Note: You are currently viewing documentation for Moodle 3.2. Up-to-date documentation for the latest stable version of Moodle is probably available here: report/security/report security check nodemodules.

report/security/report security check nodemodules

From MoodleDocs
Revision as of 07:36, 7 September 2017 by David Mudrak (talk | contribs) (Backport from 33)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Node.js modules directory security check

The node_modules directory should not be present on public sites.

The directory node_modules inside the Moodle dirroot contains Node.js modules and their dependencies, typically installed by the NPM utility. These modules may be required for Moodle development. They are not needed to run a Moodle site and they can contain potentially dangerous code exposing your site to remote attacks.

It is strongly recommended to remove the directory if the site is available via a public URL, or at least prohibit web access to it.

Retrieved from "https://docs.moodle.org/32/en/index.php?title=report/security/report_security_check_nodemodules&oldid=127663"
Powered by MediaWiki