Mac OS X Server,  Mac Security,  SQL

Moodle Security

Moodle is a popular Course Management Solution (CMS) that is typically deployed in a less-than-secure manner. This is an issue with any system, but in a number of schools it can cause some pretty serious problems given the penchant that students have to muck with things. In the broader technology certification world it can be an even bigger issue in that, well, we’re geeks…

So a few tips on securing Moodle:

  • Tie Moodle into Active Directory (from the Admin console, Users->Authentication->LDAP) or some other Directory Service.
  • From the Admin console, go to Administration->Security and make sure all of these settings match your security plan.
  • Automate security scanning.  For example, check for root kits using rkhunter and chkrootkit.  Also use your favorite virus scanner (which is likely a low priority but why not).  Also consider automating a checksum tool to let you know when something changes in certain parts of the file hierarchy, such as tripwire.
  • Centralize your logs and actually check them out.
  • Limit access: Use sandbox-exec to limit access to what the Apache and/or MySQL binaries can do if they get compromised. Also make sure that the actual POSIX permissions for the files are as low as possible.
  • Get an SSL Certificate. Even if it’s a self-assigned cert (httpslogins=yes)…
  • Put a good backup in place. Both for the userland data and the MySQL databases.
  • Use good passwords.  I know this sounds dumb, but the default admin password (12345) is probably not a good one to be using…  Also, disabling guest access is usually a good idea.
  • Practice good general SQL security.  For example, if SQL and Moodle are running on the same host, don’t allow SQL to accept network connections, there’s no reason to do so…  If you must use tools like MySQLAdmin then put them in a realm and use the SSL cert from above.  Limit what MySQL users can do, etc.  More on MySQL security here.
  • About those network connections mentioned above, make sure only the ports that need to be allowed into the host running Moodle are allowed.  For example, don’t allow afp if it’s not an AFP server, just so you can quickly and easily upload content using Command-K).  Remember, Mac OS X password policies in OD and OS X Server ARE NOT enforced on admin accounts.
  • Occasionally check out the Moodle security rss feed.
  • Enable secure forms in Moodle.
  • And last but not least, build a good course template so your teachers/instructors will be able to practice good security for courses and exams without having to be CISSPs…
  • Oh, and if you’ll be doing mod development check out Petr from Moodle.com’s overview on Moodle Security, which goes into more detail on trusted vs. untrusted users, functions, etc.

Overall, we’re talking about adding an extra 3-4 hours of work more than likely.  But that’s probably well over 8 hours saved the first time an AP Computer Science student or a CISSP student end up going through one of your courses.