don't want is write/modify etc.

Sorry, I don't speak Windows but that's the general idea.

평균 등급 : -