Security and privacy

How to keep your Moodle site secure and methods for increasing privacy.

Documentation: Security, Security FAQ and Increasing privacy in Moodle
Forum moderator: Marina Glancy

Before starting a new discussion topic, please check the Security FAQ and try a forum search.

DO NOT REPORT NEW VULNERABILITIES HERE!

New security issues should be reported in the Moodle Tracker with an appropriate security level.


Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 ()
DiscussionStarted byRepliesLast post
PinnedEU General Data Protection Regulation (GDPR) compliance Martin DougiamasMartin Dougiamas 96 Visvanath Ratnaweera
Wed, 9 May 2018, 1:08 AM
GDPR Plugins - some questions Picture of Kerry WattKerry Watt 17 AL Rachels
Tue, 22 May 2018, 11:53 PM
How to assess a data breach Picture of Dom FDom F 5 Visvanath Ratnaweera
Tue, 22 May 2018, 9:40 PM
GDPR plugins: display consent option on first screen? Picture of Stewart CarswellStewart Carswell 0 Stewart Carswell
Tue, 22 May 2018, 7:06 PM
GDPR Course retention varies by qual type Picture of Alicia WallaceAlicia Wallace 7 mart van der niet
Tue, 22 May 2018, 4:26 PM
GDPR Privacy API for advanced grading methods Picture of Marcus GreenMarcus Green 0 Marcus Green
Tue, 22 May 2018, 4:27 AM
DSAR's and Redaction Picture of Tim GildersleeveTim Gildersleeve 2 Tim Gildersleeve
Mon, 21 May 2018, 2:48 PM
GDPR plugins Moodle 3.3 Picture of Ken TaskKen Task 5 Ken Task
Sun, 20 May 2018, 8:42 PM
Plugin support for privacy API (split from EU General Data Protection Regulation (GDPR) compliance) Picture of Jean-Michel VédrineJean-Michel Védrine 3 Jean-Michel Védrine
Sun, 20 May 2018, 7:08 PM
External tool and CSRF Picture of Nicanor GarcíaNicanor García 0 Nicanor García
Wed, 16 May 2018, 11:30 PM
Background info to / clarification on CVE-2017-7298? Picture of Temp AccountTemp Account 0 Temp Account
Wed, 16 May 2018, 1:25 PM
monitoring course changes Picture of Jennifer MeyerJennifer Meyer 3 Jennifer Meyer
Tue, 15 May 2018, 9:19 PM
monitoring course changes Picture of Jennifer MeyerJennifer Meyer 0 Jennifer Meyer
Tue, 15 May 2018, 2:29 AM
Incoming mail configuration with Google accounts detected as insecure Picture of Iñigo Zendegi UrzelaiIñigo Zendegi Urzelai 11 Iñigo Zendegi Urzelai
Mon, 14 May 2018, 3:22 PM
automated backups Picture of Dom FDom F 6 Paul Raper
Mon, 14 May 2018, 3:05 AM
data privacy plugin 3.3.5 hanging in cron Picture of Tim GildersleeveTim Gildersleeve 10 Tim Gildersleeve
Fri, 11 May 2018, 4:08 PM
ClamAV - clamdscan Picture of callum Woodcallum Wood 3 callum Wood
Fri, 4 May 2018, 6:14 PM
GDPR Policies Plugin - Any facility for Optional? Picture of James ClarkeJames Clarke 4 Randy Thornton
Wed, 2 May 2018, 11:55 PM
Migrating my Moodle Site From HTTP to HTTPS Picture of Jonathan Christoper GoJonathan Christoper Go 3 callum Wood
Wed, 2 May 2018, 7:16 PM
I think we were hacked Picture of mimi nommimi nom 8 Ken Task
Wed, 2 May 2018, 6:45 AM
https & sensitive info Picture of James BrownJames Brown 5 Visvanath Ratnaweera
Wed, 2 May 2018, 1:25 AM
Corrections to the Moodle landscape as a result of the Facebook's breaches Picture of Visvanath RatnaweeraVisvanath Ratnaweera 4 Visvanath Ratnaweera
Wed, 2 May 2018, 1:18 AM
Moodle 'Site News' is public, it needs to be private. Help. Picture of roshan kolarroshan kolar 2 roshan kolar
Tue, 1 May 2018, 1:31 PM
GDPR: config settings as user preferences in blocks Picture of Mark SharpMark Sharp 6 Randy Thornton
Tue, 1 May 2018, 12:44 AM
Policy & Privacy Plugin help Picture of Mark LewisMark Lewis 3 Mark Lewis
Sun, 29 Apr 2018, 7:45 PM
GDPR and Custom Reports Picture of Lester CunninghamLester Cunningham 2 Randy Thornton
Fri, 27 Apr 2018, 11:49 AM
Delete "graduated" students (GDPR) Picture of Alicia WallaceAlicia Wallace 1 Randy Thornton
Fri, 27 Apr 2018, 11:45 AM
Hiding Student Names from Graders Picture of Jennifer HolderJennifer Holder 1 John Provasnik
Fri, 27 Apr 2018, 3:17 AM
Same moodle server to cater both Intranet & Internet Picture of Sreepathy ...Sreepathy ... 9 Ken Task
Wed, 25 Apr 2018, 6:01 PM
Erasing optional field data Picture of Dave FoordDave Foord 6 Alicia Wallace
Tue, 24 Apr 2018, 6:43 PM
Bug bounty by Detectify Picture of George MihailovGeorge Mihailov 1 Marina Glancy
Tue, 24 Apr 2018, 11:13 AM
You are considered to be a digital minor Picture of Bente OlsenBente Olsen 4 Bente Olsen
Sun, 22 Apr 2018, 3:53 AM
saml - sso error Picture of oded blaumoded blaum 1 Ken Task
Wed, 18 Apr 2018, 2:16 AM
GDPR plugins - Category & Purpose Picture of Mark SharpMark Sharp 6 Adrian Greeve
Tue, 17 Apr 2018, 4:42 PM
Trusted content permission does not work for Teacher role, XSS vulnerable? Picture of Paul LPaul L 2 Sascha Leblanc
Tue, 17 Apr 2018, 3:36 AM
Report page visible to web Picture of Nick GaultNick Gault 3 Ken Task
Sat, 14 Apr 2018, 12:57 AM
Privacy / Site / Cookie Policies (GDPR) Picture of Guildford College GroupGuildford College Group 2 Gareth J Barnard
Wed, 11 Apr 2018, 6:28 PM
pseudonymization/anonymization of deleted users Picture of Alexandra FAlexandra F 2 Alexandra F
Tue, 10 Apr 2018, 7:51 PM
user always online mynamemoodle question 3 Visvanath Ratnaweera
Fri, 6 Apr 2018, 3:28 PM
Security vulnerability Picture of İdiye ÖKTENİdiye ÖKTEN 0 İdiye ÖKTEN
Tue, 3 Apr 2018, 8:51 PM
Limit Course Access by Special LDAP Attribute Picture of Jeff JonesJeff Jones 0 Jeff Jones
Sat, 31 Mar 2018, 1:21 AM
Plugins DB and external services (GDPR related) Picture of Tomasz MurasTomasz Muras 1 Andrew Nicols
Fri, 30 Mar 2018, 7:12 AM
Moodle security Picture of MoodleMeow .MoodleMeow . 6 Mathew Gancarz
Thu, 29 Mar 2018, 10:45 PM
Moodle blocked out after IP listing Picture of Anandarup KarAnandarup Kar 1 Visvanath Ratnaweera
Wed, 28 Mar 2018, 3:53 AM
Ferpa and moodle Picture of curt bixelcurt bixel 20 Rick Jerz
Mon, 26 Mar 2018, 11:19 PM
reset admin password? Picture of Rachel HorstRachel Horst 6 Chris Baldwin
Thu, 22 Mar 2018, 5:45 PM
Privacy issue: how to disable Analytics completely Randy ThorntonRandy Thornton 7 Randy Thornton
Wed, 21 Mar 2018, 12:39 PM
Database encryption Picture of Ted LongTed Long 1 Mathew Gancarz
Wed, 21 Mar 2018, 5:12 AM
Authentication Keys Plugin Needed Picture of Donna BetancourtDonna Betancourt 0 Donna Betancourt
Fri, 9 Mar 2018, 10:54 AM
Privacy concens regarding the mobile push notifications Picture of Beni KellerBeni Keller 16 Beni Keller
Mon, 5 Mar 2018, 1:34 AM
restrict guest access for courses in a specific category Picture of stefan weberstefan weber 5 Emma Richardson
Sun, 4 Mar 2018, 8:44 PM
Hacked or some kind of update? Picture of Patrick LawrencePatrick Lawrence 1 Moodle Admin
Wed, 28 Feb 2018, 3:52 AM
Locking documents so that they can not be printed or downloaded directly? Picture of Lee RichardsLee Richards 5 Randy Thornton
Tue, 27 Feb 2018, 3:49 AM
SSL implementation on Moodle Picture of Syed AliSyed Ali 7 Syed Ali
Thu, 22 Feb 2018, 4:58 AM
Add Custom Salt to Unique Salt for Better Hashed Password? Picture of Paul LPaul L 2 Iñaki Arenaza
Sun, 18 Feb 2018, 9:02 PM
Create new User via Webservice Picture of Zadok LindtZadok Lindt 5 Zadok Lindt
Wed, 14 Feb 2018, 8:59 AM
File permissions on webroot vs installing plugins Picture of Tom SmithTom Smith 1 Ken Task
Tue, 6 Feb 2018, 8:26 PM
Plugin to upload and secure external exam results? Picture of Ruth HorakRuth Horak 0 Ruth Horak
Mon, 5 Feb 2018, 11:58 PM
LDAP and non-LDAP? Picture of Mike StewartMike Stewart 2 Mike Stewart
Mon, 5 Feb 2018, 11:21 PM
Virus detected on file download HELP! Picture of Irith HermanIrith Herman 7 Ken Task
Fri, 2 Feb 2018, 12:25 AM
ycfkurl reported TijgertimTimothy Bolton Milhas 2 Tristin Mock
Wed, 31 Jan 2018, 6:18 AM
The Web Application Firewall Blocks Most of the Actions Picture of Ali ArekatAli Arekat 1 Dan Marsden
Mon, 22 Jan 2018, 3:47 PM
Deny access to/Hide participant listing when logged in Picture of Morag HughsonMorag Hughson 4 Randy Thornton
Sat, 20 Jan 2018, 1:41 AM
Moodle Security Alerts - SPAM Picture of Joshua HaganJoshua Hagan 1 Ken Task
Mon, 15 Jan 2018, 4:30 PM
Access to Moodle Picture of Lance HindsLance Hinds 5 Ray Lawrence
Thu, 11 Jan 2018, 8:13 PM
About the OAuth 2 services Picture of Cheryl TsaiCheryl Tsai 2 Cheryl Tsai
Thu, 28 Dec 2017, 10:55 AM
Unauthorized person created an account A Coloradian who was sucked into facebook against his wishesWalter Byrd 4 Walter Byrd
Sun, 17 Dec 2017, 3:29 AM
Moodle SimpleSAML Error Picture of Dax NacDax Nac 1 Leon Stringer
Fri, 15 Dec 2017, 7:15 PM
Use Self-Signed Certificate Picture of mimi nommimi nom 6 Harsh Patel
Fri, 15 Dec 2017, 6:41 PM
SSL Cert on Content switch Picture of S ParkerS Parker 3 Harsh Patel
Fri, 15 Dec 2017, 5:56 PM
Prevent seeing Permissions for others Picture of Andy HillAndy Hill 1 Andy Hill
Fri, 15 Dec 2017, 2:28 PM
SSL setup issues on Moodle 3.2.3 Picture of Yogesh NaharYogesh Nahar 4 Harsh Patel
Fri, 15 Dec 2017, 2:10 PM
Users can't see their own "full profile" Picture of Krisha MoellerKrisha Moeller 0 Krisha Moeller
Fri, 15 Dec 2017, 8:57 AM
ClamAV Picture of Pieter PortierPieter Portier 1 Alain Raap
Thu, 14 Dec 2017, 7:51 PM
Moodle Login Form Encryption Picture of Danielle Bryan DizonDanielle Bryan Dizon 2 James McLean
Tue, 12 Dec 2017, 6:18 PM
Site policy acceptance logs Picture of Andreas PanagiotopoulosAndreas Panagiotopoulos 3 Eric Katchan
Mon, 11 Dec 2017, 10:02 PM
Login and get someone else's account Picture of Rachel WhittonRachel Whitton 5 Rachel Whitton
Fri, 8 Dec 2017, 4:46 PM
Students can see other students enrolled in a course Picture of Jacques TechnologiesJacques Technologies 0 Jacques Technologies
Fri, 8 Dec 2017, 9:59 AM
DRM and Course content protection. Picture of Deepak TripathiDeepak Tripathi 1 Dave Perry
Mon, 4 Dec 2017, 5:49 PM
Help with redirect from HTTP to HTTPS Picture of Carolyn McIntyreCarolyn McIntyre 14 Madison Quinn
Fri, 1 Dec 2017, 3:23 PM
a user with student privilege change another user's password Picture of esty wexleresty wexler 1 Mathew Gancarz
Wed, 29 Nov 2017, 3:56 AM
Privacy concerns using the Google Document Converter (annotate a pdf) Picture of Eva EEva E 4 Sergio Rabellino
Sun, 26 Nov 2017, 9:38 PM
API test for Moodle (v2.6) with Postman Picture of Shantanu MitraShantanu Mitra 0 Shantanu Mitra
Sat, 25 Nov 2017, 10:21 PM
unclear CSS - attack Picture of Bjarne OldsenBjarne Oldsen 4 Ralf Hilgenstock
Sat, 25 Nov 2017, 7:02 PM
Falling out of supported releases? wen photoWen Hao Chuang 1 Mathew Gancarz
Wed, 22 Nov 2017, 11:31 PM
HTTP to HTTPS but on Windows environment Picture of J GuzmanJ Guzman 0 J Guzman
Wed, 22 Nov 2017, 6:07 AM
Reverse Proxy redirecting Picture of Helson CHelson C 0 Helson C
Tue, 21 Nov 2017, 3:58 AM
Moodle 3.4 improvements related to data protection/GDPR Picture of Joe CapeJoe Cape 0 Joe Cape
Fri, 17 Nov 2017, 10:25 PM
Server CPU performance overhead Picture of Shamal SabahShamal Sabah 4 Dan Bennett
Wed, 15 Nov 2017, 12:38 AM
Is the unoconv installation a security risk? Picture of Matthew DavidsonMatthew Davidson 27 Meg Goodine
Fri, 10 Nov 2017, 4:46 AM
How to prevent multiple login with same ID with moodle 3 Picture of Vivian BogniniVivian Bognini 0 Vivian Bognini
Tue, 7 Nov 2017, 11:34 PM
Assigning permissions to modify themes Picture of marisol castromarisol castro 1 Ken Task
Thu, 2 Nov 2017, 4:07 AM
Maximum uploaded file size Picture of mozhgan shafieimozhgan shafiei 0 mozhgan shafiei
Tue, 31 Oct 2017, 1:31 PM
PHP.URI.Code.Injection Firewall Message Picture of Ali ArekatAli Arekat 1 Tomasz Muras
Tue, 24 Oct 2017, 3:19 PM
Model for managing institution groups Picture of David HumphreysDavid Humphreys 0 David Humphreys
Tue, 24 Oct 2017, 6:41 AM
Guest Access to Calendar Picture of Emma RichardsonEmma Richardson 1 Dean Montgomery
Sat, 14 Oct 2017, 1:30 AM
Why Does Moodle Have a Plugin Installer If It Is Considered Unsafe? Picture of Uwe StangeUwe Stange 0 Uwe Stange
Mon, 9 Oct 2017, 5:31 PM
Tab redirected Picture of bruce millsbruce mills 1 bruce mills
Thu, 5 Oct 2017, 9:36 AM
SSL and Moodle on a Subdomain Picture of David DinhDavid Dinh 5 David Dinh
Tue, 3 Oct 2017, 11:18 AM
Resetting forgot password without email Picture of Sanni RinneSanni Rinne 4 Sanni Rinne
Mon, 2 Oct 2017, 1:42 PM
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 ()