I just discovered that in my moodle instance (3.4), many course resources can still be accessed via the direct link even after logout!
In testing today, it appears SCORM links require login again, as expected, i.e. the direct link redirects to the login page if anyone tries to access it after logout.
But files/videos and other resources, e.g .pdf downloads, can still be accessed after logging out, without redirecting to the login page, UNLESS you first clear all browser cookies, only then do the resource pages correctly redirect to login page.
For security, I want to ensure no resources are accessible after logout.
Can anyone tell me what change/s I need to make, to ensure no resources can be accessed after logout?
Many thanks for your help on this!