report/security/report security check openprofiles
From MoodleDocs
User profiles should not be open to the web without authentication, both for privacy reasons and because spammers then have a platform to publish spam on your site.
Note: You are currently viewing documentation for Moodle 3.9. Up-to-date documentation for the latest stable version of Moodle may be available here: report/security/report security check openprofiles.
User profiles should not be open to the web without authentication, both for privacy reasons and because spammers then have a platform to publish spam on your site.