Talk:Security recommendations

Jump to: navigation, search

I think we should suppress register_global advise because has non sense talk about a suppressed php from version 5.4+ (more than 5 years ago). I'm going to edit the article according to this.

--Joan Cervan (talk) 10:20, 18 January 2019 (UTC)


To tighten up permissions on Linux:

cd /var/ find moodledata/ -type d -exec chmod 700 {} \; find moodledata/ -type f -exec chmod 600 {} \; cd /var/www/html # or cd /var/www/ if moodle folder is one level lower find moodle/ -type d -exec chmod 755 {} \; find moodle/ -type f -exec chmod 644 {} \;


Correction : The RootkitRevealer-link are outdated, working links: english: http://technet.microsoft.com/en-en/sysinternals/bb897445.aspx german http://technet.microsoft.com/de-de/sysinternals/bb897445.aspx

Thanks Reto, I have amended the links accordingly. --Helen Foster (talk) 16:20, 6 January 2014 (WST)


Correction : Enrolment key hint is disabled by default in Moodle 2.2. The setting is found at Settings>Site Administration>Plugins>Enrolments>Self enrolment.

Thanks for the pointer, Jane :) --Mary Cooch 20:18, 22 April 2012 (WST)


de:Sicherheitsempfehlungen (Klaus Steitz 23:47, 27 April 2012 (WST))

Suggestion: Put a link to Register globals Docs page admin/environment/custom check/php check register globals



Request: Replace the link to the spanish translation for this page to the proper page es:Recomendaciones de Seguridad