Practical-: 9

Manage Moodle site, Managing authentication, Manual accounts,

No login, Email-based-self-registration, Account.
Manage Moodle site - Managing a Moodle site involves a variety of
tasks related to users, courses, site appearance, and more. Here's a
breakdown of key areas:
User Management:
Authentication: Configure how users access the site (e.g., email-based
self- registration, manual user creation, integration with external
systems).
Managing accounts: Search for, edit, delete, or perform bulk actions
on users.
Enrolments: Add users to specific courses.
Roles and permissions: Define what users can do on the site (e.g.,
teachers, students, administrators).
Course Management:
• Creating courses: Set up new courses, define course defaults, and
configure features like activity completion.
• Managing activities: Configure activities like quizzes, assignments,
and forums.
• Managing grades: Set site-wide grading settings and manage grades
within courses.
Site Configuration:
Appearance: Customize the site's look and feel, including themes,
blocks, and site home settings.
• Language: Add new languages and customize existing ones.
•Server settings: Configure server-related settings, including
registration, maintenance, and default settings.
Other Important Areas:
• Security: Implement measures to protect the site from unauthorized
access.
• Performance: Monitor and optimize the site's performance.
• Backup: Regularly back up the site and courses.
• Plugins: Install and manage plugins to extend Moodle's functionality.
Admin tools: Utilize tools like DB search and replace and database
transfer.
• Web services: Connect Moodle to other systems for seamless
integration.
• Moodle Cloud: If using Moodle Cloud, you can manage various
settings related to it,
including the cloud's features and limitations.
Handling authentication involves verifying a user's identity to grant
access to a system or application. This is typically done through
credentials like usernames and passwords, or alternative methods like
tokens, biometrics, or multi-factor authentication. Best practices
include using strong hashing algorithms for password storage, enabling
2FA, using HTTPS for secure data transmission, and implementing
account lockout policies.
Here's a more detailed breakdown:
1. Choosing Authentication Methods:
Username/Password: A common and widely used method, but
requires strong passwords and secure storage.
Tokens (e.g., JWT, OAuth): Tokens are digitally encoded strings that
prove a user's identity and are often used in stateless architectures.
Biometrics: Fingerprints, voice patterns, or other unique physical traits
can be used for authentication.
Multi-Factor Authentication (MFA): Combines multiple verification
methods, such as a password and a code from a mobile app.
Third-Party Authentication (OAuth, OpenID Connect): Allows
users to authenticate using their existing accounts with services like
Google or Facebook.
2. Implementing Authentication:
Secure Password Storage: Hash passwords using strong algorithms
like encrypt or Argon2, and salt the passwords before storage to prevent
rainbow table attacks.
Session Management: Implement secure session management with
unique session identifiers and appropriate timeouts to prevent session
hijacking.
HTTPS/TLS: Encrypt all communications between the client and
server using HTTPS [TLS to protect data in transit.
Account Lockout: Implement account lockout policies to prevent
brute-force attacks after multiple failed login attempts.
Two-Factor Authentication (2FA): Add an extra layer of security by
requiring a second verification factor, such as a code from a mobile app
or hardware token.
Access Control Lists (ACLs): Use ACLs to control access to
resources and ensure users only have the necessary permissions.
Principle of Least Privilege: Grant users only the permissions they
need to perform their tasks.
Input Validation: Validate all user inputs to prevent injection attacks.
Rate Limiting: Limit the number of requests from a single client to
prevent abuse and denial-of- service attacks.
Email-based-self-registration: -
1. Go to Administration > Site administration > Plugins >
Authentication > Manage authentication and click the crossed-out-eye
icon opposite email-based self-registration
2. Select email-based self-registration from the self-registration drop-
down menu in the common settings (further down the same page,
underneath the authentication plugins)
3. Click the 'Save changes' button.
Warning: Enabling self-registration results in the possibility of
spammers creating accounts in order to use forum posts, blog entries
etc. for spam. This risk can be minimized by limiting self-registration
to particular email domains with the allowed email domains setting in
Administration > Site administration > Plugins> Authentication >
Manage authentication. Alternatively, self-registration may be enabled
for a short period of time to allow users to create accounts, and then
later disabled.
Note: The Email-based self-registration authentication plugin must be
enabled to allow users who previously self-registered to login.
Selecting Email-based self-registration as the self-registration method
allows potential users to self-register.
You may change the text that appears under "Is this your first time
here?" in two ways:
1. Add text in the Instructions box found in Site administration ...
Plugins ... Authentication ... Manage authentication or,
2. Is the Language Customization tool to edit the language string 'login
steps' found in monodelph. Note, this string
is different from 'loginstepsnone•, which is the string used for No
Authentication registration.
For site administrators: If you enable captcha on your site, and for
some reason the settings are not configured.
 Practical: - 10
Create a roles and permissions, Assign roles.
Create a roles and permissions: -
To create roles and permissions, you typically need to use a system's
administrative interface. You'll need to navigate to a section related to
security, roles, or permissions management. Then, you can create new
roles by assigning them names and descriptions, and then assigning
permissions to those roles.
Here's a general process: Access the Admin Console: Go to the area
within the system where you manage users and permissions.
2. Locate the Roles Section: Look for a section related to roles, access
control. Or permissions management.
3. Create a New Role: Click on a button or option to create a new role.
4. Name and Describe the Role: Give the role a descriptive name and
a brief description.
5. Assign Permissions: Select the permissions you want to grant to the
role. These might be related to specific resources, actions, or areas of
the system.
6. Save the Role: Once you’ve defined the role and its permissions,
save the changes.
7. Assign Users to the Role: You'll typically be able to assign users or
user groups to the newly created role, granting them the permissions
associated with that role.
Example (Simplified):
1. Go to "Security Settings"
2. Click "Manage Roles"
3. Click "Create Role"
4. Name the role: "Content Editor"
5. Describe the role: "Can create and edit content"
6. Assign Permissions:
o "Edit Pages-
o "Create Articles"
o "View User List"
7. Save the Role
8. Assign users to "Content Editor" role
Key Considerations:
Specificity: Be mindful of the level of granularity you need. Do you
need roles that are very broad? (e.g., "Administrator"), or more specific
(e.g., "Content Editor", "Sales Manager")?
Principle of Least Privilege: Grant users only the permissions they
need to do their jobs, and no more.
Role-Based Access Control (RBAC): RBAC is a common approach
to managing permissions, where users are assigned roles, and those
roles define their access.
Permissions Types: Understand the different types of permissions
available (e.g.„ read, write. delete, execute) and how they apply to the
system.
Assign roles: -
Assigning roles means to give someone a specific job or responsibility
within a system, organization, or project. This can involve granting
permissions to access resources, participate in processes, or manage
certain areas. Role-based access control (RBAC) is a common
approach where permissions are granted based on a user's role, rather
than individual permissions.
Here's a more detailed breakdown:
What it is: Assigning roles is the process of giving individuals specific
duties or permissions within a system.
Why it's important: It helps ensure that the right people have access
to the right information and resources, and it can streamline workflows.
How it's done:
The specific process varies depending on the system or platform, but
often involves selecting a user or group and then choosing the
appropriate role from a list of available roles.
Examples:
Assigning a user to the "administrator" role in a software application.
Giving a group of employees the "editor" role in a content management
system.
Granting a project manager, the "project manager" role in a project
management tool.
Role-Based Access Control (RBAC):
RBAC is a widely used method for managing access rights. It allows
you to assign roles to users, and those roles then grant the user the
specific permissions associated with that role.
Special Features for an Active Central User Administration (CUA)
Column System
The system also displays the column System on the Roles and Profiles
tab page. It specif8 the system for which you have assigned the role or
profile for each entry.
Reference user
This assignment of a reference user is valid for all systems in a CUA
landscape. If the reference user does not exist in a CUA child system,
the assignment is ignored.
Text comparison from child sys- On the Roles and Profiles tab pages
in the central system of the CUA you can choose Text comparison.
 Practical: - 11
Implementing password salting.
Hashing is mainly used for authentication purposes. Salting makes
password hashing more secure. Salting is an extra action during
hashing. If two clients have the same password, they will also have the
same password hashes. A salt, which is a random series of characters,
is an extra input to the password before hashing. This makes an
alternate hash result for the two passwords. Salting makes it difficult to
use lookup tables and rainbow tables to crack a hash. A lookup table is
a data structure that processes several hash lookups for every second.
Implementation of Salting:
The following suggestions are used to implement salting:
Size of the salt should match the size of the hash function's output.
Always hash on the server in a web application.
The salt should be unique for every user's password.
A Cryptographically Secure Pseudo-Random Number Generator
(CSPRNG) is the best option to produce salt. It is completely
unpredictable and produces a random number. So, it is highly secure.
To store a password:
Use CSPRNG (Cryptographically Secure Pseudo-Random Number
Generator) to produce a salt.
Add salt to the starting of the password.
Hash it with SHA-256.
Save the hash and the salt.
To validate a password:
• Recover salt and hash from the database.
• Add salt to the password and hash it.
• Compare the hash of a given password to the one stored in the
database.
• The password is incorrect if the hashes do not match.
Key stretching can also be used to secure against attack. It prevents
high-end hardware that can compute billions of hashes for every second
less effective.
The design of an operating system is a broad and complex topic that
touches on many aspects of computer science. This article will cover
the design of operating systems in general and then focus on the
implementation aspect.
Design Goals:
Design goals are the objectives of the operating system. They must be
met to fulfill design requirements and they can be used to evaluate the
design. These goals may not always be technical, but they often have a
direct impact on how users perceive their experience with an operating
system. While designers need to identify all design goals and prioritize
them, they also need to ensure that these goals are compatible with each
other as well as compatible with user expectations or expert advice
Designers also need to identify all possible ways in which their designs
could conflict with other parts of their systems— and then prioritize
those potential conflicts based on cost-benefit analysis (CBA). This
process allows for better decision- making about what features make
sense for inclusion into final products versus those which would require
extensive rework later down the road. It's also important to note that
CBA is not just about financial costs; it can also include other factors
like user experience, time to market, and the impact on other systems.
The process of identifying design goals, conflicts, and priorities is often
referred to as "goal-driven design." The goal of this approach is to
ensure that each design decision is made with the best interest of users
and other stakeholders in mind.
Mechanisms and Policies:
An operating system is a set of software components that manage a
computer's resources and provide overall system management.
Mechanisms and policies are the two main components of an operating
system. Mechanisms handle low-level functions such as scheduling,
memory management, and interrupt handling; policies handle higher-
level functions such as resource management, security, and reliability.
A well-designed OS should provide both mechanisms and policies for
each component in order for it to be successful at its task:
Mechanisms should ensure that applications have access to appropriate
hardware resources (seats). They should also make sure that
applications don't interfere with each other's use of these resources (for
example through mutual exclusion).
Policies determine how processes will interact with one another when
they're running simultaneously on multiple CPUs within a single
machine instance — what processor affinity should occur during
multitasking operations? Should all processes be allowed access
simultaneously or just those belonging specifically within group These
are just some of the many questions that policies must answer. The OS
is responsible for enforcing these mechanisms and policies, as well as
handling exceptions when they occur. The operating system also
provides a number of services to applications, such as file access and
networking capabilities.
The operating system is also responsible for making sure that all of
these tasks are done efficiently and in a timely manner. The OS
provides applications with access to the underlying hardware resources
and ensures that they're properly utilized by the application.
It also handles any exceptions that occur during execution so that they
don't cause the entire system to crash.
Disk management is one of the critical operations carried out by the
operating system. It deals with organizing the data stored on the
secondary storage devices which includes the hard disk drives and the
solid-state drives. It also carries out the function of optimizing the data
and making sure that the data is safe by implementing various disk
management techniques. We will learn more about disk management
and its related techniques found in operating system.
The range of services and add-ons provided by modern operating
systems is constantly expanding, and four basic operating system
management functions are implemented by all operating systems.
These management functions are briefly described below and given the
following overall context. The four main operating system
management functions (each of which are dealt with in more detail in
different places) are:
Process Management
Memory Management
File and Disk Management
1/0 System Management
Most computer systems employ secondary storage devices (magnetic
disks). It provides low-cost, non-volatile storage for programs and data
(tape, optical media, flash drives, etc.). Programs and the user data they
use are kept on separate storage devices called files. The operating
system is responsible for allocating space for files on secondary storage
media as needed.
There is no guarantee that files will be stored in contiguous locations
on physical disk drives, especially large files. It depends greatly on the
amount of space available. When the disc is full, new files are more
likely to be recorded in multiple locations. However, as far as the user
is concerned, the example file provided by the operating system hides
the fact that the file is fragmented into multiple parts.
Disk Management of the Operating System Includes:
• Disk Format
• Booting from disk
• Bad block recovery
It is also called as password salting and it is also used in computer egg.
 Practical: - 12
Perform site backup, Course backup, Course restore, Automated
course backup.
Perform site backup: -
To take a website backup, you can either use your hosting control
panel's backup features, install a backup plugin for your website (like
WordPress), or manually back up your files and database. If using
cPanel, navigate to Files -9 Backup and download a full account
backup, or choose partial backups for specific directories or databases.
For WordPress, a plugin like Duplicator or Updraft Plus can automate
backups and store them in the cloud.
Here's a more detailed breakdown:
1. Using Hosting Control Panel (e.g., cPanel):
Log in to your hosting control panel: Access your cPanel
account. Find the backup manager: Look for the "Backups" or
"Files" section.
Initiate a full or partial backup: Choose whether to back up
your entire site or specific components (e.g., home directory,
database).
Select a backup destination: Choose where to store the backup
(e.g., server, remote FTP, Google Drive).
Start the backup: Click "Generate Backup" or similar to begin
the process.
Download the backup: Once complete, download the backup
file to your computer.
Important Considerations:
Regular backups:
Create backups regularly, especially before making major changes or
updates.
Choose a secure and accessible location for your backups (e.g., cloud
storage.
Course Backup: -
To back up a course
1. Go into the course.
2. From Course navigation > More > Course reuse, select 'Backup'.
3. Initial settings - Select activities, blocks, filters and other items as
required then click the Next button. Users with appropriate
permissions, such as administrators and managers, can choose whether
to include users, anonymize user information, or include user role
assignments, groups, groupings, user files, comments, user completion
details, course logs and grade history in the backup.
4. Schema settings - Select/deselect specific items to include in backup,
then click the Next button.
5. If desired, select specific types of activity to be backed up by clicking
the link 'Show type options'
6. Confirmation and review - Check that everything is as required,
using the Previous button if necessary, otherwise click the 'Perform
backup' button.
7. Complete - Click the Continue button
Anonymizing user information
Anonymize user information is a backup feature which "protects user
identities" by making each user anonymous. If this box is checked in
the backup initial settings, Moodle will substitute aliases for real
names, substituting @doesntexist.com email addresses and so forth.
For example, "Max Manager" might become "anonfirstname4
anonlastname4".
Asynchronous course backups
Note: With large courses it is helpful to be able to continue working
while a course backup is being made. To achieve this, you need to
enable asynchronous backups in Site Administration / Courses /
Backups / Asynchronous backup/restore. New in 4.4.
Course restore: -
1. From the Manage categories and courses screen, click the arrow next
to the chosen category and click 'Restore (if you have admin or category
permissions) or Course navigation > More > Course reuse > Restore if
you are restoring into a course.
2. Upload the backup file or choose a file in the course backup area or
user private backup area and click Restore
3. Confirm - Check that everything is as required then click the
Continue button
4. Destination - Choose whether the course should be restored as a new
course or into an existing course then click the Continue button
5. Settings - Select activities, blocks, filters and possibly other items as
required then click the Next button
6. Schema - Select/deselect specific items and amend the course name,
short name and start date if necessary, then click the Next button
7. Review - Check that everything is as required, using the Previous
button if necessary, then click the 'Perform restore' button
8. Complete - Click the continue button
Notes:
1. If you are restoring a course with user data (forum posts for example)
then the user data will keep the original dates, whereas the activities
and sections will change
according to the new course start time you set.
2. If your new course has fewer sections than the course you are
restoring, the extra sections will appear as "orphaned activities".
Increase the number of sections in the new course to make them visible.
3. If you are restoring a course from a different Moodle site and you
obtain the error message "Trying to restore user (admin) from backup
file will cause conflict", you can enable the setting.
Automated Course backup: -
Automated course backups run the same functions as individual course
backups. It's a good idea to schedule backups for when your server isn't
usually busy. Running the backup tool over all the courses can be
processor-intensive, so you shouldn't run it when there are a lot of
students trying to access the server. You should always alert users with
an announcement on the first page that if they log on during the backup
hours, they may notice a decrease in performance.
In order to make scheduled backups, you have to set up CRON to run
periodically. Please refer to the croon instructions.
Setting an automated course backup schedule
To set the backup schedule:
1. Go to Administration > Site administration > Courses > Backups >
Automated backup setup.
2. Set backup_auto_active to enabled.
3. Select the days of the week to run the backup.
4. Set the execution time for the backup process. For most servers, early
morning will be the best time. Keep in mind the time zone your server
is using.
5. Set the "Save to..." path. If you can, choose a backup path on another
machine or on a different drive than the one Moodle is on. You don't
want to lose your backups at the same time you lose your Moodle site
if the drive fails. If you leave the field blank, then backup zip files will
be saved in the backup folder of each course files folder. On a Linux
server the path might look like: /home/(your user or domain)/public
HTML/archive/ or if it's below the publicly accessible folders:
/home/(your user or domain)/archive/. On Windows the path might
look like: D:\Archive\.
If the path is not recognized a red X is shown after saving, otherwise a
green check. 1. Set all other options appropriately. 2. Click the "Save
changes" button. Tip: To save disk space, you can choose to delete.
CDL GOVT. POLYTECHNIC NATHUSARI CHOPTA

Session- 2025-26

Name: - Dev
Branch: - CSE
Sem: - 6th Sem
Year: - 3rd year
Roll No: - 220290800015
Practical: - ADUWF

Submitted To: - Mr. Lalit Uppal Sir

Submitted By: - Dev

Signature