Moodle is an open source CMS (Course Management System)/LMS (Learning Management System)/VLE (Virtual Learning Environment). Its primary purpose is to enable educational institutions and individuals to create and publish learning content in a coherent and pedagogically valuable manner, so that it can be used for successful knowledge transfer towards students.
That sounds harmless enough. Why would anybody want to illegally access an educational platform?
There are various motives of computer criminals. In general, they are people committed to the circumvention of computer security. This primarily concerns unauthorized remote computer break-ins via a communication network such as the Internet. Some of the motives could be:
Moodle is a web application and as such must be hosted on a computer connected to some kind of network (private or public—Internet / Intranet). This computer must have the following components:
Each of these pieces can be used as a point of attack by a malicious user(s) in order to obtain access to the protected information. Therefore, it is our task to make all of them as secure as possible. The main focus will be directed towards our Moodle and PHP configuration.
In this section we follow a secure installation of Moodle. In case you do not already have an installed instance of Moodle, we will show you the quickest way to do that, and at the same time focus on security. If you already have Moodle installed, go to the following section where you will see how to secure an existing installation of Moodle
In order to install Moodle on your server you need to install and configure the web server with support for PHP and the database server. We will not go into the specifics of setting up a particular web server, PHP, and/or database server right now, since it depends on the OS your server has installed. Also we will not explain in detail tasks like creating directories, setting up file permissions, etc as they are OS specific and out of the scope of this article. This section assumes you already know about your OS and have already configured your web server with an empty database. Every installation of Moodle must have:
We assume that your web server is Apache (Linux) or IIS (Windows), and that you use PHP 5.1.x or later and MySQL 5.0 or later.
The following checklist will guide you through the basic installation procedure for Moodle.
CREATE DATABASE moodle CHARSET ‘utf8’ COLLATION ‘utf8_general_
ci’;
CREATE USER ‘moodle’@’localhost’ IDENTIFIED BY ‘somepass’;
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER
ON loomdb.* TO loom@localhost IDENTIFIED BY ‘somepass’;
FLUSH PRIVILEGES;
Field name | Description | Recommended action |
Username | Defines user name inside the Moodle. By default it is admin. | We recommend leaving the default value unchanged. |
New password | Defines user logon password. | Must supply valid password. |
First name | Defines name of the admin. | Must supply valid name. |
Surname | Defines surname of the admin. | Must supply valid name. |
E-mail address | Defines user e-mail address. | Must supply valid e-mail. |
E-mail display | Define the visibility of your e-mail address within the platform. | We recommend leaving it as is (visible to all). |
E-mail active | Defines whether e-mail is activated or not. | Set it to enable. |
City/Town | Defines name of the city where you live. | Moodle requires this value. |
Select Country | Name of your country. | Set it to your country name. |
Timezone | Sets your time zone so that server can display time calculated for your location in some reports. | If not sure what your time zone is, leave it as is.
|
Preferred language | Choose the platform language. | By default, Moodle comes only with support for English language. If you want to add more languages visit http://download.moodle.org/ lang16/ and download and install the appropriate files. |
I remember deciding to pursue my first IT certification, the CompTIA A+. I had signed…
Key takeaways The transformer architecture has proved to be revolutionary in outperforming the classical RNN…
Once we learn how to deploy an Ubuntu server, how to manage users, and how…
Key-takeaways: Clean code isn’t just a nice thing to have or a luxury in software projects; it's a necessity. If we…
While developing a web application, or setting dynamic pages and meta tags we need to deal with…
Software architecture is one of the most discussed topics in the software industry today, and…