Security and privacy

How to keep your Moodle site secure and methods for increasing privacy.

Documentation: Security, Security FAQ and Increasing privacy in Moodle
Forum moderator: Dan Poltawski

Before starting a new discussion topic, please check the Security FAQ and try a forum search.

DO NOT REPORT NEW VULNERABILITIES HERE!

New security issues should be reported in the Moodle Tracker with an appropriate security level.


Page: 1 2 3 4 5 6 7 8 9 10 11 ()
DiscussionStarted byRepliesLast post
Permissions Issues Picture of Aretha Etienne Aretha Etienne 3 Just H
Tue, 6 Dec 2016, 3:22 AM
How secure is using admin/tool/uploaduser/index.php Picture of callum Wood callum Wood 3 Matt Bury
Tue, 6 Dec 2016, 1:12 AM
Hiding email addresses in Moodle 2.6 forums Picture of John Edmiston John Edmiston 3 Randy Thornton
Sat, 3 Dec 2016, 7:08 AM
Allow view-only access to user list Picture of Joe Behymer Joe Behymer 5 Randy Thornton
Fri, 2 Dec 2016, 9:45 AM
security issue Picture of Anderson Hsu Anderson Hsu 1 Helen Foster
Mon, 28 Nov 2016, 3:34 PM
SSL Proxy woes Picture of Ben Steeples Ben Steeples 19 Lars Bonnesen
Sun, 20 Nov 2016, 3:38 AM
"view courses without participation" - not wanted / and changed? Picture of Klaas Hobo Klaas Hobo 5 Klaas Hobo
Sat, 19 Nov 2016, 12:28 AM
help: how to get rid of these terrible infinite recaptcha loops Pieter van der Hijden Pieter van der Hijden 0 Pieter van der Hijden
Fri, 18 Nov 2016, 4:46 AM
Single sign in from a student registration portal Picture of Abdulrauf Yamta Abdulrauf Yamta 1 Christopher McCool
Fri, 18 Nov 2016, 12:42 AM
Moodle was hacked, how can I modify the index.php Picture of Louis Lawson Louis Lawson 10 Ken Task
Tue, 15 Nov 2016, 9:50 PM
Moodle was hacked, how can I modify the index.php Picture of Louis Lawson Louis Lawson 2 Ken Task
Mon, 14 Nov 2016, 12:20 PM
Access to label's files prevented by user's rights? Picture of Philippe Decloitre Philippe Decloitre 2 T W
Fri, 11 Nov 2016, 12:13 AM
I think our Moodle site just survived a serious HACK attempt RabNawaz RabNawaz Panhyar 8 RabNawaz Panhyar
Tue, 8 Nov 2016, 12:29 PM
MySQL / MariaDB / PerconaDB - Root Privilege Escalation Picture of Grant Mucha Grant Mucha 0 Grant Mucha
Fri, 4 Nov 2016, 5:39 AM
How to make sure Accounts get not shared? Max 3 IPs for 1 user Picture of Sven Faltin Sven Faltin 1 James McLean
Wed, 26 Oct 2016, 7:04 AM
Katharine Edson - How secure is to use Moodle? Picture of Katharine Edson Katharine Edson 5 Christopher McCool
Sat, 22 Oct 2016, 2:37 AM
how to restrict domain myname moodle question 3 Helen Foster
Fri, 21 Oct 2016, 3:13 PM
Can I have moodle 2.9 onward function without a single cookie? Picture of Baljé Weber Baljé Weber 0 Baljé Weber
Mon, 17 Oct 2016, 5:38 PM
Windows PowerShell of AD Users to JSON Endpoint Fails to Upload Data Picture of Tim West Tim West 0 Tim West
Mon, 17 Oct 2016, 6:59 AM
How to add/allow "unsecure" code examples as text in Moodle pages Picture of Til Edward Til Edward 9 Til Edward
Sat, 15 Oct 2016, 9:15 PM
Moodle 2.9 apache can access moodle files Picture of Zola Anderson Zola Anderson 1 Tim Hunt
Sat, 15 Oct 2016, 7:51 PM
Security Question Picture of Andrew Taylor Andrew Taylor 20 Howard Miller
Tue, 11 Oct 2016, 9:49 PM
Alternatives to reCaptcha moi!!! it is what is is... Colin Fraser 3 Rick Jerz
Sat, 24 Sep 2016, 6:20 AM
How to fix a mix of secure and insecure content? Picture of Arturs Polis Arturs Polis 3 Luke Barone
Sat, 24 Sep 2016, 2:58 AM
New Profile field not working as a course restriction Picture of Anne Sherman Anne Sherman 3 Helen Foster
Thu, 15 Sep 2016, 6:10 PM
Hiding users in grade reports Picture of bart de bie bart de bie 3 Emma Richardson
Tue, 13 Sep 2016, 9:44 PM
forgotten password stopped working with https Picture of Martin Millmore Martin Millmore 2 Martin Millmore
Tue, 13 Sep 2016, 3:37 PM
Restrict Access to Categories By User Picture of William Workman William Workman 2 Greg Rudl
Wed, 7 Sep 2016, 4:43 AM
My homepage (frontpage) before login is only showing the login module Picture of Stefan Stefansson Stefan Stefansson 2 Stefan Stefansson
Tue, 6 Sep 2016, 5:41 PM
Secure Cookies Me Oliver Marugg 1 John Okely
Fri, 2 Sep 2016, 10:52 AM
IP Blocker - help Picture of Paul Baumeister Paul Baumeister 16 Ernani Veloso Freire
Thu, 1 Sep 2016, 9:48 PM
dbuser hash for password in config.php? Picture of J C J C 4 Wissam Nahas
Wed, 31 Aug 2016, 3:02 PM
Autologin with the special account Picture of Grigorii Andreev Grigorii Andreev 0 Grigorii Andreev
Sun, 28 Aug 2016, 10:06 PM
cross domain ajax in script Picture of Bradley Botkin Bradley Botkin 5 Bradley Botkin
Wed, 17 Aug 2016, 7:16 PM
Category Permissions and Restrictions Picture of David Van Thillo David Van Thillo 0 David Van Thillo
Wed, 17 Aug 2016, 2:04 AM
Moodle should not force a password change Picture of Irma Boks - Eek Irma Boks - Eek 6 Irma Boks - Eek
Wed, 10 Aug 2016, 11:05 PM
Captcha alternatives? Picture of Tom Litchfield Tom Litchfield 7 Visti Larsen
Thu, 4 Aug 2016, 4:35 PM
Issues with a virus in Moodle 3.0.2+ Picture of Luis Pu Luis Pu 7 Ken Task
Wed, 3 Aug 2016, 2:49 AM
Read Only Site Picture of Kehinde Okesanjo Kehinde Okesanjo 9 Antonio Negro
Sat, 30 Jul 2016, 8:31 PM
Httpoxy vulnerabilities in php addressed? Picture of Jerry Lau Jerry Lau 1 Ken Task
Fri, 29 Jul 2016, 8:21 AM
Password Security in moodle 2.9 or greater Picture of Sanmeet Singh Sanmeet Singh 4 Sanmeet Singh
Tue, 19 Jul 2016, 2:49 PM
SSL certificate issues Picture of raghav agarwal raghav agarwal 23 James McLean
Tue, 19 Jul 2016, 7:52 AM
Restricting Access to URL in course Picture of philipp lesmana philipp lesmana 0 philipp lesmana
Thu, 14 Jul 2016, 3:21 AM
Installing ssl certificates in moodle server Picture of Christine Mburu Christine Mburu 2 Linda Petty
Wed, 13 Jul 2016, 4:53 PM
Server breached front-end - malicious files uploaded Picture of Michael Iscool Michael Iscool 19 Ken Task
Fri, 8 Jul 2016, 9:58 PM
Is the unoconv installation a security risk? Picture of Matthew Davidson Matthew Davidson 19 Ken Task
Fri, 8 Jul 2016, 5:56 AM
"Guest user has logged in" ? Picture of g k g k 0 g k
Thu, 7 Jul 2016, 9:21 PM
Should I use SSL for Login? Why not? Picture of Paul L Paul L 8 Dave Perry
Thu, 23 Jun 2016, 9:01 PM
Remove login link from pages or disable logging in for users Picture of Jordan Floyd Jordan Floyd 4 Leticia Dark-rose
Tue, 21 Jun 2016, 12:04 PM
setup https via F5 Picture of Jaifar Al Shizawi Jaifar Al Shizawi 2 Bret Miller
Mon, 13 Jun 2016, 10:35 PM
How to hide/disable courses and quiz? Picture of Lucilla Wang Lucilla Wang 17 Lucilla Wang
Mon, 6 Jun 2016, 10:28 AM
SECURITY WARNING! (moodledata) Picture of Can Yasa Can Yasa 3 Can Yasa
Thu, 2 Jun 2016, 9:16 AM
Making students invisible to each other. Picture of Shoned Jones Shoned Jones 2 Richard Oelmann
Wed, 1 Jun 2016, 12:10 AM
Moodle Security Picture of Ben Keough Ben Keough 5 James McLean
Mon, 30 May 2016, 7:49 AM
Reset of admin password Picture of David Paige David Paige 9 Ranil Peiris
Thu, 26 May 2016, 7:46 AM
Google keyword in Japanese characters for my moodle site Picture of Milan Mihajlov Milan Mihajlov 11 Guillermo Madero
Thu, 19 May 2016, 11:14 PM
Security for self enrolment and enrolment keys Picture of Alice Constable Alice Constable 2 Alice Constable
Tue, 17 May 2016, 10:34 PM
Bots are knocking our guest door ? Picture of Antti Peltonen Antti Peltonen 0 Antti Peltonen
Tue, 17 May 2016, 7:59 PM
Assigning a password Picture of Íde O'Neill Íde O'Neill 2 Emma Richardson
Mon, 16 May 2016, 11:24 PM
Harold Nartey - Is Moodle Secure to Use? Picture of Harold Nartey Harold Nartey 1 Mike Churchward
Fri, 13 May 2016, 10:58 PM
Virtual schools/courses hidden from other groups/cohorts? Picture of Dave S Dave S 0 Dave S
Thu, 12 May 2016, 6:27 AM
Limit the number of users into a group Picture of Paul Lemarchand Paul Lemarchand 1 Sebastian Wz
Wed, 11 May 2016, 4:19 PM
Allow (Deny access) in Browse list of users Picture of Wes Sykes Wes Sykes 4 Blair F.
Thu, 28 Apr 2016, 2:27 AM
After Upgrade to 3.0, SSL No Longer Working Picture of Greg Dietrich Greg Dietrich 1 James McLean
Wed, 27 Apr 2016, 9:26 AM
Secure PHP Configuration Settings for Moodle Picture of Calvin Bu Calvin Bu 3 Ken Task
Tue, 26 Apr 2016, 10:30 PM
Comment request on vulnerability results Picture of Panagiotis Petasis Panagiotis Petasis 7 Richard Oelmann
Mon, 25 Apr 2016, 11:55 PM
Security overview, some questions and question on backup Picture of John Rambo John Rambo 4 Emma Richardson
Wed, 20 Apr 2016, 7:01 PM
Customize user privacy - on user-level Picture of Marjan Milošević Marjan Milošević 1 Devon Ritter
Thu, 14 Apr 2016, 12:16 AM
Possible Exploit - Accessing the Main Admins account through the CLI Picture of Alex Legg Alex Legg 6 Alex Legg
Wed, 13 Apr 2016, 5:59 PM
Missing Secure Attribute in Encrypted Session (SSL) Cookie Picture of Vinod Kumar Vinod Kumar 2 Vinod Kumar
Wed, 13 Apr 2016, 1:25 PM
Additional security measures for Moodle Picture of John Rambo John Rambo 8 Matt Bury
Wed, 13 Apr 2016, 4:57 AM
Visitors can access lesson video by copying link Picture of prashant gupta prashant gupta 9 Guillermo Madero
Tue, 12 Apr 2016, 12:47 AM
"Invalid Login" if country code is lowercase Picture of Derek Chaplin Derek Chaplin 0 Derek Chaplin
Sat, 9 Apr 2016, 12:38 AM
Is it possible to edit the Logs and specially the admin Logs Picture of Osama Hasan Osama Hasan 2 Richard Oelmann
Thu, 7 Apr 2016, 1:04 AM
Moodle does not restrict file types for uploads??? Security Risk??? Picture of Rob Barnett Rob Barnett 17 javier D
Wed, 30 Mar 2016, 4:27 AM
How do you secure email addresses? Picture of Paul Wakelam Paul Wakelam 10 Richard Lisle
Wed, 23 Mar 2016, 7:34 PM
Hide courses and categories to specific role Picture of Renato Marchesani Renato Marchesani 3 Howard Miller
Sat, 19 Mar 2016, 10:47 PM
access to server lost Picture of Hicham Doumali Hicham Doumali 3 Hicham Doumali
Fri, 18 Mar 2016, 10:41 PM
user id '0' is changing passwords Picture of heli guy heli guy 2 Emma Richardson
Thu, 17 Mar 2016, 8:49 AM
Password Encryption MD5 plain text Picture of Rupesh Kumar Rupesh Kumar 4 Tim Hunt
Fri, 11 Mar 2016, 3:49 AM
xss risks - Advice please Picture of Marie Waterhouse Marie Waterhouse 8 Helen Foster
Thu, 10 Mar 2016, 4:47 PM
Log in location lock down Picture of Mitchell Gregory Mitchell Gregory 5 Mitchell Gregory
Tue, 23 Feb 2016, 10:25 PM
Access Logs Picture of John Rebtho John Rebtho 3 Sudeep Nayak
Mon, 22 Feb 2016, 8:31 PM
Alias name - workaround Picture of Muse 79 Muse 79 3 Just H
Sun, 21 Feb 2016, 1:04 AM
Is Moodle ok on GitHub? Profile pic Leticia Dark-rose 9 Evan Donovan
Sat, 20 Feb 2016, 12:02 AM
Database credentials can they be seen? Wellingtonia Tree Heather P 4 Heather P
Wed, 17 Feb 2016, 4:42 PM
Maximum Time per Day Picture of Seth Mengal Seth Mengal 12 Howard Miller
Tue, 16 Feb 2016, 5:44 PM
IPV6 address in IP Blocker Picture of rabin sk rabin sk 0 rabin sk
Fri, 12 Feb 2016, 4:45 PM
Move Moodle Config Outside of Web Root Picture of Lewis Hackfath Lewis Hackfath 12 James McLean
Wed, 10 Feb 2016, 6:40 AM
moodle 2.4.3 : script injection in header Picture of razer raz razer raz 8 razer raz
Wed, 10 Feb 2016, 2:04 AM
MySQL SSL Connection? Picture of William Voyek William Voyek 4 Mohammed Mohammed
Sun, 7 Feb 2016, 6:54 PM
Moodle SSO using LDAP Picture of Trayton Mitchell Trayton Mitchell 5 Visvanath Ratnaweera
Sat, 6 Feb 2016, 6:15 PM
Blocking access to Users from outside the country Picture of david english david english 12 Matt Bury
Mon, 25 Jan 2016, 10:12 AM
Moodledata ... Moodle Code ... htaccess-dist.txt files Picture of Ken Task Ken Task 0 Ken Task
Mon, 25 Jan 2016, 5:11 AM
Moodle not displaying errors Picture of Tyler Whiteley Tyler Whiteley 3 Richard Oelmann
Sun, 24 Jan 2016, 1:33 AM
CSP Picture of Martin Greenaway Martin Greenaway 2 Martin Greenaway
Sat, 23 Jan 2016, 12:45 AM
How to force users password change weekly? IMG Mario Gonzalez 5 Clara MG
Tue, 12 Jan 2016, 4:36 PM
Moodle platform and security. Making the move. Picture of Shane Mundee Shane Mundee 4 Bret Miller
Tue, 12 Jan 2016, 4:18 AM
Advice please! Is Moodle safe? Picture of jesse magees jesse magees 16 Visvanath Ratnaweera
Thu, 7 Jan 2016, 10:54 PM
Authentication problem Picture of eduardo moisa eduardo moisa 1 eduardo moisa
Thu, 7 Jan 2016, 3:50 AM
Page: 1 2 3 4 5 6 7 8 9 10 11 ()