Thank you for this advice on how to make a moodle installation more secure.
By the way might it be a good idea to also include
php_flag allow_url_fopen 0
in the htaccess file?
Perhaps there are other things that one could include in a standard-improve-security .htaccess file? It might even be included in the installation by default. I seem to remember that there was a generic recommended, ready-to-use htaccess file included with Moodle once. Is it still there somewhere?
Security and privacy
Hacking and security
གྲོས་བསྟུན་འདི་བསྡམས་ཡོདཔ་ལས་ ལན་གསལ་བརྐྱབ་མི་ཚུགས་