Nota: Pendent de Traduir. Hi ha Voluntaris!?     (altres pàgines pendents)

El programari de servidors web és molt complex, i cada aplicació té aspectes de seguretat que es troben de tant en tant, habitualment a l'entorn d'algunes combinacions d'entrades que els programadors no havien anticipat. El projecte Moodle es pren la seguretat molt seriosament, i contínuament es millora el Moodle per tancar els forats de seguretat ràpidament.

Introducció

• Aquesta pàgina conté informació sobre mesures de seguretat importants per a la vostra instal·lació moodle.
• Els problemes de seguretat que noteu els hauríeu d'informar directament al lloc http://security.moodle.org - a fi que les persones que treballen en el desenvolupament puguin localitzar-los ràpidament, i no convé exposar-los a un públic general fins que siguin resolts (per prevenir atacs).
• No hauríeu d'enviar exploits actuals al tracker o als fòrums, exactament per les mateixes raons.

Mesures simples de seguretat

• La millor estratègia de seguretat és un bon sistema de còpies de seguretat. I no tindreu un bon sistema de còpies de seguretat si no teniu un bon sistema per recuperar-les. Comproveu els vostres sistemes de recuperació!;
• Carregueu al servidor només programari o serveis que realment utilitzareu;
• Feu actualitzacions regularment;
• Model your security after the layers of clothing you wear on a cold winter day

Recomanacions bàsiques

• Actualitzeu el Moodle davant cada alliberament de versió.

Published security holes draw crackers attention after release. The older the version, the more vulnerabilities it is likely to contain.

• Disable register globals

This will help prevent against possible XSS problems in third-party scripts.

• Use strong passwords for admin and teachers

Choosing "difficult" passwords is a basic security practice to protect against "brute force" cracking of accounts.

• Only give teacher accounts to trusted users. Avoid creating public sandboxes with free teacher accounts on production servers.

Teacher accounts have much freer permissions and it is easier to create situations where data can be abused or stolen.

• Separate your systems as much as possible

Another basic security technique is to use different passwords on different systems, use different machines for different services and so on. This will prevent damage being widespread even if one account or one server is compromised.

Run regular updates

• Use auto update systems
• Windows Update
• Linux: up2date, yum, apt-get

Consider automating updates with a script scheduled via cron

• Mac OSX update system
• Stay current with php, apache, and moodle

Use mailing lists to stay updated

• CERT - http://www.us-cert.gov/cas/signup.html
• PHP - http://www.php.net/mailing-lists.php - sign up for Announcements list
• MySQL - http://lists.mysql.com - sign up for MySQL Announcements

Firewalls

• Security experts recommend a dual firewall

Differing hardware/software combinations

• Disabling unused services is often as effective as a firewall

Use netstat -a to review open network ports

• Not a guarantee of protection
• Allow ports

80, 443(ssl), and 9111 (for chat),

Remote admin: ssh 22, or rpd 3389

Password policy

Moodle1.9In Moodle 1.9 onwards, a password policy may be set up via Administration > Security > Site policies.

There is a check box to determine if password complexity should be enforced or not, the option to set the minimum length of the password, the minimum number of digits, the minimum number of lowercase characters, the minimum number of uppercase characters and the minimum number of non alphanumeric characters.

If a user enters a password that does not meet those requirements, they are given an error message indicating the nature of the problem with the entered password.

Enforcing password complexity along with requiring users to change their initial password go a long way in helping ensure that users choose and are in fact using "good passwords".

Be prepared for the worst

• Have backups ready
• Practice recovery procedures ahead of time
• Use a rootkit detector on a regular basis
  • Linux/MacOSX - http://www.chkrootkit.org/
  • Windows - http://www.sysinternals.com/Utilities/RootkitRevealer.html

Moodle security alerts

• Register your site with Moodle.org

Registered users receive email alerts

• Security alerts also posted online
• Web - http://security.moodle.org/
• RSS feed - http://security.moodle.org/rss/file.php/1/1/forum/1/rss.xml

Miscellaneous considerations

These are all things you might consider that impact your overall security:

• Turn off opentogoogle, esp for K12 sites
• Use SSL, httpslogins=yes
• Disable guest access
• Place enrollment keys on all courses
• Use good passwords (for Moodle 1.9 onwards, set up a password policy)
• Use the secure forms setting
• Set the mysql root user password
• Turn off mysql network access

Most secure/paranoid file permissions

Assuming you are running this on a sealed server (i.e. no user logins allowed on the machine) and that root takes care of the modifications to both moodle code and moodle config (config.php), then this are the most tight permissions I can think of:

1. moodledata directory and all of its contents (and subdirs, includes sessions):

owner: apache user (apache, httpd, www-data, whatever)
group: apache group (apache, httpd, www-data, whatever)
perms: 700 on directories, 600 on files

2. moodle directory and all of its contents and subdirs (including config.php):

owner: root
group: root
perms: 755 on directories, 644 on files.

If you allow local logins, then 2. should be:

owner: root
group: apache group
perms: 750 on directories, 640 on files

Think of these permissions as the most paranoid ones. You can be secure enough with less tighter permissions, both in moodledata and moodle directories (and subdirectories).

See also

• Using Moodle Guide to Securing your Moodle Server forum discussion