Summary
We exposed some security issues related to the user information within Moodle and ways to resolve them. We explained what user information is available within Moodle and ways for other users to access it, with a detailed section that explains how to close or limit those points if that is what we want. We also talked about pitfalls related to the backup and how to restore the courses, explained the importance of having a proper password policy, and configured password salt. After applying recommendations from this chapter your Moodle site will be much safer and will expose only the amount of information that you actually want. In the next chapter we will talk about monitoring features within Moodle.