Security and privacy

How to keep your Moodle site secure and methods for increasing privacy.

Documentation: Security, Security FAQ and Increasing privacy in Moodle
Forum moderator: Dan Poltawski

Before starting a new discussion topic, please check the Security FAQ and try a forum search.

DO NOT REPORT NEW VULNERABILITIES HERE!

New security issues should be reported in the Moodle Tracker with an appropriate security level.


Page: 1 2 3 4 5 6 7 8 9 10 ()
DiscussionStarted byRepliesLast post
SQL INJECTION javascript-static.js Picture of Daniel Bruno Daniel Bruno 1 Tim Hunt
Tue, Jul 28, 2015, 5:30 AM
Customize user privacy - on user-level Picture of Marjan Milošević Marjan Milošević 0 Marjan Milošević
Fri, Jul 24, 2015, 7:29 PM
Input Validation-File Upload vulnerability Picture of Rogelio Jr. Dela Cruz Rogelio Jr. Dela Cruz 4 James McLean
Thu, Jul 23, 2015, 7:43 AM
New User Email Address Message Picture of Lauren Ziegler Lauren Ziegler 2 Lauren Ziegler
Thu, Jul 16, 2015, 2:51 AM
Admin has access to all passwords Help. darrell Darrell Rea 9 Lazy Django
Mon, Jul 13, 2015, 1:32 AM
Adding SSL Certificate Seal in Moodle-URL Picture of Andre Ferreira Andre Ferreira 2 Andre Ferreira
Sat, Jul 11, 2015, 4:38 PM
How to download the course content using moodle web service Picture of Sameer Kshirsagar Sameer Kshirsagar 0 Sameer Kshirsagar
Fri, Jul 10, 2015, 7:39 PM
No CAPTCHA reCAPTCHA Moodle Picture of Bruno Nogueira Bruno Nogueira 3 John Okely
Tue, Jul 7, 2015, 8:52 AM
The Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext (BREACH) Picture of Joshua Devey Joshua Devey 2 Damyon Wiese
Thu, Jun 25, 2015, 10:50 AM
Access to label's files prevented by user's rights? Picture of Philippe Decloitre Philippe Decloitre 1 Philippe Decloitre
Thu, Jun 25, 2015, 12:25 AM
Security Warnings! Picture of Eliecer Acevedo Patiño Eliecer Acevedo Patiño 0 Eliecer Acevedo Patiño
Tue, Jun 23, 2015, 2:42 AM
Is it safe to create system roles to restrict the access to blocks? Picture of Federica Marra Federica Marra 1 Tim Hunt
Fri, Jun 19, 2015, 8:31 PM
moodle 2.8 security Picture of myelearning system myelearning system 1 Tim Hunt
Fri, Jun 19, 2015, 5:56 PM
Your thoughts on this hypothetical situation (how to prevent and identify) Picture of Joseph Thibault Joseph Thibault 8 Dan Marsden
Thu, Jun 18, 2015, 8:52 AM
users imort and export Picture of amit prajapati amit prajapati 5 Emma Richardson
Wed, Jun 17, 2015, 8:09 PM
Removing Timestamps in Tests and Assignments Picture of Sebastian H. Sebastian H. 0 Sebastian H.
Wed, Jun 17, 2015, 3:31 PM
CSP Picture of Martin Greenaway Martin Greenaway 0 Martin Greenaway
Wed, Jun 17, 2015, 1:11 AM
SSL is not ok with moodle mon site moodle pédagogique stephane lcms.fr 2 Ken Task
Tue, Jun 16, 2015, 8:30 PM
Keeping Members of Paid Courses from Sharing Login Credentials Picture of joseph zabrosky joseph zabrosky 10 joseph zabrosky
Sat, Jun 13, 2015, 12:26 AM
Multiple password for Quiz Picture of vancool black vancool black 1 Rick Jerz
Sun, Jun 7, 2015, 8:15 PM
Web API encryption to push/pull data Gordon McLeod Gordon McLeod 3 Gordon McLeod
Fri, Jun 5, 2015, 3:42 PM
Reset of admin password Picture of David Paige David Paige 7 Ken Task
Wed, Jun 3, 2015, 5:03 AM
Moodlebot...What is it!? Picture of Sherry Stafford Sherry Stafford 2 Sherry Stafford
Wed, Jun 3, 2015, 2:50 AM
Self Enrolment - enrolment key issue Picture of Katrina Nicholson Katrina Nicholson 6 Albert Ramsbottom
Tue, Jun 2, 2015, 11:33 PM
setting the allowed mimetypes for file upload as a security measure 6 Di Juwel 2 Howard Miller
Tue, May 26, 2015, 6:34 PM
Advice on Roles / Permissions for a hierarchichal structure Picture of Phil Carlson Phil Carlson 0 Phil Carlson
Thu, May 21, 2015, 11:09 PM
Read Only Site Picture of Kehinde Okesanjo Kehinde Okesanjo 8 toby saunders
Thu, May 21, 2015, 9:28 PM
Multiple login Picture of Suleiman Umar Suleiman Umar 6 Suleiman Umar
Mon, May 18, 2015, 11:42 PM
Sever Load and Crash My Hero Paul P. 8 Stephen Bourget
Fri, May 15, 2015, 11:42 PM
Browser blocks java script and css on https login page Picture of moodle learner moodle learner 1 James McLean
Fri, May 15, 2015, 7:51 AM
SSO - Shared Cookie with Wordpress Don Don Schwartz 1 Howard Miller
Thu, May 14, 2015, 7:53 PM
Getting weird anonymous account created in one of our Moodle sites François Lizotte François Lizotte 3 Silvia Camacho
Wed, May 13, 2015, 7:39 AM
are security issues pathes already included in the next vessions of moodle? 6 Di Juwel 5 Richard Oelmann
Tue, May 12, 2015, 11:43 PM
IP address Picture of heather brown heather brown 7 Visvanath Ratnaweera
Mon, May 11, 2015, 2:56 AM
Weak SSL Cipher Suites are Supported - Version-1.9.5 Picture of Vinod Kumar Vinod Kumar 26 Vinod Kumar
Sun, May 10, 2015, 11:41 AM
Session and Cookie Picture of Vinod Kumar Vinod Kumar 0 Vinod Kumar
Thu, May 7, 2015, 5:25 PM
Advice please! Is Moodle safe? Picture of jesse magees jesse magees 13 Bret Miller
Tue, May 5, 2015, 3:16 AM
HTTP to HTTPS converter for external content Picture of John Okely John Okely 14 John Okely
Mon, May 4, 2015, 9:45 AM
Session Identifier Not Updated ?? Security Issue? Picture of Richard Wallace Richard Wallace 13 Howard Miller
Sun, May 3, 2015, 8:37 PM
quiz records error? Picture of Tzafi Z Tzafi Z 1 Richard Oelmann
Thu, Apr 30, 2015, 5:43 PM
Wanted: reference on stability/security of Moodle Just wondering . . . Derek Chirnside 0 Derek Chirnside
Fri, Apr 24, 2015, 5:12 AM
Appearance Tab access permission Picture of Hossam eldin Reda Ibrahim Hossam eldin Reda Ibrahim 0 Hossam eldin Reda Ibrahim
Mon, Apr 20, 2015, 3:32 PM
What are your major privacy concerns ? Picture of Ankit Agarwal Ankit Agarwal 1 Visvanath Ratnaweera
Fri, Apr 17, 2015, 7:10 PM
2.7 brute force attack - how to stop Picture of Ian L Ian L 4 Eduardo Kraus
Mon, Apr 13, 2015, 12:06 AM
Student Privacy Picture of David Kirk David Kirk 2 Hartmut Scherer
Wed, Apr 8, 2015, 1:54 PM
Everyone has full access to my site since a crash last week - permissions not respected Picture of Sébastien Petit Sébastien Petit 1 Sébastien Petit
Wed, Apr 1, 2015, 10:03 PM
Allowing students anonymous access to others work Logo CCCC Velson Horie 0 Velson Horie
Wed, Apr 1, 2015, 7:55 PM
File type extensions Picture of Soha Gamal Soha Gamal 0 Soha Gamal
Thu, Mar 26, 2015, 8:12 PM
Google reCaptcha not working Picture of Mark Whalley Mark Whalley 0 Mark Whalley
Thu, Mar 26, 2015, 12:30 AM
How to protect copyright content (videos): your ideas? Picture of Chris Pekar Chris Pekar 1 Ray Morris
Thu, Mar 26, 2015, 12:29 AM
Restrict usernames to be only numeric characters Picture of Tinashe Nyambudu Tinashe Nyambudu 2 Tinashe Nyambudu
Tue, Mar 24, 2015, 2:21 PM
CAS and Login As Functionality Picture of Benjamin Derry Benjamin Derry 1 Matt Rice
Mon, Mar 23, 2015, 10:24 PM
API creation of users - need to force password change Picture of Christopher Molnar Christopher Molnar 1 James McLean
Fri, Mar 20, 2015, 6:35 AM
insert JavaScript via ATO Picture of Shimon Nagar Shimon Nagar 0 Shimon Nagar
Sun, Mar 15, 2015, 6:18 PM
Sharing RSS links Picture of mandy honeyman mandy honeyman 1 jason wilson
Fri, Mar 6, 2015, 5:50 PM
Create a moodle failover system Picture of Chris Pekar Chris Pekar 2 Chris Pekar
Fri, Mar 6, 2015, 4:53 PM
SSL certificate issues Picture of raghav agarwal raghav agarwal 10 Bret Miller
Fri, Mar 6, 2015, 12:37 AM
Best way of securely separating different clients Picture of Chris Webb Chris Webb 1 Robin Woodley
Mon, Mar 2, 2015, 7:09 AM
How to fix XSS trusted users problem Picture of Monico Briseño Monico Briseño 11 Tim Hunt
Fri, Feb 27, 2015, 6:44 PM
Cross-Site Request Forgery (CSRF) in Moodle default pages - help Picture of Vincent Gullotta Vincent Gullotta 15 James McLean
Wed, Feb 25, 2015, 7:57 AM
Setting up a consumer key on a moodle site Picture of David Price David Price 0 David Price
Sun, Feb 22, 2015, 9:02 PM
security overview: default role for all users not change Picture of sonia sonia sonia sonia 1 Mahmut TEKER
Tue, Feb 17, 2015, 5:07 PM
Moodle URL Picture of Sara MAhmoud Sara MAhmoud 2 Sara MAhmoud
Mon, Feb 16, 2015, 7:56 PM
cron url security Picture of H D H D 1 Damyon Wiese
Thu, Feb 12, 2015, 1:24 PM
If you believe technologies will protect your privacy, think twice! Picture of Visvanath Ratnaweera Visvanath Ratnaweera 2 Visvanath Ratnaweera
Thu, Feb 12, 2015, 12:04 AM
Moodle Security Plugin Picture of Erwin Ancheta Erwin Ancheta 2 Erwin Ancheta
Wed, Feb 11, 2015, 1:19 PM
Cloudflare Picture of James Easton James Easton 6 Visvanath Ratnaweera
Tue, Feb 10, 2015, 6:27 AM
2.7.1 hacked Picture of Wendi Daniels Wendi Daniels 12 Visvanath Ratnaweera
Tue, Feb 10, 2015, 6:22 AM
2.7.1 .htaccess files Picture of Wendi Daniels Wendi Daniels 0 Wendi Daniels
Mon, Feb 9, 2015, 4:23 AM
2.7.1 Permissions Picture of Wendi Daniels Wendi Daniels 1 Wendi Daniels
Mon, Feb 9, 2015, 3:06 AM
Hide courses from groups of users Picture of Duanne Scheepers Duanne Scheepers 4 Rose Phoey
Fri, Feb 6, 2015, 1:15 PM
Authentication Kerberos Picture of Marek Grolms Marek Grolms 2 Marek Grolms
Fri, Feb 6, 2015, 4:00 AM
Moodle and SSL: full site SSL and registration form only SSL issues Picture of Marek Kancelarek Marek Kancelarek 1 Marek Kancelarek
Wed, Feb 4, 2015, 7:13 PM
Re: Spammers Using Self Registration Picture of emmanuel oertle emmanuel oertle 4 Chris Wharton
Mon, Jan 26, 2015, 10:27 PM
Automatic https: redirection Picture of Sal Kaceli Sal Kaceli 1 Bret Miller
Sat, Jan 24, 2015, 2:52 AM
Moodle created passwords made easier Picture of Tom Wootton Tom Wootton 2 Tom Wootton
Sun, Jan 18, 2015, 1:01 PM
Hide email address by default Picture of Martin O'Mahony Martin O'Mahony 3 Daniel meanock
Sat, Jan 17, 2015, 7:12 AM
Some students unable to login. Error "...with ID2." Picture of Fred Frazelle Fred Frazelle 2 Fred Frazelle
Thu, Jan 15, 2015, 3:10 PM
Restricting login through portal only Picture of Joan Van Duzer Joan Van Duzer 1 Dave Perry
Tue, Jan 13, 2015, 6:23 PM
Security recommendations - code directory permissions Picture of bruce chambr bruce chambr 2 Tomasz Muras
Mon, Jan 12, 2015, 7:04 PM
Auditing passwords Picture of Tomasz Muras Tomasz Muras 0 Tomasz Muras
Mon, Jan 12, 2015, 3:23 AM
Disabling Login HTTPS Picture of John Okely John Okely 25 John Okely
Mon, Jan 5, 2015, 9:47 AM
More info about security updates Picture of Tiffany Morgan Tiffany Morgan 2 Tiffany Morgan
Mon, Dec 29, 2014, 11:49 PM
Disabling right-click Picture of James Brown James Brown 5 Guilherme Garutti
Mon, Dec 22, 2014, 4:19 AM
Cookie Consent Warning mandatory in Europe CPER logo Rges Cper 3 Rges Cper
Thu, Dec 18, 2014, 4:02 AM
Fingerprint Scanner to Access Moodle Picture of Eddie Sargent Eddie Sargent 1 Joseph Thibault
Tue, Dec 16, 2014, 3:20 AM
MOODLE :: Security Single-SignOn Picture of Lavanya Manne Lavanya Manne 3 Lavanya Manne
Mon, Dec 15, 2014, 12:52 AM
My Moodle site infected with malware: how to fix it? Picture of Luca Oppizzi Luca Oppizzi 5 alice louis
Sat, Dec 6, 2014, 7:07 PM
URL security testing- Any interest? Picture of david millians david millians 2 david millians
Tue, Dec 2, 2014, 9:53 PM
Switch from https to http Picture of Joost Bosschert Joost Bosschert 3 Dave Perry
Mon, Dec 1, 2014, 9:49 PM
Tiny Flaw in Moodle/turnitin Link Picture of Sanjok Gurung Sanjok Gurung 2 Sanjok Gurung
Wed, Nov 26, 2014, 1:01 AM
Preventing teachers from editing the general section of a course Picture of Narissa Bayler Narissa Bayler 2 Narissa Bayler
Mon, Nov 24, 2014, 11:55 AM
worms infect site Picture of Lázaro José Carneiro de Sousa Lázaro José Carneiro de Sousa 16 François Lizotte
Fri, Nov 21, 2014, 10:56 PM
Trusted Permission not working. Picture of Clarence Prudhoe Clarence Prudhoe 3 François Lizotte
Fri, Nov 21, 2014, 10:48 PM
Moodle ClamAV Scan Log? Picture of Sam Pearson Sam Pearson 0 Sam Pearson
Thu, Nov 20, 2014, 8:04 PM
How to increase upload size file only in a specific course Picture of Miki Alliel Miki Alliel 2 Miki Alliel
Mon, Nov 17, 2014, 4:08 PM
Assign roles in System Picture of Roseli Mat Nor Roseli Mat Nor 10 reham ali
Sat, Nov 15, 2014, 7:41 PM
Course Creator Picture of mohamed hammam mohamed hammam 0 mohamed hammam
Thu, Nov 13, 2014, 9:43 PM
Security Question Picture of Mr. Marc Mr. Marc 6 Ken Task
Mon, Nov 10, 2014, 11:18 AM
The path supplied to Clam is invalid Picture of Saeed Amiri Saeed Amiri 14 Ken Task
Sat, Nov 8, 2014, 5:11 AM
Page: 1 2 3 4 5 6 7 8 9 10 ()