report/security/report security check unsecuredataroot
De MoodleDocs
The dataroot is the directory where Moodle stores user files. It should not be directly accessible via the web.
See also
- Using Moodle Security and Privacy forum
- MDL-15716 Tighten dataroot security checks and warn the administrator 'loudly'