Security and privacy

How to keep your Moodle site secure and methods for increasing privacy.

Documentation: Security, Security FAQ and Increasing privacy in Moodle
Forum moderator: Dan Poltawski

Before starting a new discussion topic, please check the Security FAQ and try a forum search.

DO NOT REPORT NEW VULNERABILITIES HERE!

New security issues should be reported in the Moodle Tracker with an appropriate security level.


Page: 1 2 3 4 5 6 7 8 9 10 ()
DiscussionStarted byRepliesLast post
Database credentials can they be seen? Wellingtonia Tree Heather P 1 Ken Task
Fri, Feb 12, 2016, 10:55 PM
IPV6 address in IP Blocker Picture of rabin sk rabin sk 0 rabin sk
Fri, Feb 12, 2016, 4:45 PM
Maximum Time per Day Picture of Seth Mengal Seth Mengal 10 Mike Churchward
Thu, Feb 11, 2016, 10:44 PM
Is Moodle ok on GitHub? Profile pic Leticia Dark-rose 2 Richard Oelmann
Thu, Feb 11, 2016, 3:47 PM
Move Moodle Config Outside of Web Root Picture of Lewis Hackfath Lewis Hackfath 12 James McLean
Wed, Feb 10, 2016, 6:40 AM
moodle 2.4.3 : script injection in header Picture of razer raz razer raz 8 razer raz
Wed, Feb 10, 2016, 2:04 AM
user id '0' is changing passwords Picture of heli guy heli guy 0 heli guy
Mon, Feb 8, 2016, 3:58 PM
MySQL SSL Connection? Picture of William Voyek William Voyek 4 Mohammed Mohammed
Sun, Feb 7, 2016, 6:54 PM
Moodle SSO using LDAP Picture of Trayton Mitchell Trayton Mitchell 5 Visvanath Ratnaweera
Sat, Feb 6, 2016, 6:15 PM
How do you secure email addresses? Picture of Paul Wakelam Paul Wakelam 9 alex zane
Mon, Feb 1, 2016, 1:57 PM
Blocking access to Users from outside the country Picture of david english david english 12 Matt Bury
Mon, Jan 25, 2016, 10:12 AM
Moodledata ... Moodle Code ... htaccess-dist.txt files Picture of Ken Task Ken Task 0 Ken Task
Mon, Jan 25, 2016, 5:11 AM
Restrict Access to Categories By User Picture of William Workman William Workman 1 John Provasnik
Mon, Jan 25, 2016, 5:11 AM
Moodle not displaying errors Picture of Tyler Whiteley Tyler Whiteley 3 Richard Oelmann
Sun, Jan 24, 2016, 1:33 AM
CSP Picture of Martin Greenaway Martin Greenaway 2 Martin Greenaway
Sat, Jan 23, 2016, 12:45 AM
How to force users password change weekly? IMG Mario Gonzalez 5 Clara MG
Tue, Jan 12, 2016, 4:36 PM
Moodle platform and security. Making the move. Picture of Shane Mundee Shane Mundee 4 Bret Miller
Tue, Jan 12, 2016, 4:18 AM
Advice please! Is Moodle safe? Picture of jesse magees jesse magees 16 Visvanath Ratnaweera
Thu, Jan 7, 2016, 10:54 PM
Authentication problem Picture of eduardo moisa eduardo moisa 1 eduardo moisa
Thu, Jan 7, 2016, 3:50 AM
prevent login from the same ip address for a time Picture of Mohammed awad Mohammed awad 13 Visvanath Ratnaweera
Tue, Jan 5, 2016, 9:45 PM
About Drupal + Moodle integration Picture of Raviteja Yarlagadda Raviteja Yarlagadda 1 Ken Task
Wed, Dec 16, 2015, 9:07 AM
IP addresses used by Moodle's mail servers Picture of Dan OBrien Dan OBrien 6 Dan OBrien
Wed, Dec 16, 2015, 5:17 AM
Visitors can access lesson video by copying link Picture of prashant gupta prashant gupta 3 Richard Oelmann
Wed, Dec 9, 2015, 3:01 PM
How to see who changed letter grades site-wide? Picture of Chris S Chris S 3 John Provasnik
Mon, Dec 7, 2015, 6:59 AM
Restricting guests from viewing the category structure and non guest-enabled courses Picture of Mark Chaney Mark Chaney 0 Mark Chaney
Fri, Dec 4, 2015, 9:53 PM
Using "http head method" in Moodle Picture of Naaman Fallouh Naaman Fallouh 0 Naaman Fallouh
Wed, Dec 2, 2015, 6:57 PM
Topic Hidden and activity show, feature or what? Picture of António Godinho António Godinho 4 António Godinho
Wed, Dec 2, 2015, 4:09 AM
Spam Filter? Picture of Alex Vanden Bosch Alex Vanden Bosch 2 Marcus Green
Tue, Dec 1, 2015, 1:25 AM
can my activity be seen? Picture of murdoc niccals murdoc niccals 6 Just H
Sun, Nov 29, 2015, 11:22 PM
Password Encryption MD5 plain text Picture of Rupesh Kumar Rupesh Kumar 2 Paul Holden
Mon, Nov 23, 2015, 7:56 PM
2.9+ moodle - recaptcha suddenly stopped working Picture of ajeet Singh ajeet Singh 8 John Okely
Tue, Nov 17, 2015, 8:52 AM
Insecure dataroot (yet again) Picture of Visvanath Ratnaweera Visvanath Ratnaweera 13 Visvanath Ratnaweera
Sun, Nov 15, 2015, 7:07 AM
Warning about the config.php file Picture of mimi nom mimi nom 5 Visvanath Ratnaweera
Sat, Nov 14, 2015, 12:27 AM
SSL Proxy woes Picture of Ben Steeples Ben Steeples 6 Chris Murad
Thu, Nov 5, 2015, 7:36 AM
Moodle session tickets not expiring when closing the browser Picture of Shaun Conway Shaun Conway 3 Simon Rediss-Whitfield
Tue, Nov 3, 2015, 12:13 AM
reCAPTCHA is not working Pablo Espanola Pablo Española 2 ajeet Singh
Mon, Nov 2, 2015, 11:12 PM
Security recovery plan Picture of dani dani dani dani 2 Matt Bury
Thu, Oct 29, 2015, 1:58 AM
Block Access to Courses list Picture of Andrew Milner Andrew Milner 0 Andrew Milner
Wed, Oct 28, 2015, 11:14 PM
Moodle crashes when students press F5 (refresh) continuously Picture of Graciano Torrão Graciano Torrão 9 Dan Marsden
Wed, Oct 28, 2015, 5:10 AM
User database Picture of Pal Kerecsenyi Pal Kerecsenyi 3 Richard Oelmann
Tue, Oct 27, 2015, 1:42 AM
How to check if a file was deleted and by whom? Picture of Miguel Da Silva Miguel Da Silva 2 Miguel Da Silva
Mon, Oct 26, 2015, 5:11 AM
SMTP password encryption Picture of Refi Shahul Refi Shahul 2 Refi Shahul
Sun, Oct 25, 2015, 9:58 AM
SSL causing Backup problem René Breedveld René Breedveld 1 René Breedveld
Tue, Oct 20, 2015, 3:44 PM
security test Picture of mohammad hamid mohammad hamid 1 Simon Rediss-Whitfield
Mon, Oct 19, 2015, 10:31 PM
accessing moodle from another site without logging in again Picture of tim lambert tim lambert 1 Jon Bolton
Fri, Oct 16, 2015, 5:23 AM
all the site notes are visible for the teacher Picture of Isaac Marco Blancas Isaac Marco Blancas 1 Jon Bolton
Fri, Oct 16, 2015, 5:19 AM
validation of username length Picture of Irith Herman Irith Herman 0 Irith Herman
Mon, Oct 12, 2015, 7:06 AM
login issue Picture of mohammad hamid mohammad hamid 10 Just H
Sun, Oct 11, 2015, 2:28 PM
Administrator Logging??? Picture of Vincent Gullotta Vincent Gullotta 3 Chris Wharton
Mon, Oct 5, 2015, 4:29 PM
Redirect error after enforcing https Picture of Oliver W Oliver W 0 Oliver W
Sun, Oct 4, 2015, 6:38 PM
Passwords Moodle v2.8 Picture of pat webber pat webber 1 Helen Foster
Fri, Oct 2, 2015, 9:44 PM
Getting user passwords Picture of Chardelle Busch Chardelle Busch 3 Vicke Denniston
Fri, Oct 2, 2015, 4:21 AM
Manager role not function as expected Picture of Trace James Trace James 14 Trace James
Tue, Sep 29, 2015, 10:53 AM
Preventing download of audio files Picture of Anand Anand Anand Anand 2 Roxana Cabrera
Fri, Sep 25, 2015, 10:05 PM
Access Moodle webservice using SAML Token Picture of Nitin Khubani Nitin Khubani 1 Nitin Khubani
Thu, Sep 17, 2015, 2:05 PM
Moving whole site from http to https on LAMP virtual host Picture of Peter DeBruyn Peter DeBruyn 4 Peter DeBruyn
Thu, Sep 17, 2015, 3:15 AM
Open Access / Student User access Picture of Catherine Seeds Catherine Seeds 3 Emma Richardson
Mon, Sep 7, 2015, 11:23 PM
prevent guest from seeing course summary Picture of Scott Brim Scott Brim 1 Scott Brim
Mon, Sep 7, 2015, 10:02 PM
CSRF on moodle pages Picture of Naaman Fallouh Naaman Fallouh 3 Tim Hunt
Mon, Sep 7, 2015, 3:47 PM
Pass through single-sigon authentication Picture of Bryan Ward Bryan Ward 0 Bryan Ward
Sat, Sep 5, 2015, 2:01 AM
Removing the navigation block from Moodle 2.5? Picture of Andrew Leer Andrew Leer 1 Sam Alken
Mon, Aug 31, 2015, 2:15 AM
Force Front page sign in Picture of Edwin Cruz Edwin Cruz 2 Sam Alken
Mon, Aug 31, 2015, 2:03 AM
registration approval Picture of Corey Whatever Corey Whatever 5 Michael Milette
Wed, Aug 26, 2015, 1:59 AM
Pre-Req Course Restrictions - Possible? Beth Haggenjos Beth Haggenjos 5 Andrew Leer
Mon, Aug 17, 2015, 9:24 PM
Session and Cookie Picture of Vinod Kumar Vinod Kumar 1 Daniel Paulo
Tue, Aug 4, 2015, 1:34 AM
Maintenance Mode Picture of Zee Sef Zee Sef 1 Ken Task
Mon, Aug 3, 2015, 6:56 AM
SQL INJECTION javascript-static.js Picture of Daniel Bruno Daniel Bruno 1 Tim Hunt
Tue, Jul 28, 2015, 5:30 AM
Customize user privacy - on user-level Picture of Marjan Milošević Marjan Milošević 0 Marjan Milošević
Fri, Jul 24, 2015, 7:29 PM
Input Validation-File Upload vulnerability Picture of Rogelio Jr. Dela Cruz Rogelio Jr. Dela Cruz 4 James McLean
Thu, Jul 23, 2015, 7:43 AM
New User Email Address Message Picture of Lauren Ziegler Lauren Ziegler 2 Lauren Ziegler
Thu, Jul 16, 2015, 2:51 AM
Admin has access to all passwords Help. darrell Darrell Rea 9 Lazy Django
Mon, Jul 13, 2015, 1:32 AM
Adding SSL Certificate Seal in Moodle-URL Picture of Andre Ferreira Andre Ferreira 2 Andre Ferreira
Sat, Jul 11, 2015, 4:38 PM
How to download the course content using moodle web service Picture of Sameer Kshirsagar Sameer Kshirsagar 0 Sameer Kshirsagar
Fri, Jul 10, 2015, 7:39 PM
No CAPTCHA reCAPTCHA Moodle Picture of Bruno Nogueira Bruno Nogueira 3 John Okely
Tue, Jul 7, 2015, 8:52 AM
The Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext (BREACH) Picture of Joshua Devey Joshua Devey 2 Damyon Wiese
Thu, Jun 25, 2015, 10:50 AM
Access to label's files prevented by user's rights? Picture of Philippe Decloitre Philippe Decloitre 1 Philippe Decloitre
Thu, Jun 25, 2015, 12:25 AM
Security Warnings! Picture of Eliecer Acevedo Patiño Eliecer Acevedo Patiño 0 Eliecer Acevedo Patiño
Tue, Jun 23, 2015, 2:42 AM
Is it safe to create system roles to restrict the access to blocks? Picture of Federica Marra Federica Marra 1 Tim Hunt
Fri, Jun 19, 2015, 8:31 PM
moodle 2.8 security Picture of myelearning system myelearning system 1 Tim Hunt
Fri, Jun 19, 2015, 5:56 PM
Your thoughts on this hypothetical situation (how to prevent and identify) Picture of Joseph Thibault Joseph Thibault 8 Dan Marsden
Thu, Jun 18, 2015, 8:52 AM
users imort and export Picture of amit prajapati amit prajapati 5 Emma Richardson
Wed, Jun 17, 2015, 8:09 PM
Removing Timestamps in Tests and Assignments Picture of Sebastian H. Sebastian H. 0 Sebastian H.
Wed, Jun 17, 2015, 3:31 PM
SSL is not ok with moodle mon site moodle pédagogique stephane lcms.fr 2 Ken Task
Tue, Jun 16, 2015, 8:30 PM
Keeping Members of Paid Courses from Sharing Login Credentials Picture of joseph zabrosky joseph zabrosky 10 joseph zabrosky
Sat, Jun 13, 2015, 12:26 AM
Multiple password for Quiz Picture of vancool black vancool black 1 Rick Jerz
Sun, Jun 7, 2015, 8:15 PM
Web API encryption to push/pull data Gordon McLeod Gordon McLeod 3 Gordon McLeod
Fri, Jun 5, 2015, 3:42 PM
Reset of admin password Picture of David Paige David Paige 7 Ken Task
Wed, Jun 3, 2015, 5:03 AM
Moodlebot...What is it!? Picture of Sherry Stafford Sherry Stafford 2 Sherry Stafford
Wed, Jun 3, 2015, 2:50 AM
Self Enrolment - enrolment key issue Picture of Katrina Nicholson Katrina Nicholson 6 Albert Ramsbottom
Tue, Jun 2, 2015, 11:33 PM
setting the allowed mimetypes for file upload as a security measure 6 Di Juwel 2 Howard Miller
Tue, May 26, 2015, 6:34 PM
Advice on Roles / Permissions for a hierarchichal structure Picture of Phil Carlson Phil Carlson 0 Phil Carlson
Thu, May 21, 2015, 11:09 PM
Read Only Site Picture of Kehinde Okesanjo Kehinde Okesanjo 8 toby saunders
Thu, May 21, 2015, 9:28 PM
Multiple login Picture of Suleiman Umar Suleiman Umar 6 Suleiman Umar
Mon, May 18, 2015, 11:42 PM
Sever Load and Crash My Hero Paul P. 8 Stephen Bourget
Fri, May 15, 2015, 11:42 PM
Browser blocks java script and css on https login page Picture of moodle learner moodle learner 1 James McLean
Fri, May 15, 2015, 7:51 AM
SSO - Shared Cookie with Wordpress Don Don Schwartz 1 Howard Miller
Thu, May 14, 2015, 7:53 PM
Getting weird anonymous account created in one of our Moodle sites François Lizotte François Lizotte 3 Silvia Camacho
Wed, May 13, 2015, 7:39 AM
are security issues pathes already included in the next vessions of moodle? 6 Di Juwel 5 Richard Oelmann
Tue, May 12, 2015, 11:43 PM
IP address Picture of heather brown heather brown 7 Visvanath Ratnaweera
Mon, May 11, 2015, 2:56 AM
Weak SSL Cipher Suites are Supported - Version-1.9.5 Picture of Vinod Kumar Vinod Kumar 26 Vinod Kumar
Sun, May 10, 2015, 11:41 AM
Page: 1 2 3 4 5 6 7 8 9 10 ()