Book Image

Moodle 4 Administration - Fourth Edition

By : Alex Büchner
Book Image

Moodle 4 Administration - Fourth Edition

By: Alex Büchner

Overview of this book

This updated fourth edition of the classic Moodle Administration guide has been written from the ground up and covers all the new Moodle features in great breadth and depth. The topics have also been augmented with professional diagrams, illustrations, and checklists. The book starts by covering basic tasks such as how to set up and configure Moodle and perform day-to-day administration activities. You’ll then progress to more advanced topics that show you how to customize and extend Moodle, manage authentication and enrolments, and work with roles and capabilities. Next, you'll learn how to configure pedagogical and technical Moodle plugins and ensure your LMS complies with data protection regulations. Then, you will learn how to tighten Moodle’s security, improve its performance, and configure backup and restore procedures. Finally, you'll gain insights on how to compile custom reports, configure learning analytics, enable mobile learning, integrate Moodle via web services, and support different types of multi-tenancy. By the end of this book, you’ll be able to set up an efficient, fully fledged, and secure Moodle system.
Table of Contents (24 chapters)

Ensuring system security

In the last section of this Moodle security chapter, we deal with configuration settings impacting system security, covering access to dataroot, cron execution, secure HTTP, and the IP blocker.

Configuring access to dataroot

In the Notifications screenshot earlier in the chapter, you probably spotted the warning that the dataroot directory is directly accessible via the internet. Moodle requires additional space on a server to store uploaded files, such as course documents and user pictures. The directory is called dataroot and must not be accessible via the web. If this directory is accessible directly, unauthorized users can get access to content.

Important note

$CFG->dataroot must not be accessible via the web!

To prevent dataroot from being accessible, move the directory outside the web directory (ensure not to mangle permissions) and modify config.php accordingly by changing the $CFG->dataroot entry.

In externally hosted environments...