The Upgrade Key Is An Important New Feature In 3.0

2928
moodle upgrade key

Moodle 3.0 has a good deal of new features, fixes and updates that can be taken advantage of by all Moodlers. I think one of these new features is especially important: the Upgrade Key. As explained by Moodle.org:

WIRIS

When the Moodle site is being upgraded as a result of the Moodle core update and/or a plugin installation/update, no authentication and authorization mechanisms are reliable. Any anonymous visitor of your site can potentially trigger the upgrade process by navigating their browser to your admin page. This can be seen as a security risk because a lot of sensitive information (server environment, plugin versions etc) are available at the upgrade screens.

The Upgrade Key takes care of this issue in one nice, easy addition to your config.php file. (add this line of code: $CFG->upgradekey = ‘put_some_shared_secret_here’;). With that in place, only authorized individuals will be able to access the admin sections during the upgrade process.

What other features in 3.0 are you excited about? Tell us in the comments below!