Your site configuration might not be secure. Please make sure that your dataroot directory in Moodle

May 13, 2011 — 6 Comments

Your site configuration might not be secure. Please make sure that your dataroot directory (/home3/parent/public_html/datarootdir) is not directly accessible via web.

Above is a typical message you get when you login into Moodle if it’s installed  in shared hosting.

Your site configuration might not be secure. Please make sure that your dataroot director

How do we block dataroot directory not directly accessible via web? 

We have to move dataroot directory from public_html folder to the root of your web hosting. Here are the instructions what you have to do to move the dataroot folder away from public_html in Moodle.

1. Connect to your web server using any FTP client (I am using WS_FTP) and go to public_html folder.

public-html-moodle

2. In public_html folder find dataroot folder.  Download this folder to your desktop or any where in your computer. You can also copy and past the folder in the root folder but it take long time. Do not delete the datarootdir in public_html folder NOW.

datarootdir-in-moodle

3. Now move datarootdir to your root directory. Root directory is folder/

move-datarootdir-to-root-folder

4. Once you moved datarootdir folder into Root directory, click on public_html folder and edit config.php file.  We need to change the path so that it can point to new location of datarootdir folder.

open-config-php

5.  This is how your config.php file will look like.  Where it says $CFG—>dataroot = “/home/root/public_html/datarootdir’; you need to change this to “/home/root/datarootdir’.  Just remove /public_html  line  and save the file.

remove-public-html

 

6. Now if you log back into Moodle, you will not see

Your site configuration might not be secure. Please make sure that your dataroot directory (/home3/parent/public_html/datarootdir) is not directly accessible via web.

message anymore. now you can go to your public_html folder and delete your datarootdir

6 responses to Your site configuration might not be secure. Please make sure that your dataroot directory in Moodle

  1. 

    Great..! Admin, but we are expecting your own article!

  2. 

    Great instruction and it helped me lot.

  3. 

    I am new to Moodle and used Simple scripts to install in my shared hosting. Your post helped me lot and I was able to move the folder to root and now I don’t see the error message.

    Thank You and keep up the good work!

  4. 
    Carlos Altamirano December 4, 2012 at 12:47 pm

    Thanks.!!!
    Carlos

  5. 

    Thank you Aryan..very helpful!!
    Carlos

Trackbacks and Pingbacks:

  1. Moodle Install on Bluehost Hosting and then installing the Rocket Theme - September 7, 2012

    […] Fix: (Do this before you set the config.php file) There is sensitive information in this folder and it needs to be not accessible from the web.  Put the copy of the folder moodledata that is in your root folder into the folder above the Public_HTML folder (none web accessible area).  Also see these excellent instructions here. […]

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s