I am trying to configure a Fortinet Fortigate firewall on my dedicated server to comply with Moodle recommended settings. My hosting support needs to know:
"What policies should be allowed through the firewall?”
We tried to activate the firewall with the recommended firewall’s settings and we face a problem that most of the Moodle services stopped working, and the firewall blocked most of the actions on the system.
For example, the firewall blocked the action of editing a section or a topic within a course.
We happen to have just had one (well I think 2) of these installed, and it's still being tuned. Our moodle server is exposed to the net via Microsoft TMG reverse proxy, and they just let TMG through the firewall the same as the old firewall. Internally DNS points to the server directly, and we've not had any trouble of the sort you describe since they switched it in (a week or so ago now). The only issue initially was they forgot to put that server into a 'servers which can go online with no users logged into them' group, so it couldn't talk to turnitin, but they fixed that quickly when we spotted the issue on the first working day after it was switched on.
I can tell you who deployed ours (Stay Logical) - I can't guarantee a free answer, but he may be able to give pointers (ask for Jody).
I have seen it get a bit pinicky as it's more a threat management system and tries to scan everything you're doing (unless, like our servers, they have outbound to anything). And it's doing proxy duties now (we had websense before, though most of the time it was more webNONsense).
Maybe ask for some kind of rule to be created for your moodle traffic so it allows it all? We've seen our old proxy need rules setting up to prevent issues like that.
For our Moodle, we already activated Web Application Firewall service on the Fortigate firewall with the attached settings and still have the same issues.
Generic Attacks; when the user try to use some Moodle functions like edit a topic in the course page.