Security and privacy

 
 
Picture of Paul Baumeister
IP Blocker - help
 

I have been having issues with our office not being able to go to our moodle website. I know it is not our router because at the modem it does not work before it gets to the router.

So, I looked up my IP address and added it to the IP Addresses Allowed list in the Administration=>Security=>IP Blocker.

So, now I cannot access the website from any other IP address. The one that I inputed in the IP Address Allowed will not work since it was already blocked somehow.

So HELP. I cannot remove the IP Address since I cannot go to the website from any IP address. Do I have to change the setting from my database? How do I do that?

When I go there it says, "This site is not available currently." my site is online.apostolicschooloftheology.org

 

 

 
Average of ratings: -
Picture of Ken Task
Re: IP Blocker - help
Group Particularly helpful Moodlers

In your config.php file for the site, add:

$CFG-> blockedip = "";

meaning none are blocked.

If there are any IP addresses in mdl_config table for 'allowip' remove them.  This variable allows ONLY those IP addresses.  A blank value for same opens site up to all IP's:

$CFG-> allowedip = "";

Such lines in config.php override database.

Using any DB tool you have ... phpmyadmin or webmin's MySQL tool or command line mysql, edit the mdl_config table looking for the values shown above. 

Once those edits are made in mdl_config table, one can comment out the lines in the config.php file adding by // in front of them.  Suggest commenting out in-case you don't get it right the next time.  Easy to edit and un-comment to be able to get back in then. ;)

'spirit of sharing', Ken

 

 
Average of ratings:Useful (2)
Picture of Paul Baumeister
Re: IP Blocker - help
 

Thanks. That did it.

 
Average of ratings: -
Picture of Greg Padberg
Re: IP Blocker - help
 

I think the IP Blocker page on Moodle needs some enhancement / improvements.

I had added about 14 CIDR networks to the blocked IP list previously and this seemed to work OK (prevented new Moodle accounts from being created by spammers).

Upon investigating why another school district could not seem to access our Moodle server through a parent-child proxy server configuration, I added the RFC1918 private address space to the addresses (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) to the Allowed IP List, without realizing that any addresses outside of those specified would be blocked from accessing Moodle.  I locked myself out of the server from home, and had to drive back to the office late at night to fix my mistake!

There should be some warning on the Moodle IP Blocker page to indicate this, as there minimal instructions to be found on the IP Blocker page.

 
Average of ratings: -
Picture of Greg Padberg
Re: IP Blocker - help
 

This should help others better understand the IP Blocker, I expect to submit the following into the Moodle Docs some time this week after confirming that our issues have been resolved (having learned a few lessons the hard way):

Be aware that with any entries in the Allowed IP List, the effect is to allow ONLY those IP addresses and block all others. Exercise care with this setting, as it is possible to lock yourself out of Moodle.

If there are entries present in the Blocked IP List, any hosts for which Moodle cannot determine the IP address will be blocked by default. For example, hosts that are behind a web proxy server which does not pass the HTTP headers containing the remote IP address information. In this case Moodle cannot determine the host's IP address with which to compare against the Blocked IP List, so the host is blocked by default. A suggested workaround may be to change the Logged IP address source (getremoteaddrconf setting within Site administration > Server > HTTP > Reverse Proxy) from the default to "REMOTE_ADDR" which will log the IP address of the proxy server instead of the host behind it.

 
Average of ratings: -