This is an article from the International Journal of Information Technology and Knowledge Management published last January 2011.  While some specifics may have changed with the release of Moodle 2.1 and 2.2, there is a wealth of knowledge about Moodle’s pluses, minuses and possible security exploitations.

Post Pages - Post Inline - WIRIS

Kumar and Dutta start out with an introduction to Moodle, its origins and rapid growth as well as its comparative advantages and disadvantages as seen through a wider lens of the LMS market.

There after it immediately launches into a survey of the possible security vulnerabilities of Moodle sites, including but not limited to

  • authentication attacks
  • denial of service attacks
  • cross site scripting
  • session hijacking

One of the major limitations of Moodle, according to Dutta and Kumar is its inability to apply https across the entire site (though authentication and some administrative functions are supported).  If you’re interested in learning more about’s Security Recommendations go to

The conclusion of the paper proposes a couple of solutions to possible security attacks which can help to mitigate or even prevent the exploitation of the vulnerabilities.  Two relatively simple solutions are applying Captcha to the registration process and enabling using SSL.

Find this PDF article and more at

Previous article6 Moodle Wallpapers for your desktop/laptop
Next article10 videos and many more tutorials from @DrewUniversity Moodlers


  1. Moodle is always a best option in this terms, it provides a flexible environment for continued improvement and expansion, this means we can shape Moodle according to the changing environment.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.