To tighten up permissions on Linux:

cd /var/ find moodledata/ -type d -exec chmod 700 {} \; find moodledata/ -type f -exec chmod 600 {} \; cd /var/www/html # or cd /var/www/ if moodle folder is one level lower find moodle/ -type d -exec chmod 755 {} \; find moodle/ -type f -exec chmod 644 {} \;

Correction : The RootkitRevealer-link are outdated, working links: english: http://technet.microsoft.com/en-en/sysinternals/bb897445.aspx german http://technet.microsoft.com/de-de/sysinternals/bb897445.aspx

Thanks Reto, I have amended the links accordingly. --Helen Foster (talk) 16:20, 6 January 2014 (WST)

Correction : Enrolment key hint is disabled by default in Moodle 2.2. The setting is found at Settings>Site Administration>Plugins>Enrolments>Self enrolment.

Thanks for the pointer, Jane :) --Mary Cooch 20:18, 22 April 2012 (WST)

de:Sicherheitsempfehlungen (Klaus Steitz 23:47, 27 April 2012 (WST))

Suggestion: Put a link to Register globals Docs page admin/environment/custom check/php check register globals

Request: Replace the link to the spanish translation for this page to the proper page es:Recomendaciones de Seguridad