Does anyone know how to fix an insecure dataroot? I've been having problems with people registering on my class website that are not my actual students.
Not sure this is a security issue with 'insecure dataroot', but, rather, a confiiguration issue with the site. There a few ways to assure that only your students register for your courses. Put a key on the courses. When/if a guest user registers an account in Moodle via EMail based authentication and then attempts to enter the course, they are prompted to provide the key (a phrase/line of text) which can only be obtained by the teacher in the course. Change the key after all your true students have signed up.
'spirit of sharing', Ken