Security and privacy

How to keep your Moodle site secure and methods for increasing privacy.

Documentation: Security, Security FAQ and Increasing privacy in Moodle
Forum moderator: Dan Poltawski

Before starting a new discussion topic, please check the Security FAQ and try a forum search.

DO NOT REPORT NEW VULNERABILITIES HERE!

New security issues should be reported in the Moodle Tracker with an appropriate security level.


Page: 1 2 3 4 5 6 7 8 9 10 11 ()
DiscussionStarted byRepliesLast post
EU General Data Protection Regulation (GDPR) compliance Martin Dougiamas Martin Dougiamas 12 Ralf Hilgenstock
Fri, 26 May 2017, 11:22 PM
settings for multiple manager(admin) for each organization Picture of Anand Vadivelu Anand Vadivelu 0 Anand Vadivelu
Fri, 19 May 2017, 7:34 PM
Antivirus Picture of Ripa Desai Ripa Desai 1 John Okely
Thu, 18 May 2017, 10:17 AM
Moving to HTTPS everywhere Picture of Michael Aherne Michael Aherne 3 Mathew Gancarz
Wed, 17 May 2017, 11:46 PM
Security Issue in Moodle 3.2.2: Can you tell me what happened with my content as a Administrator and teacher of a course? Picture of Ricardo Rodriguez Ricardo Rodriguez 1 Emma Richardson
Wed, 17 May 2017, 11:26 AM
Guide to ssl certificate https linux ubuntu apache Picture of Christian Kristiansen Christian Kristiansen 10 Ken Task
Tue, 16 May 2017, 12:20 AM
Daniel Esterly - Is Moodle secure to use with Windows 10 Picture of Daniel Esterly Daniel Esterly 1 John Okely
Mon, 15 May 2017, 8:39 AM
is it possible that category administrator can upload new user and course Picture of rajani gupta rajani gupta 1 Just H
Thu, 11 May 2017, 1:22 PM
settings required to do for running diff ministry sites on single moodle installation Picture of rajani gupta rajani gupta 1 Emma Richardson
Wed, 10 May 2017, 7:53 PM
Access to lesson activities Picture of Joe Chacha Joe Chacha 0 Joe Chacha
Sat, 6 May 2017, 1:00 AM
NET::ERR_CERT_AUTHORITY_INVALID 3.2.2 Picture of David Robertson David Robertson 7 Dave Perry
Wed, 3 May 2017, 11:34 PM
Manager role with system role - only view site page forum, search for users too Picture of Usman Arshad Usman Arshad 2 Usman Arshad
Thu, 27 Apr 2017, 10:30 PM
How do I remove "Forgotten your username or password?" in moodle 3.2 Picture of Obuntu Cracks Obuntu Cracks 1 Jon Bolton
Sun, 23 Apr 2017, 2:21 AM
How to display home page for non-login user ? Picture of Imran Patel Imran Patel 2 Jon Bolton
Mon, 17 Apr 2017, 8:31 PM
Reviewing messages table for bullying incidents Picture of DR LMS DR LMS 1 Mike Hoddee
Tue, 11 Apr 2017, 5:26 PM
security issue Picture of Anderson Hsu Anderson Hsu 4 Mike Hoddee
Tue, 11 Apr 2017, 5:23 PM
Site policy > empty frame Picture of Daniel S Daniel S 4 Ken Task
Mon, 10 Apr 2017, 9:04 PM
Plugins security and privacy Picture of Thomas Barna Thomas Barna 2 Jon Bolton
Fri, 31 Mar 2017, 8:36 PM
Is the unoconv installation a security risk? Picture of Matthew Davidson Matthew Davidson 25 Tim Gildersleeve
Tue, 28 Mar 2017, 5:53 PM
Recaptcha Picture of Miyone G Miyone G 3 Randy Thornton
Tue, 28 Mar 2017, 2:08 AM
Applying patch to protect against CVE-2017-2641 Picture of B J B J 18 Nadav Kavalerchik
Sat, 25 Mar 2017, 7:38 AM
3.1.4 - new security Announcement: MDL-57597 and MDL-57596 competency Picture of Monica Franz Monica Franz 7 Monica Franz
Fri, 24 Mar 2017, 7:01 PM
What are the best practices to determine if site was affected by security vulnerability Picture of Rex Lorenzo Rex Lorenzo 1 Randy Thornton
Fri, 24 Mar 2017, 1:48 AM
Folder Password in Moodle Picture of Yonten Jamtsho Yonten Jamtsho 1 Mary Cooch
Fri, 17 Mar 2017, 3:46 PM
Moodle not caching/Storing LDAP username and passwords Picture of RSA NOC RSA NOC 7 RSA NOC
Wed, 15 Mar 2017, 2:49 AM
Help with redirect from HTTP to HTTPS Picture of Carolyn McIntyre Carolyn McIntyre 1 Carolyn McIntyre
Wed, 8 Mar 2017, 11:33 PM
Moodle acting as OAuth2 server Picture of Hille Hille Hille Hille 0 Hille Hille
Thu, 2 Mar 2017, 1:26 AM
Restrict Access to Categories By User Picture of William Workman William Workman 5 John Provasnik
Tue, 28 Feb 2017, 10:42 AM
Cloudflare Security Issue Picture of Matt Spurrier Matt Spurrier 1 Randy Thornton
Tue, 28 Feb 2017, 9:47 AM
How to restrict users who are not using office's computer? Picture of Fung Tony Fung Tony 3 Jon Bolton
Thu, 23 Feb 2017, 8:32 PM
SQL-Injection Picture of Fabienne Neveu Fabienne Neveu 7 James McLean
Fri, 17 Feb 2017, 6:04 AM
Avoiding LDAP data in plain text when you check the source code from a browser Picture of Robespierre Galindo Robespierre Galindo 3 Randy Thornton
Thu, 16 Feb 2017, 6:50 AM
task: download all submissions is possible even when you only are allowed to assess one Picture of Jeus Perez Jeus Perez 2 Dave Perry
Mon, 13 Feb 2017, 7:13 PM
Redis Sessions Picture of John Rickard John Rickard 0 John Rickard
Fri, 10 Feb 2017, 1:30 AM
Move to secure protocol (https) issues Picture of Wes Matchett Wes Matchett 8 Ken Task
Wed, 8 Feb 2017, 8:38 AM
Use Self-Signed Certificate Picture of mimi nom mimi nom 5 mimi nom
Tue, 7 Feb 2017, 10:44 PM
Can't change a password for the student Picture of Jesse Techno Jesse Techno 2 Jesse Techno
Fri, 3 Feb 2017, 2:49 AM
PHPMailer vulnerability in no-reply address Picture of mimi nom mimi nom 4 mimi nom
Tue, 31 Jan 2017, 4:10 PM
loginhttps true = too many redirects? Picture of Christos Savva Christos Savva 8 Christos Savva
Fri, 20 Jan 2017, 5:16 PM
ClamAV Picture of Pieter Portier Pieter Portier 0 Pieter Portier
Wed, 18 Jan 2017, 10:37 PM
[Security] How to protect source code and database from hosting company Picture of Huy Lam Huy Lam 7 Dave Perry
Mon, 16 Jan 2017, 7:01 PM
"Guest user has logged in" ? Picture of g k g k 2 Ken Task
Mon, 9 Jan 2017, 12:12 AM
[Security] Moodle showed all users to Sub Category Manager Picture of Huy Lam Huy Lam 1 Emma Richardson
Sat, 7 Jan 2017, 3:27 AM
Moodle 3.1.3: Website Adminstration Security Overview Picture of Monica Franz Monica Franz 2 John Okely
Fri, 6 Jan 2017, 9:36 AM
Fun times with Poisoned Cookies! Picture of Robin Stark Robin Stark 1 Randy Thornton
Fri, 23 Dec 2016, 5:20 AM
Limit number of ip adresses per user Picture of marwa bekrar marwa bekrar 4 Robin Stark
Thu, 22 Dec 2016, 7:00 AM
SSL Proxy woes Picture of Ben Steeples Ben Steeples 20 Robin Stark
Thu, 22 Dec 2016, 6:55 AM
Permissions Issues Picture of Aretha Etienne Aretha Etienne 4 Randy Thornton
Thu, 22 Dec 2016, 1:46 AM
SAML auth with users pulled via LDAP Picture of Joel Coehoorn Joel Coehoorn 0 Joel Coehoorn
Wed, 14 Dec 2016, 2:47 AM
Gravatar Advisory: How to Protect Your Email Address and Identity Picture of Nadav Kavalerchik Nadav Kavalerchik 0 Nadav Kavalerchik
Fri, 9 Dec 2016, 4:14 AM
Caching Picture of Aretha Etienne Aretha Etienne 0 Aretha Etienne
Wed, 7 Dec 2016, 4:23 AM
How secure is using admin/tool/uploaduser/index.php Picture of callum Wood callum Wood 3 Matt Bury
Tue, 6 Dec 2016, 1:12 AM
Hiding email addresses in Moodle 2.6 forums Picture of John Edmiston John Edmiston 3 Randy Thornton
Sat, 3 Dec 2016, 7:08 AM
Allow view-only access to user list Picture of Joe Behymer Joe Behymer 5 Randy Thornton
Fri, 2 Dec 2016, 9:45 AM
"view courses without participation" - not wanted / and changed? Picture of Klaas Hobo Klaas Hobo 5 Klaas Hobo
Sat, 19 Nov 2016, 12:28 AM
help: how to get rid of these terrible infinite recaptcha loops Pieter van der Hijden Pieter van der Hijden 0 Pieter van der Hijden
Fri, 18 Nov 2016, 4:46 AM
Single sign in from a student registration portal Picture of Abdulrauf Yamta Abdulrauf Yamta 1 Christopher McCool
Fri, 18 Nov 2016, 12:42 AM
Moodle was hacked, how can I modify the index.php Picture of Louis Lawson Louis Lawson 10 Ken Task
Tue, 15 Nov 2016, 9:50 PM
Moodle was hacked, how can I modify the index.php Picture of Louis Lawson Louis Lawson 2 Ken Task
Mon, 14 Nov 2016, 12:20 PM
Access to label's files prevented by user's rights? Picture of Philippe Decloitre Philippe Decloitre 2 T W
Fri, 11 Nov 2016, 12:13 AM
I think our Moodle site just survived a serious HACK attempt RabNawaz RabNawaz Panhyar 8 RabNawaz Panhyar
Tue, 8 Nov 2016, 12:29 PM
MySQL / MariaDB / PerconaDB - Root Privilege Escalation Picture of Grant Mucha Grant Mucha 0 Grant Mucha
Fri, 4 Nov 2016, 5:39 AM
How to make sure Accounts get not shared? Max 3 IPs for 1 user Picture of Sven Faltin Sven Faltin 1 James McLean
Wed, 26 Oct 2016, 7:04 AM
Katharine Edson - How secure is to use Moodle? Picture of Katharine Edson Katharine Edson 5 Christopher McCool
Sat, 22 Oct 2016, 2:37 AM
how to restrict domain myname moodle question 3 Helen Foster
Fri, 21 Oct 2016, 3:13 PM
Can I have moodle 2.9 onward function without a single cookie? Picture of Baljé Weber Baljé Weber 0 Baljé Weber
Mon, 17 Oct 2016, 5:38 PM
Windows PowerShell of AD Users to JSON Endpoint Fails to Upload Data Picture of Tim West Tim West 0 Tim West
Mon, 17 Oct 2016, 6:59 AM
How to add/allow "unsecure" code examples as text in Moodle pages Picture of Til Edward Til Edward 9 Til Edward
Sat, 15 Oct 2016, 9:15 PM
Moodle 2.9 apache can access moodle files Picture of Zola Anderson Zola Anderson 1 Tim Hunt
Sat, 15 Oct 2016, 7:51 PM
Security Question Picture of Andrew Taylor Andrew Taylor 20 Howard Miller
Tue, 11 Oct 2016, 9:49 PM
Alternatives to reCaptcha moi!!! it is what is is... Colin Fraser 3 Rick Jerz
Sat, 24 Sep 2016, 6:20 AM
How to fix a mix of secure and insecure content? Picture of Arturs Polis Arturs Polis 3 Luke Barone
Sat, 24 Sep 2016, 2:58 AM
New Profile field not working as a course restriction Picture of Anne Sherman Anne Sherman 3 Helen Foster
Thu, 15 Sep 2016, 6:10 PM
Hiding users in grade reports Picture of bart de bie bart de bie 3 Emma Richardson
Tue, 13 Sep 2016, 9:44 PM
forgotten password stopped working with https Picture of Martin Millmore Martin Millmore 2 Martin Millmore
Tue, 13 Sep 2016, 3:37 PM
My homepage (frontpage) before login is only showing the login module Picture of Stefan Stefansson Stefan Stefansson 2 Stefan Stefansson
Tue, 6 Sep 2016, 5:41 PM
Secure Cookies Me Oliver Marugg 1 John Okely
Fri, 2 Sep 2016, 10:52 AM
IP Blocker - help Picture of Paul Baumeister Paul Baumeister 16 Ernani Veloso Freire
Thu, 1 Sep 2016, 9:48 PM
dbuser hash for password in config.php? Picture of J C J C 4 Wissam Nahas
Wed, 31 Aug 2016, 3:02 PM
Autologin with the special account Picture of Grigorii Andreev Grigorii Andreev 0 Grigorii Andreev
Sun, 28 Aug 2016, 10:06 PM
cross domain ajax in script Picture of Bradley Botkin Bradley Botkin 5 Bradley Botkin
Wed, 17 Aug 2016, 7:16 PM
Category Permissions and Restrictions Picture of David Van Thillo David Van Thillo 0 David Van Thillo
Wed, 17 Aug 2016, 2:04 AM
Moodle should not force a password change Picture of Irma Boks - Eek Irma Boks - Eek 6 Irma Boks - Eek
Wed, 10 Aug 2016, 11:05 PM
Captcha alternatives? Picture of Tom Litchfield Tom Litchfield 7 Visti Larsen
Thu, 4 Aug 2016, 4:35 PM
Issues with a virus in Moodle 3.0.2+ Picture of Luis Pu Luis Pu 7 Ken Task
Wed, 3 Aug 2016, 2:49 AM
Read Only Site Picture of Kehinde Okesanjo Kehinde Okesanjo 9 Antonio Negro
Sat, 30 Jul 2016, 8:31 PM
Httpoxy vulnerabilities in php addressed? Picture of Jerry Lau Jerry Lau 1 Ken Task
Fri, 29 Jul 2016, 8:21 AM
Password Security in moodle 2.9 or greater Picture of Sanmeet Singh Sanmeet Singh 4 Sanmeet Singh
Tue, 19 Jul 2016, 2:49 PM
SSL certificate issues Picture of raghav agarwal raghav agarwal 23 James McLean
Tue, 19 Jul 2016, 7:52 AM
Restricting Access to URL in course Picture of philipp lesmana philipp lesmana 0 philipp lesmana
Thu, 14 Jul 2016, 3:21 AM
Installing ssl certificates in moodle server Picture of Christine Mburu Christine Mburu 2 Linda Petty
Wed, 13 Jul 2016, 4:53 PM
Server breached front-end - malicious files uploaded Picture of Michael Iscool Michael Iscool 19 Ken Task
Fri, 8 Jul 2016, 9:58 PM
Should I use SSL for Login? Why not? Picture of Paul L Paul L 8 Dave Perry
Thu, 23 Jun 2016, 9:01 PM
Remove login link from pages or disable logging in for users Picture of Jordan Floyd Jordan Floyd 4 Leticia Dark-rose
Tue, 21 Jun 2016, 12:04 PM
setup https via F5 Picture of Jaifar Al Shizawi Jaifar Al Shizawi 2 Bret Miller
Mon, 13 Jun 2016, 10:35 PM
How to hide/disable courses and quiz? Picture of Lucilla Wang Lucilla Wang 17 Lucilla Wang
Mon, 6 Jun 2016, 10:28 AM
SECURITY WARNING! (moodledata) Picture of Can Yasa Can Yasa 3 Can Yasa
Thu, 2 Jun 2016, 9:16 AM
Making students invisible to each other. Picture of Shoned Jones Shoned Jones 2 Richard Oelmann
Wed, 1 Jun 2016, 12:10 AM
Moodle Security Picture of Ben Keough Ben Keough 5 James McLean
Mon, 30 May 2016, 7:49 AM
Reset of admin password Picture of David Paige David Paige 9 Ranil Peiris
Thu, 26 May 2016, 7:46 AM
Page: 1 2 3 4 5 6 7 8 9 10 11 ()