Archive for November, 2009

Our Moodle demonstration site is now using Moodle 1.9.7 (thanks to Moodle HQ sys admin Jordan for upgrading) and has demo account passwords FunMood1ing! which fulfil the default password policy i.e. at least 8 characters and including at least one number, one lowercase letter, one uppercase letter and one non-alphanumeric character.

The security overview report (in Site Administration > Reports > Security overview) includes a report of any roles, permissions overrides and users who are allowed to backup user data. It is recommended that the capability to backup user data is only allowed for people who really need it, and their accounts should be protected by strong passwords. Note that glossary and database activity entries can easily be moved to a different course using the export and import entries feature without needing to backup user data.

Backup of user data report screenshot

The security overview report also reports that a password salt has been set.

Of course these demo site security improvements aren’t strictly necessary, since the database and files are erased and restored to a clean state every hour, however hopefully they serve to set a good example.


Read Full Post »

The Moodle HQ team in Perth is increasing in size and now includes six developers. The latest addition is Andrew Davis, who has been helping out with QA and small bug fixes since he began a fortnight ago.

Meanwhile, European HQ members are looking forward to the upcoming Moodle hackfest in the Czech Republic in a week’s time, where no doubt Moodle 2.0 will be the hot topic of conversation. Also on the agenda for discussion is Moodle 3.0!

Read Full Post »

Our documentation wiki, Moodle Docs, has a nice feature for users browsing in one of the 27 languages other than English. If you view a page which is not yet translated, a message is displayed encouraging you to translate it and also providing a link to the English version of the page e.g. http://docs.moodle.org/nl/backup/restore. Thanks to Moodle developer and Czech language pack maintainer David Mudrák for figuring out how to do this (MDLSITE-90).

This feature came up in our developer chat when deciding upon the wording of the 1.9.7 upgrade notification message. Rather than having lots of explanatory text in Moodle, a neater solution is simply to include a documentation link.

Read Full Post »

A heads up for anyone upgrading to the latest Moodle 1.9.6+, you’ll find the password policy (in Site Administration > Security > Site policies) has been enabled and admins will be prompted to change their password on next login.

Thus, if your site is for testing purposes only, you may wish to disable the password policy.

Read Full Post »

Password salting

Today I have been learning about password salting, a method of making encrypted passwords more secure and practically impossible to crack. Please see the documentation Password salting for the collected wisdom of posters in the forum discussion Moodle Salting and in our developer chat.

Elsewhere in Moodle Docs, I loved a talk page comment regarding a typo fix from documentation writer Chris Collman to Tim Hunt:

Keep doing the heavy lifting, sometimes I will find a grain of sand to put in the right place.

Read Full Post »

A couple of weeks ago I came across an interesting report about the Open University (OU) and Moodle, The Open University UK: creating a win-win situation by sharing code and content. The report explained how cooperating with the worldwide Moodle community resulted in everyone benefiting.

Following his return to the UK after working at Moodle HQ in Perth for twelve months, Quiz module maintainer Tim Hunt has continued to contribute to Moodle in lots of areas. In addition to writing the documentation Development:Security, Tim has recently created a Custom SQL queries admin report.

Sam's profile pictureOU wiki, OU blog and conditional activities developer Sam Marshall has recently announced ForumNG (new alternative forum for moodle 1.9). Like Tim, Sam is also a particularly helpful Moodler in the Using Moodle forums.

For details of what other OU developers are currently working on, please see Sam’s development update blog post.

A big thank you to all the OU team for their contributions to Moodle.

Read Full Post »

I’m sure you all agree with me that we’re very fortunate to be part of such a friendly and welcoming community on moodle.org.

However, newcomers (over a thousand every day according to moodle.org/stats!) don’t always realise the unwritten forum rules that we choose to abide by and sometimes post in the wrong forum, or post the same question in several forums, or use “Please help me” as the subject line of their post etc.

Thus we’ve decided it would be a good plan to document our forum rules and moderation procedures, and so I’ve come up with a draft Moodle.org forums Code of Conduct. Comments on the draft are very welcome – please post in the Moodle.org design forum or use Talk:Moodle.org forums Code of Conduct.

Read Full Post »

Older Posts »