Book Image

Moodle 4 Administration - Fourth Edition

By : Alex Büchner
Book Image

Moodle 4 Administration - Fourth Edition

By: Alex Büchner

Overview of this book

This updated fourth edition of the classic Moodle Administration guide has been written from the ground up and covers all the new Moodle features in great breadth and depth. The topics have also been augmented with professional diagrams, illustrations, and checklists. The book starts by covering basic tasks such as how to set up and configure Moodle and perform day-to-day administration activities. You’ll then progress to more advanced topics that show you how to customize and extend Moodle, manage authentication and enrolments, and work with roles and capabilities. Next, you'll learn how to configure pedagogical and technical Moodle plugins and ensure your LMS complies with data protection regulations. Then, you will learn how to tighten Moodle’s security, improve its performance, and configure backup and restore procedures. Finally, you'll gain insights on how to compile custom reports, configure learning analytics, enable mobile learning, integrate Moodle via web services, and support different types of multi-tenancy. By the end of this book, you’ll be able to set up an efficient, fully fledged, and secure Moodle system.
Table of Contents (24 chapters)

Ensuring content security

Content by learners and teachers can potentially contain malicious code, and once created, it needs to be protected from unauthorized access. This section will ensure content security (namely, content created within Moodle), content visibility, and antivirus scanners.

Limiting content created within Moodle

Users can create Moodle content by using the Atto editor or uploading files. Two settings are available in Site administration | General | Security | Site security policies to partly prevent the misuse of these:

Figure 13.7 – Content security settings

The two parameters are as follows:

  • HTML allows embedding code that uses the explicit <EMBED> and <OBJECT> tags. Potentially, malicious code can be put in embedded scripts, which is why its support is deactivated by default. To activate it, enable the Allow EMBED and OBJECT tags parameter.
  • The Atto editor automatically removes any unwanted HTML elements...