In the previous chapter, we focused on preventing a threat actor from denying our service to our learners. In this chapter, we’ll prepare for when our Moodle is taken offline. Notice that, again, we say “when” and not “if.” Although we’ll focus on threats in cyberspace, depending on your particular situation, a threat actor might well take action in the real world to target your critical infrastructure. Although this is an extreme statement, it is worth remembering that there is little difference between a threat actor attacking critical infrastructure and a natural disaster destroying critical infrastructure. Aside from recovering from a security incident, a backup and recovery regime is important for several reasons, including but not limited to the following:

• Data loss prevention
• Business continuity
• Compliance and legal requirements
• Data integrity and accuracy
• Disaster recovery

This chapter assumes you have root access to a server running a Linux-based operating system. In our examples, Ubuntu is used throughout. Some basic knowledge of installing and running relational databases is assumed.

In this chapter, we’ll use a MySQL database to explore data file backup and binary log replication, but MariaDB and PostgreSQL also support this functionality. Where appropriate, sample files have been provided at https://github.com/PacktPublishing/Moodle-4-Security/tree/main/Chapter-7.

A great way for your organization to understand its backup requirements is to conduct a business impact analysis (BIA). Conducting a BIA will allow us you assess the potential risks and impacts on the Mathaholics platform of a cybersecurity incident – for example, one that damages data integrity or, potentially, takes the platform completely offline. A deep dive into BIA techniques is beyond the scope of this chapter but a great place to start is the National Institute of Standards and Technology (NIST). The NIST interagency report called Using Business Impact Analysis to Inform Risk Prioritization and Response, available at https://csrc.nist.gov/publications/detail/nistir/8286d/final, explains how a BIA can be used to build an appreciation of the following:

• What functions should go right and why – for example, sustain 99.999% uptime since this is a contractual obligation.
• What might put essential functions in jeopardy. A...

Data stored in the Moodle database is volatile – even a Moodle site with no users can be “active” with scheduled tasks running in the background. Our client is keen to ensure that, in the event of a disaster, very little data is lost from the Mathaholics platform.

Our Mathaholics Moodle data will reside both in the database and the moodledata directory. We must ensure that, at the very least, these are regularly backed up so that we can restore our Moodle to a previous state in the event of data corruption, hardware failures, or other disasters.

Let’s begin with database backup strategies.

Database backup to file

A straightforward way of backing up less volatile database data is to run a simple bash script to export data. First, we need to create a new database user dedicated to the backup process. From the command line, log into MySQL and run the following command (replacing password with your secure password):

CREATE...

First, we need to concern ourselves with backing up the moodledata directory. The most obvious solution is to copy the files over to another server using a tool such as Secure Copy (SCP). However, there are many reasons why we wouldn’t want to do this for a Moodle installation. An important consideration is network efficiency. We can minimize network usage by transmitting only the necessary data. By transferring only the compressed and encrypted changes to files, we can reduce the overall network traffic and optimize transfer speed. Luckily, there are many tools that we can use to support these requirements, and in this section, we’ll explore two of the most well-known Linux-based tools: Rsync and BorgBackup.

We also don’t want to back up files to the same server. Cloud hosting means being able to create new servers at the push of a button, so creating a new backup server will be simple. A backup server doesn’t need to do any work...

Disaster recovery refers to the process and set of procedures that are designed to restore and resume critical software systems and applications in the event of a disruptive event or disaster. A disaster could occur in real life or cyberspace. Disasters are typically associated with natural phenomena (for example, flooding or earthquakes) but, as we have seen in previous chapters, critical infrastructure will be targeted by threat actors, who will aim to do the following:

• Cause maximum disruption for both your learners and your organization. This is because threat actors will want to pull you and your organization away from adding value to your offering.
• Remove your Moodle from the internet completely. As described in the introduction to Chapter 6, a DoS attack might cause disruption, but this may well cause damage that results in your Moodle being taken offline.

The primary goal of software disaster recovery is to ensure the continuity of essential...

We must plan what to do if a threat actor corrupts or disables our Mathaholics Moodle platform. At the beginning of this chapter, we investigated several industry-standard methods that can be used to back up our Moodle database, including exporting and replicating data. We also saw how we can restore MySQL data at a specific point in time by rerunning statements recorded in binary log files.

Then, we considered how to back up our moodledata directory using Rsync or BorgBackup. Both utilities offer secure methods of backup and retention, so long as we are careful with our configuration.

Finally, we looked briefly at the importance of having a disaster recovery plan – and the importance of practicing it.

Having explored the security of our underlying infrastructure, it is time to dive into how Moodle can be used to manage data privacy requirements. This is the subject of the next chapter.