Nota: Pendiente de Traducir. ¡Anímese a traducir esta página!.     ( y otras páginas pendientes)

Simple Security Measures

• The best security strategy is a good backup!
• Load only software or services you will use
• Perform regular updates
• Model your security after the layers of clothing you wear on a cold winter day

Run Regular Updates

• Use auto update systems
• Windows Update
• Linux: up2date, yum, apt-get
  • Consider automating updates with a script scheduled via cron
• Mac OSX update system
• Stay current with php, apache, and moodle

Use Mailing Lists to Stay Updated

• CERT
  • http://www.us-cert.gov/cas/signup.html
• PHP
  • http://www.php.net/mailing-lists.php
  • Sign up for Announcements list
• MySQL
  • http://lists.mysql.com
  • Sign up for MySQL Announcements

Firewalls

• Security experts recommend a dual firewall
  • Differing hardware/software combinations
• Disabling unused services is often as effective as a firewall
  • Use netstat -a to review open network ports
• Not a guarantee of protection
• Allow ports
  • 80, 443(ssl), and 9111 (for chat),
  • Remote admin: ssh 22, or rpd 3389

Be Prepared for the Worst

• Have backups ready
• Practice recovery procedures ahead of time
• Use a rootkit detector on a regular basis
  • Linux/MacOSX:
    • http://www.chkrootkit.org/
  • Windows:
    • http://www.sysinternals.com/Utilities/RootkitRevealer.html

Moodle Security Alerts

• Register your site with Moodle.org
  • Registered users receive email alerts
• Security alerts also posted online
• Web
  • http://security.moodle.org/
• RSS feed
  • http://security.moodle.org/rss/file.php/1/1/forum/1/rss.xml

Miscellaneous Considerations

• These are all things you might consider that impact your overall security
• Turn off opentogoogle, esp for K12 sites
• Use SSL, httpslogins=yes
• Disable guest access
• Place enrollment keys on all courses
• Use good passwords
• Use the secure forms setting
• Set the mysql root user password
• Turn off mysql network access

Most Secure/Paranoid File Permissions

• The moodle folder
  • Owner apache user
  • Group apache group
  • Permissions 700 directories, 600 files
• The moodledata folder
  • Should be placed outside the webroot, or restricted via .htaccess file
  • Owner root
  • Group apache group
  • Permissions 750 directories, 640 files
• Reference forum thread http://moodle.org/forum/discuss.php?d=36185