System security

In this section, we deal with configuration settings, login via the secure HTTP, the IP blocker, and the Safe Exam Browser integration.

Configuration security

There are a number of general configuration settings that potentially have an impact on the security of your system.

Access to dataroot

In the Notifications screenshot at the beginning of the chapter, you would have probably spotted the warning that the dataroot directory is directly accessible via the Internet. Moodle requires additional space on a server to store uploaded files, such as course documents and user pictures. The directory is called dataroot and must not be accessible via the Web. If this directory is accessible directly, unauthorized users can get access to content. ...

Get Moodle 3 Administration - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Moodle 3 Administration - Third Edition by Alex Büchner

System security

Configuration security

Access to dataroot

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly