Summary
Malware is a critical risk to our Moodle server and in this chapter, we learned how to defend against it. The first step was to install antivirus software on the server and we saw that, understandably, Moodle has antivirus support baked in. Not only will the antivirus software scan the server for infected files but Moodle will actively scan any files uploaded by users.
Then, we saw how we can enhance Apache logs so that we can more easily track server requests. We learned that there is a wealth of data beyond the defaults that we can log for each request. This took us on to installing and configuring the ModSecurity WAF.
We investigated how the OWASP CRS can be configured for Moodle and, by using specific examples, how false positives can be tuned away. We also saw how custom security rules can be written to provide targeted protection and improved performance.
Next, we must consider how to protect the server from denial of service (DoS) attacks. This is the subject...