mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-17 21:49:15 +01:00
Code Issues Projects Releases Wiki Activity
116,608 Commits 36 Branches 519 Tags
Commit Graph

25 Commits

Author SHA1 Message Date
Paul Holden
8e77b9bf7c
MDL-82231 check: include upgrading.md files in public path checks. 2024-09-26 08:30:33 +01:00
Paul Holden
011619dbd3
MDL-71734 lang: final removal of deprecated 400 strings. 2024-03-21 09:44:15 +00:00
Alex Yeung
73f3bb23be MDL-67852 tool_dataprivacy: Fix security checks 2023-07-09 14:35:20 +01:00
Helen Foster
a1699a58f4 MDL-74537 lang: Import fixed English strings (en_fix) 2022-04-26 11:21:12 +01:00
Helen Foster
558b4c826d MDL-73201 lang: Import fixed English strings (en_fix) 2021-12-09 19:53:10 +01:00
Sara Arjona
a0d3e32aa9 MDL-72042 media: Remove SWF media player 
The Flash Player was deprecated in 2017 and officially discontinued
on 31 December 2020, so media_swf player has been completely
removed from Moodle core.
 2021-09-17 10:39:17 +02:00
Kevin Pham
0b997f63e3 MDL-71627 check: Add AV status, notification levels and more logging 
- `notifylevel` will change what gets sent as part of the antivirus
  notification emails based on the scan type. For example if set on
  SCAN_RESULT_FOUND, it will not notify for any detections, if set to
  SCAN_RESULT_ERROR, it will notify for both detections and errors.
- `threshold` will determine how far the lookback is when displaying the
  status of the /reports/status (System Status) page. It will display as
  an ERROR state if there has been scanner issues within this certain
  threshold period
- As part of the above, scanner errors will now trigger a new event
  which will be logged as antivirus_scan_data_error or
  antivirus_scan_file_error. Due to the nature of it reading from the
  logs table, it only works currently for the "Standard logging"
  logstore.
 2021-08-11 11:46:15 +10:00
Brendan Heywood
7d96f74f6f MDL-71806 report_security: Improve public paths check 2021-06-01 18:24:53 +10:00
Brendan Heywood
a6e9ac9af7 MDL-69333 report_security: Add checks for many public & private urls 2021-01-20 11:19:14 +11:00
Brendan Heywood
00c2153be1 MDL-67818 check: Added Check API and refactored security checks 
AMOS BEGIN
 MOV [check_noauth_details,report_security],[check_noauth_details,auth_none]
 MOV [check_noauth_error,report_security],[check_noauth_error,auth_none]
 MOV [check_noauth_name,report_security],[check_noauth_name,auth_none]
 MOV [check_noauth_ok,report_security],[check_noauth_ok,auth_none]
AMOS END
 2020-04-06 12:28:37 +10:00
Michael Hawkins
76d0192e0b MDL-7339 admin: Replaced "open to google" references to be more generic 
AMOS BEGIN
 MOV [configopentogoogle,admin],[configopentowebcrawlers,admin]
 MOV [opentogoogle,admin],[opentowebcrawlers,admin]
 MOV [check_google_details,report_security],[check_crawlers_details,report_security]
 MOV [check_google_error,report_security],[check_crawlers_error,report_security]
 MOV [check_google_info,report_security],[check_crawlers_info,report_security]
 MOV [check_google_name,report_security],[check_crawlers_name,report_security]
 MOV [check_google_ok,report_security],[check_crawlers_ok,report_security]
AMOS END
 2019-06-11 10:04:01 +08:00
Helen Foster
65d70aa81b MDL-64509 lang: Import fixed English strings (en_fix) 
Significant string change: enablerunnow_desc,tool_task - including
mention of pathtophp requirement
 2019-01-07 14:40:34 +01:00
Zig Tan
6f77c09777 MDL-61881 report: fix privacy lang strings 2018-04-11 10:06:51 +08:00
Zig Tan
d8e07b9f75 MDL-61881 report_security: Implement null privacy provider 2018-04-09 09:56:31 +08:00
Alexander Bias
f380743303 MDL-60234 core: Disable admin warning for developemnt libs 2017-09-26 22:05:19 +02:00
David Mudrák
911fcae895 MDL-59969 admin: Warn admins if a development libs directory exists 
We can't really control the direct web access to directories in dirroot,
that is part of the server setup. So we at least warn admins as they may
not realize the risks of having directories like vendor or node_modules
exposed.

Credit goes to Petr Škoda for mentioning the PHPUnit issue CVE-2017-9841
to me.
 2017-09-07 10:53:35 +02:00
Brendan Heywood
f2b7572a54 MDL-58109 reports: Add security check for preventexecpath 2017-03-01 15:18:30 +11:00
Brendan Heywood
657ddbf592 MDL-55273 admin: Change $CFG->cookiesecure default to on 2016-08-22 09:20:32 +10:00
Helen Foster
0634dc3b76 MDL-50033 lang: Merge English strings from the en_fix language pack 2015-04-29 21:43:00 +02:00
Ankit Agarwal
9e01886562 MDL-48559 reports: security report checks for web cron 2015-01-27 11:00:40 +05:30
Petr Škoda
6a27439b8f MDL-43529 delete all unnecessary register_globals checks 2014-01-12 17:58:39 +08:00
Helen Foster
86698a4c72 MDL-41568 Merge English strings from the en_fix language pack 2013-09-03 12:31:35 +02:00
Simon Coggins
ec2d8ceb88 MDL-35332 lib: Improve security of hashed passwords 2013-02-09 06:47:57 +13:00
Petr Skoda
d9298dc6fd MDL-29030 standardise report_security 2011-11-06 12:22:46 +01:00
Petr Skoda
e30cc24c0d MDL-29030 make admin reports general reports 
AMOS BEGIN
 CPY [pluginname,coursereport_log],[pluginname,report_log]
 CPY [pluginname,coursereport_stats],[pluginname,report_stats]
AMOS END
 2011-11-06 12:22:45 +01:00