best practices in moodle administration
DESCRIPTION
Best Practices in Moodle Administration is a summary of the key points to consider when approaching this vital role. The content is based on best practices collected through experience of managing thousands of Moodle sites, with over 4,500,000 registered user accounts and over 9 years of community involvement. It will be of equal interest to the institutional technical administrator and someone looking after a smaller site. It will cover many subjects including: - performance tuning - monitoring - user authentication - system securityTRANSCRIPT
Best Practices in Moodle Administration
Jonathan MooreCTO and Vice President RL-UK
RL Background and Context
Over 3000 hosted Moodle sites
Over 12 million registered Moodle accounts
Over 2,000,000 Moodle courses
Hosting Moodle sites since 2004
Virtualized Infrastructure
Know What's Happening on Your Server
Monitoring: Cacti� SNMP monitoring� Round robin log storage
Alerts and Notifications: Nagios� SNMP alert system� Have your servers page or text you!
Roles Don't change built in roles
� Remember reset defaults option Know what level to apply roles at
� Admin: global� Course Creator: global, or category� Student, Teacher: course
Know what level capabilities work at Make new roles by copying most
similar existing role
Performance Tips
PHP Accelerator – APC MySQL –
� Buffers and Query Caching� Use InnoDB� Use Percona build
Sessions Moodle source code location
Performance Testing
Try jMeter Try Apache ab
Just-in-Case Model
Automate user creation, course creation and enrolments
Use LDAP auth + external DB enrolment
Get higher adoption rates from instructors
Instructor can focus more time on teaching less on the technology
Backups Management
Course backups not a full backup! Disable automated course backups? Yesterday instance Backup Elements
� Moodle code� Moodledata� Database
Platform Selection
Linux most used for scalability Windows significantly lower
performance for PHP apps Mac OSX forking performance
issue� Apache and MySQL concurrency
issue
Issue Tracker
Use notification screen to confirm version
Moodle Issue Tracker� Vote for bugs� Set a Watch your important bugs
phpMyAdmin Useful and powerful, but
dangerous Useful to pull reports not built into
Moodle Change settings values not in GUI Fix Moodle when “broken” by user
error Reset administrator password if
locked out
Various Admin Helpers
Moodle debug� General debugging� Performance debugging
phpinfo – confirm your php build iperf – test your network iostat – linux disk usage stats strace – see what a process is
doing
Custom Development and Modules
Don't load modules just because they are available
Use modules over “hacks” Use the forums to evaluate
modules Use the author's profile to research
the creator
Change Management
• Enforce change controls• Engage stack holders in change
management
• Visible Ops
Security - Update
Security report Use password salts User passwords – less secure then
ever Don't give web server user write
permissions to Moodle source
General Security Select Enterprise class OS with long
term support. Automate or schedule updates Moodledata outside of web root Try mod_sec Consider using git for Moodle
auto/scheduled updates Consider forced logins HTTPS logins
More Security
Disable MySQL networking Set the MySQL root user password See Moodle Docs Security Page
� http://docs.moodle.org/en/Security
Email delivery
Make sure you have valid reverse DNS
Make sure you have permission to send email for primary administrator's email account
Use email debug to help diagnose problems.
Custom themes
Start with a basic theme Copy existing theme to a new
folder name Prevents upgrades from wiping
out