ISO Certified Company
Registered in Sri Lanka Telecom Rainbow Pages
ELIGIBLE FOR GOVERNMENT TENDERS

(+94) 77 284 1457
info@edutechsrilanka.lk

Why LMS security matters:

Your LMS holds personal data, grades, and exam content. A single misconfiguration or outdated plugin can lead to downtime, data leaks, or compliance issues. We put in layered defenses and keep them safe.

What we secure:

Patch & version management:Scheduled updates for Moodle core, plugins, PHP, DB & OS

Identity & accessStrong password policies, 2FA for admins/privileged roles, SSO (Google/Microsoft SAML/OAuth) when required; least privilege roles.

Transport security:Enforce HTTPS/TLS, HSTS, secure cookies, and origin shielded hosting.

WAF: Rate limiting, bot filtering, tuned rules to avoid breaking Moodle sessions/AJAX.

File & server hardening: Secure file permissions, separate Moodle data, disable risky PHP functions, non root services, and backups of configurations.

Logging & monitoring: Centralized logs, admin login alerts, brute-force detection, uptime & integrity checks, weekly security summaries.

Backup verification: Scheduled test restores so your backups are proven to work (see Data Recovery page for details)

How we work:

Assess - config & plugin audit

Harden - apply patches, 2FA/SSO, WAF/CDN

Monitor - logs, alerts, uptime, weekly report

Improve - monthly tune ups, new risks addressed

Does Moodle work behind a WAF/CDN?

Yes — with tuned exceptions. Generic WAF rules can break logins or AJAX; we apply Moodle-safe rules

Can you integrate Google/Microsoft login?

Yes — SSO via SAML/OAuth, with 2FA enforced for admins and teachers.

Will security slow the site?

No — we use CDN caching, optimized PHP/DB settings, and only necessary WAF rules.

Our Trusted Partners

Quilgo

StudyWise

© All Right Reserved.

Designed By Pixel Clear