Exploring Moodle security checks
Among the reports that are provided in a default Moodle installation, the Security checks report provides a variety of system security checks. To access the report, select Site administration | Reports | Security checks:
Figure 9.3 – The Security checks report displays details from the built-in security checks
Details on each security check that is reported on the Security checks page are given in Figure 9.4:
Check |
Details |
Displaying of PHP errors |
Confirms that PHP errors are not being displayed on the screen, as errors often contain sensitive information. |
Insecure dataroot |
Checks to ensure that the dataroot directory is not accessible from the web. Ensures your dataroot directory is not in a directory your web server can serve from. ... |