In seldom cases, Chamilo will generate a series of problems after a migration. This list is a helper designed mainly by BeezNest after its many migration jobs assisting large companies to migrate this critical piece of software.
+In seldom cases, Chamilo will generate a series of problems after a migration + . This list is a helper designed mainly by BeezNest + after its many migration jobs assisting large companies to migrate this critical piece of software.
Contents
@@ -27,14 +29,26 @@1. Version specific issues
-Sadly, some issues happen over certain migrations and, so far, the difficulty of fixing things is still less than the difficulty of knowing exactly what to do to improve the migration script for all scenarios
+Sadly, some issues happen over certain migrations and, so far, the difficulty of + fixing things is still less than the difficulty of knowing exactly what + to do to improve the migration script for all scenarios
2. Documents
-
-
- The worst that could happen is a change of codification while migrating from 1.8.5 to 1.8.8.4. Codification problems are nightmares because you generally get a limited number of characters you can freely change without affecting already existing files. Scrips can be made to ananlyse and fix most of the problems, but you will still need a lot of manual review before you can be sure you eliminated all problems +
- The worst that could happen is a change of codification while + migrating from 1.8.5 to 1.8.8.4. Codification problems are nightmares + because you generally get a limited number of characters you can + freely change without affecting already existing files. Scrips can + be made to ananlyse and fix most of the problems, but you will + still need a lot of manual review before you can be sure you + eliminated all problems
3. Database entries
-
-
- Some users reported problems with quizzes: when migrating from 1.8.5 to 1.8.8.4, the quiz_question table has a question_order field filled with 1's. This generates a bug when using exercises marked random, as you only ever get one question to the test. Solution: update the question_order field to have sequential numbers. +
- Some users reported problems with quizzes: when migrating from + 1.8.5 to 1.8.8.4, the quiz_question table has a question_order + field filled with 1's. This generates a bug when using exercises + marked random, as you only ever get one question to the test. + Solution: update the question_order field to have sequential numbers.
In seldom cases, you will need to start looking into efficiency issues with Chamilo. This guide is a work in progress intended to help administrators optimize their Chamilo installation.
+In seldom cases, you will need to start looking into efficiency issues + with Chamilo. This guide is a work in progress intended to help + administrators optimize their Chamilo installation.
Contents
-
-
- Using xCache, APC, Memcache or Memcached +
- Using opcaches
- Slow queries
- Indexes caching
- Sessions directories @@ -56,12 +58,30 @@
- MySQL/MariaDB compression
1. Using xCache or APC
+1. Using opcaches
+Zend OpCode (Zend Optimizer+)
+ From version 5.5, PHP includes the Zend OpCache Optimizer, which can + produce considerable efficiency boosts and is very reliable. + + Using OpCache should come by default, but if you want to make sure it's + running, just check that your opcache.ini config file says +opcache.enable = 1+ Some websites will recommend the addition of additional settings, and this + is really up to you. Check the official OpCache config page for more information. + + Zend OpCache is an "opcode" cache, meaning it will compile static code to make their processing faster. + However, this will not allow you to "store" shared variables in memory between all users. To do that, we suggest + you complement Zend OpCache (opcode) with a user-land cache like APCu. + +
xCache
+ See xCache's website for summary documentation.-
-
- On Debian/Ubuntu: sudo apt-get install php5-xcache +
- On Debian/Ubuntu<=14.04: sudo apt-get install php5-xcache
xcache.shm_scheme = "mmap" xcache.size = 32M @@ -77,7 +97,9 @@ xcache.var_maxttl = 300 xcache.var_gc_interval = 300 xcache.test = Off-xCache will feel useless until you actually start to put some variables in cache. If you're showing the "Who is online" counter, that's one of the best item there is to implement xCache.
+xCache will feel useless until you actually start to put some variables in + cache. If you're showing the "Who is online" counter, that's one of the + best item there is to implement xCache.
For example, you could implement it this way (in main/inc/lib/banner.lib.php):
$xc = function_exists('xcache_isset');
@@ -100,8 +122,11 @@ if(!empty($_course['id'])) {
}
}
-Note that, as xCache is a shared caching system, it is very important to prefix your variables with a domain name or some kind of identifier, otherwise it would end up in disaster if you use a shared server for several portals.-If you use php5-memcache, then this piece of code would look like this (you need to adjust depending on your settings): +Note that, as xCache is a shared caching system, it is very important to prefix + your variables with a domain name or some kind of identifier, otherwise it + would end up in disaster if you use a shared server for several portals.
+If you use php5-memcache, then this piece of code would look like this + (you need to adjust depending on your settings):
global $_configuration;
$_course = api_get_course_info();
@@ -140,10 +165,15 @@ If you use php5-memcache, then this piece of code would look like this (you need
}
-An optional additional caching mechanism you may use is the realpath_cache_size and realpath_cache_ttl php.ini parameters. See the PHP documentation for more details. +An optional additional caching mechanism you may use is the realpath_cache_size + and realpath_cache_ttl php.ini parameters. + See the PHP documentation + for more details.
-If you prefer using APC, you can use the same kind of trick as above, just changing the code a little: +
APC
+If you prefer using APC, + you can use the same kind of trick as above, just changing the code a little:
$xc = function_exists('apc_exists');
$number = 0;
@@ -179,7 +209,10 @@ If you prefer using APC, you
...
-If you use php5-memcached (different set of functions than php5-memcache!), then this piece of code would look like this (you need to adjust depending on your settings): +
Memcached
+If you use php5-memcached (different set of functions than php5-memcache!), + then this piece of code would look like this (you need to adjust + depending on your settings):
global $_configuration;
$_course = api_get_course_info();
@@ -227,8 +260,15 @@ If you use php5-memcached (different set of functions than php5-memcache!), then
-It is also worth noting that the Université de Genève, Switzerland, observed that the calculation of the total size used by course documents is one of the heaviest queries in Chamilo, so you might want to cache the results of this one as well, using the same technique.
-Finally, if your portal is highly public *and* you are showing the popular courses on the homepage, you might want to also reduce the amount of queries this generates, using the same technique as above, but for the main/inc/lib/auth.lib.php library, looking for the "Tracking::get_course_connections_count()" call:
+It is also worth noting that the Université de Genève, Switzerland, observed
+ that the calculation of the total size used by course documents is one of
+ the heaviest queries in Chamilo, so you might want to cache the results of
+ this one as well, using the same technique.
+Finally, if your portal is highly public *and* you are showing the popular
+ courses on the homepage, you might want to also reduce the amount of
+ queries this generates, using the same technique as above, but for the
+ main/inc/lib/auth.lib.php library, looking for the
+ "Tracking::get_course_connections_count()" call:
while ($row = Database::fetch_array($result)) {
$row['registration_code'] = !empty($row['registration_code']);
@@ -249,10 +289,17 @@ If you use php5-memcached (different set of functions than php5-memcache!), then
...
}
-Finally, the Free Campus of Chamilo has a very specific case of slow query: the courses catalog! Because there might be more than 30,000 courses in there, getting the number of "Connections last month" can be a desastrous query in terms of performances. This is why you should try to cache the results as well.
-Obviously, as we are speaking about showing the number of visits this month, it doesn't really matter if the number doesn't refresh for an hour or so...
-Locate the main/inc/lib/course_category.lib.php file, open it and go to the browseCoursesInCategory() function.
-Locate the $count_connections_last_month = Tracking::get_course_connections_count(...) call, and wrap in into something like this:
+Finally, the Free Campus of Chamilo has a very specific case of slow query:
+ the courses catalog! Because there might be more than 32,000 courses in
+ there, getting the number of "Connections last month" can be a disastrous
+ query in terms of performances. This is why you should try to cache the
+ results as well.
+Obviously, as we are speaking about showing the number of visits this month,
+ it doesn't really matter if the number doesn't refresh for an hour or so...
+Locate the main/inc/lib/course_category.lib.php file, open it and go to the
+ browseCoursesInCategory() function.
+Locate the $count_connections_last_month = Tracking::get_course_connections_count(...)
+ call, and wrap in into something like this:
$xc = method_exists('Memcached', 'add');
if ($xc) {
@@ -285,18 +332,11 @@ Locate the $count_connections_last_month = Tracking::get_course_connections_coun
2. Slow queries
Enable slow_queries in /etc/mysqld/my.cnf, restart MySQL then follow using sudo tail -f /var/log/mysql/mysql-slow.log
-In Chamilo 1.9 in particular, due to the merge of all databases into one, you might experience performance issue if you have many learning paths with many items in them.
-To solve this performance issue, you can execute the following queries manually in your database:
+In Chamilo 1.9 in particular, due to the merge of all databases into one, you might experience performance issues.
+To solve this performance issue, you can execute the following query manually in your database:
-ALTER TABLE lp_item ADD INDEX idx_c_lp_item_cid_lp_id (c_id, lp_id);
-ALTER TABLE lp_item_view ADD INDEX idx_c_lp_item_view_cid_lp_view_id_lp_item_id (c_id, lp_view_id, lp_item_id);
ALTER TABLE user_rel_tag ADD INDEX idx_user_rel_tag_user (user_id);
-In Chamilo 1.9.8, we use the c_item_property table more actively. This causes issues with the reporting pages for the assignments. You can reduce the impact by adding the following index:
-
-alter table c_item_property add index idx_itemprop_tooliuid(tool, insert_user_id);
-
-These will be available in Chamilo 1.10 directly, but we cannot put them into Chamilo 1.9 from now on for organizational reasons.
3. Indexes caching
One good reference: MySQL documentation on multiple key caches
@@ -365,10 +405,18 @@ This mode is not loaded by default, but could still be selected, leading to a "F
The only non-scripted solution here is to allow for the corresponding amount of RAM for your PHP configuration (memory_limit = 300M) or your specific VirtualHost if you use mod-php5 (php_value memory_limit 300M).
-Avoiding non-fixed values
-Many things in Chamilo are written focusing on the ease of use, even for the administrator. Sometimes, these settings are weighing a little bit more on the system. This is the case, between others, of the mail.conf.php file (being loaded unconditionally) and its CONSTANT "IS_WINDOWS_OS", which is defined by a function call (api_is_windows_os()) at the beginning of main_api.lib.php.
+Avoiding dynamic values
+Many things in Chamilo are written focusing on the ease of use, even for the
+ administrator. Sometimes, these settings are weighing a little bit more on
+ the system. This is the case, between others, of the mail.conf.php file
+ (being loaded unconditionally) and its CONSTANT "IS_WINDOWS_OS", which is
+ defined by a function call (api_is_windows_os()) at the beginning of
+ main_api.lib.php.
-The definition of this constant (which is executed at *every* page load) can easily be avoided, and the only place where it is used inconditionally (mail.conf.php) can be modified to set the line as you expect it (depending on whether you use sendmail/exim or smtp).
+The definition of this constant (which is executed at *every* page load) can
+ easily be avoided, and the only place where it is used unconditionally
+ (mail.conf.php) can be modified to set the line as you expect it
+ (depending on whether you use sendmail/exim or smtp).
$platform_email['SMTP_MAILER'] = 'smtp';
@@ -376,23 +424,44 @@ or
$platform_email['SMTP_MAILER'] = 'mail';
-In fact, the complete loading of mail.conf.php can also be avoided if loaded conditionally (with require_once) when sending an e-mail (which is the only case where it is useful).
+In fact, the complete loading of mail.conf.php can also be avoided if
+ loaded conditionally (with require_once) when sending an
+ e-mail (which is the only case where it is useful).
-As an additional node, on very active portals with a lot of courses for each users, the icons that appear next to the courses illustrating changes in the corresponding course might be heavyweighted. You can alter slightly the behaviour by not querying for notifications you don't care about, like dropbox, notebook or chat. Change this in main/inc/lib/display.lib.php, in function show_notification().
+As an additional node, on very active portals with a lot of courses
+ for each users, the icons that appear next to the courses illustrating
+ changes in the corresponding course might be heavyweighted. You can
+ alter slightly the behaviour by not querying for notifications you
+ don't care about, like dropbox, notebook or chat. Change this in
+ main/inc/lib/display.lib.php, in function show_notification().
Speeding file downloads with mod_xsendfile
-It might have come to your attention that file downloads through Chamilo might get slow, under default conditions, in particular using Apache 2.
-There are several ways to fix this, one of which is removing the .htaccess inside the courses/ directory. This, however, will remove all permissions checks on the files contained in this directory, so... most of the time, not ideal unless your portal is *really* open to the world.
-Another technique, revealed to us by VirtualBlackFox on this Stackoverflow post, is to use the X-SendFile module for Apache 2.2+ (other web servers might offer other solutions, or avoid the problem initially).
-Installing the X-SendFile module will depend on your operating system, but if you use Ubuntu, you'll have to check you are including the "universe" repository inside your packages sources (check /etc/apt/sources.list), then:
+
It might have come to your attention that file downloads through Chamilo
+ might get slow, under default conditions, in particular using Apache 2.
+There are several ways to fix this, one of which is removing the .htaccess
+ inside the courses/ directory. This, however, will remove all permissions
+ checks on the files contained in this directory, so... most of the time,
+ not ideal unless your portal is *really* open to the world.
+Another technique, revealed to us by
+ VirtualBlackFox
+ on this Stackoverflow post,
+ is to use the X-SendFile module for Apache 2.2+ (other web servers might
+ offer other solutions, or avoid the problem initially).
+Installing the X-SendFile module will depend on your operating system,
+ but if you use Ubuntu, you'll have to check you are including the "universe"
+ repository inside your packages sources (check /etc/apt/sources.list), then:
sudo apt-get update
sudo apt-get install libapache2-mod-xsendfile
sudo service apache2 restart
Once you're done with installing, you'll have to configure Chamilo to use it.
-First, edit your VirtualHost or your Apache configuration in general (in Ubuntu, check the /etc/apache2/ or /etc/apache2/sites-available/ folder). This is done by adding the following line inside your configuration, and reloading Apache (example provided on the basis of a virtual host located in /etc/apache2/sites-available/my.chamilo.net.conf) :
+First, edit your VirtualHost or your Apache configuration in general (in Ubuntu,
+ check the /etc/apache2/ or /etc/apache2/sites-available/ folder). This is done
+ by adding the following line inside your configuration, and reloading Apache
+ (example provided on the basis of a virtual host located in
+ /etc/apache2/sites-available/my.chamilo.net.conf) :
sudo vim /etc/apache2/sites-available/my.chamilo.net.conf
# add the following line:
@@ -400,26 +469,50 @@ sudo vim /etc/apache2/sites-available/my.chamilo.net.conf
# exit the file
sudo service apache2 reload
-Finally, you'll have to got to your Chamilo configuration file, and add the following line at the very bottom of the file main/inc/conf/configuration.php:
+Finally, you'll have to got to your Chamilo configuration file, and add the
+ following line at the very bottom of the file main/inc/conf/configuration.php:
$_configuration['enable_x_sendfile_headers'] = true;
-Done! Now your downloads should go substantially faster. This is still a feature in observation. We're not sure the benefits are sufficient, so don't hesitate to let us know in the related issue in Chamilo's tracking system
+Done! Now your downloads should go substantially faster. This is still a
+ feature in observation. We're not sure the benefits are sufficient, so
+ don't hesitate to let us know in
+ the related issue in Chamilo's tracking system
-IGBinary for courses backups and better sessions management
+IGBinary for courses backups and better
+ sessions management
-IGBinary is a small PECL library that replaces the PHP serializer. It uses less space (so less memory for serialized objects) and is particularly efficient with memory-based storages (like Memcached). Use it for course backups (see issue 4443) or to boost sessions management.
+IGBinary is a small PECL
+ library that replaces the PHP serializer. It uses less space (so less
+ memory for serialized objects) and is particularly efficient with memory-based
+ storages (like Memcached). Use it for course backups
+ (see issue 4443) or
+ to boost sessions management.
Removing files download permissions check
-This measure is not cumulative with mod_xsendfile explained above. It is not *recommended* either, as it removes an important security layer.
+This measure is not cumulative with mod_xsendfile explained above. It is not *recommended*
+ either, as it removes an important security layer.
-In Chamilo, for security and tracking purposes, all downloaded files pass through PHP scripts that check whether the user has access to the file given his/her current permissions. This process requires important database accesses and processing, which might terminally affect your server's performance. In particular, this can have a huge effect if having hundreds of simultaneous users accessing learning paths pages composed of local resources.
-The logic behind this verification is that, whatever resources that needs to be downloaded/viewed that come from the /courses/ directory, the /courses/.htaccess file with get in the middle and redirect these accesses to a PHP script (usually called download.php but there are more than one depending on the type of resource).
-If you want to speed up files accesses and you don't really care about whom can see your files, then an option is to simply remove this redirection to download.php and let Apache treat the file on its own.
-Furthermore, using a PHP script for the download (unless you have special rules) will usually prevent static content caching, which will multiply downloads and use large amount of additional bandwidth.
+In Chamilo, for security and tracking purposes, all downloaded files pass through PHP
+ scripts that check whether the user has access to the file given his/her current
+ permissions. This process requires important database accesses and processing, which
+ might terminally affect your server's performance. In particular, this can
+ have a huge effect if having hundreds of simultaneous users accessing
+ learning paths pages composed of local resources.
+The logic behind this verification is that, whatever resources that needs to be
+ downloaded/viewed that come from the /courses/ directory, the /courses/.htaccess
+ file with get in the middle and redirect these accesses to a PHP script
+ (usually called download.php but there are more than one depending on the
+ type of resource).
+If you want to speed up files accesses and you don't really care about whom can
+ see your files, then an option is to simply remove this redirection to
+ download.php and let Apache treat the file on its own.
+Furthermore, using a PHP script for the download (unless you have special rules)
+ will usually prevent static content caching, which will multiply downloads
+ and use large amount of additional bandwidth.
Typically, the .htaccess will look like this (with additional comments):
@@ -443,7 +536,9 @@ RewriteRule ([^/]+)/document/(.*)$ /main/document/download.php?doc_url=/$2&cDir=
RewriteRule ([^/]+)/work/(.*)$ /main/work/download.php?file=work/$2&cDir=$1 [QSA,L]
-This is easy, doesn't require a server reload and you should see the results pretty quickly. As mentioned above, if security of your content is an issue, though, you should avoid using this technique.
+This is easy, doesn't require a server reload and you should see the results pretty
+ quickly. As mentioned above, if security of your content is an issue, though,
+ you should avoid using this technique.
You can also mitigate the risk by disabling permissions check only
@@ -469,10 +564,21 @@ RewriteRule (\.(html|gif|jpg|jpeg|png|js|pdf|ico|icon|css|swf|avi|mp3|ogg|wav|tt
MySQL/MariaDB compression
-If your database server is separate from your web server, you have to play with bandwidth, firewalls, and network restrictions in general.
-In particular, when dealing with large-scale portals, the time a SQL query will take to return to the web server will take longer and, eventually, in the most critical cases, will take too long, and your web servers will be completely overloaded (load average very high because the system is waiting for I/O operations, but processors usage not being very high is a clear sign of this).
-To solve this kind of issues, MySQL and MariaDB offer a data compression mechanism, which will reduce the amount of data passed between PHP and the database server. Ultimately, this reduction will lower bandwidth usage and reduce the impact of numerous and heavy data requests (and save you).
-In 1.10.0, we have added the possibility to enable this compression very easily, from the configuration.php file, uncommenting the following line:
+If your database server is separate from your web server, you have to play with
+ bandwidth, firewalls, and network restrictions in general.
+In particular, when dealing with large-scale portals, the time a SQL query
+ will take to return to the web server will take longer and, eventually,
+ in the most critical cases, will take too long, and your web servers
+ will be completely overloaded (load average very high because the system
+ is waiting for I/O operations, but processors usage not being very high
+ is a clear sign of this).
+To solve this kind of issues, MySQL and MariaDB offer a data compression
+ mechanism, which will reduce the amount of data passed between PHP and
+ the database server. Ultimately, this reduction will lower bandwidth
+ usage and reduce the impact of numerous and heavy data requests (and
+ save you).
+In 1.10.0, we have added the possibility to enable this compression very
+ easily, from the configuration.php file, uncommenting the following line:
//$_configuration['db_client_flags'] = MYSQL_CLIENT_COMPRESS;
@@ -484,7 +590,8 @@ This should have an immediate effect on the load average on your server.
-Don't have time or resources to optimize your Chamilo installation yourself? Hire an official Chamilo provider and get it sorted out professionally by specialists. +Don't have time or resources to optimize your Chamilo installation + yourself? Hire an official Chamilo provider and get it sorted out professionally by specialists.
diff --git a/documentation/readme.html b/documentation/readme.html
index 185656ad93..927c8b7828 100755
--- a/documentation/readme.html
+++ b/documentation/readme.html
@@ -43,8 +43,8 @@
About Chamilo
-Chamilo is an e-learning and course management web application, and free software under the GNU/GPLv3+ license. It's translated into more 30 languages, - SCORM compatible, light and flexible.
+Chamilo is an e-learning and course management web application, a free software under the GNU/GPLv3+ license. + It's translated into more 30 languages, SCORM 1.2 compatible, light and flexible.
Chamilo supports many different kinds of learning and collaboration activities. Teachers/trainers can create, manage and publish their courses through the web. @@ -55,22 +55,24 @@
Technically, Chamilo is a web application written in PHP that stores data in a MySQL database. Users access it using a web browser. - The first stable version of Chamilo, 1.8.6.2 Salto, was based on the Dokeos(TM) 1.8.6.1 code and is meant to be the next software step for institutions currently using Dokeos. + The first stable version of Chamilo, 1.8.6.2 Salto, was based on the Dokeos(TM) 1.8.6.1 code and is + meant to be the next software step for institutions currently using Dokeos.
If you would like to know more or help develop this software, please visit
- our homepage at http://www.chamilo.org
SCORM
Chamilo imports and manages SCORM 1.2 contents.For more information on SCORM normalisation, see http://www.adlnet.org
- Chamilo does not implement the full set of SCORM 1.2 specifications, as many are not mandatory. Check our website for more details.
+ Chamilo does not implement the full set of SCORM 1.2 specifications, as many are not mandatory. + Check our website for more details.
License
Chamilo is distributed under the GNU General Public license (GNU/GPLv3+).
- Read the GNU General Public license (GPL) .
Portability
@@ -91,40 +93,45 @@+We officially recommend Debian and Ubuntu operating systems for their security, packaging system, community and + availability to the public.
-
E-mail functions remain silent on systems where there is no mail sending software
+
E-mail functions remain silent on systems where there is no mail sending software (Sendmail, Postfix, Exim4, Hamster...), which is the case by default on a Windows machine.
Interoperability
-Chamilo imports SCORM 1.2 compliant learning contents. It imports "On the shelve"
-
+
Chamilo imports SCORM 1.2 compliant learning contents. It imports "On the shelve" contents from many companies : NETg, Skillsoft, Explio, Microsoft, Macromedia, etc.
-Admin interface imports users through CSV and XML. You can create a CSV file from
-
- a list of users in MS-Excel. OpenOffice can export to both CSV and XML formats.
-
- Many database management systems, like Oracle, SAP, Access, SQL-Server, LDAP ...
-
- export to CSV and/or XML.
Chamilo includes a LDAP module that allows admin to disable database authentication
-
- and replace it by connection to a LDAP directory.
Admin interface imports users through CSV and XML. You can create a CSV file
+ from a list of users in MS-Excel. OpenOffice can export to both CSV and XML
+ formats.
+ Many database management systems, like Oracle, SAP, Access, SQL-Server, LDAP, etc
+ export to CSV and/or XML.
Client side, Chamilo runs on any browser : Firefox, MS Internet Explorer (5.0+), Netscape (4.7+),
+
Chamilo includes a LDAP module that allows admin to disable database + authentication and replace it by connecting to a LDAP directory.
- Mozilla (1.2+), Safari, Opera, ...For better user experience, we recommend Firefox 3.5+ (you can download it freely from http://getfirefox.com). +
Client side, Chamilo runs on any browser : Firefox, MS Internet Explorer
+ (9+), Chrome, Safari, Opera, ...
+ For better user experience, we recommend Firefox 3.5+ (you can download it
+ freely from http://getfirefox.com).
Chamilo.org
-Chamilo is also an association, backed up by a network of private partners to assist companies and institutions in their e-learning projects. This network also promotes professional versions of Chamilo solutions, which consist of complete packages of services (see http://www.chamilo.org/providers for more details)
+Chamilo is also an association, backed up by a network of private partners + to assist companies and institutions in their e-learning projects. This + network also promotes professional versions of Chamilo solutions, which + consist of complete packages of services (see https://chamilo.org/providers + for more details)
Certification
-The Chamilo association offers official certification programs through its official provider BeezNest. These certifications are available from very low fees. Check https://shop.beeznest.com for more info and to take the certification test directly.
+The Chamilo association offers official certification programs through its + official providers. These certifications are available for affordable fees. + Check https://shop.beeznest.com for more info and to take the certification + test directly.
Association Contact address:
diff --git a/documentation/security.html b/documentation/security.html
index 40b171e5c5..7839e29201 100755
--- a/documentation/security.html
+++ b/documentation/security.html
@@ -12,7 +12,9 @@
Documentation > Security Guide
-
We recommend you don't take security issues too lightly. Chamilo is security-audited at least once a year, but you're never too sure. This list is a work in progress. Feel free to recommend additional measures by sending us an e-mail at info@chamilo.org.
+We recommend you don't take security issues too lightly. Chamilo is security-audited at least once a year, + but you're never too sure. This list is a work in progress. Feel free to recommend additional measures by + sending us an e-mail at info@chamilo.org.
Contents
-
@@ -25,7 +27,8 @@
- Locate the ServerTokens setting inside your Apache configuration and set it to "Prod"
- Locate the ServerSignature setting inside your Apache configuration and set it to "Off" @@ -36,18 +39,29 @@ It is considered a safer behaviour not to disclose server information from your
- Yannick Warnier, Zend Certified PHP Engineer, BeezNest Belgium SPRL, yannick.warnier@beeznest.com +
- Yannick Warnier, Zend Certified PHP Engineer, BeezNest Belgium SPRL, + yannick.warnier@beeznest.com
1. Disclosing server info
-It is considered a safer behaviour not to disclose server information from your Chamilo page. In order to avoid both web server and PHP information disclosure, you might want to take the following actions: +It is considered a safer behaviour not to disclose server information from your Chamilo page. In order to avoid + both web server and PHP information disclosure, you might want to take the following actions:
2. Keeping up to date
-Make sure you check our security issues page from time to time. -Subscribe to our free security alerts mailing-list: http://lists.chamilo.org/listinfo/security or that you follow our security Twitter feed: http://twitter.com/chamilosecurity. +Make sure you check our security + issues page from time to time. +Subscribe to our free security alerts mailing-list: + http://lists.chamilo.org/listinfo/security or that you + follow our security Twitter feed: http://twitter.com/chamilosecurity.
3. Using safe browsers
-Additionnally to lacking the implementation of features that really improve the quality of your browsing the Internet, older browsers tend to have many unresolved security flaws. Using an old browser, you put in danger the security of your computer and the data it contains, but you can also put others in danger by letting crackers take control of it and attacking others.
-To avoid being a risk to yourself and others, you should download and install a recent browser. We recommend the latest stable version of Firefox.
+Additionally to lacking the implementation of features that really improve the quality of your browsing the + Internet, older browsers tend to have many unresolved security flaws. Using an old browser, you put in danger the + security of your computer and the data it contains, but you can also put others in danger by letting crackers take + control of it and attacking others.
+To avoid being a risk to yourself and others, you should download and install a recent browser. We recommend + the latest stable version of Firefox.
4. Moving your configuration file out of the web directory
-It is considered unsafe to leave the configuration file inside the main/inc/conf/ directory, as it will be directly accessible for all users, which could lead crackers to download it, uninterpreted, and read through your configuration, which could lead to illicit -access to your database if that one isn't well protected and many other stuff we'd prefer to avoid. To secure it, move the configuration file out of your web directory. If your -Chamilo installation is in /var/www/, move your configuration to /etc/chamilo/configuration.php, for example. Then create a new main/inc/conf/configuration.php file, open it, and write the following:
+It is considered unsafe to leave the configuration file inside the app/config/ directory, as it will be directly + accessible for all users, which could lead crackers to download it, uninterpreted, and read through your + configuration, which could lead to illicit +access to your database if that one isn't well protected and many other stuff we'd prefer to avoid. To secure it, + move the configuration file out of your web directory. If your Chamilo installation is in /var/www/, move your + configuration to /etc/chamilo/configuration.php, for example. Then create a new app/config/configuration.php + file, open it, and write the following:
<?php @@ -59,13 +73,13 @@ This will prevent direct access to your settings and make it seem totally the sa5. Restricting files permissions
- Making all the Chamilo files world-writeable will help you install quickly, and it solves many + Making all the Chamilo files world-writable will help you install quickly, and it solves many issues for people without much admin experience. However, it's more secure to make a distinct user owner of all the chamilo files and folders, and only give read access to the web server to all files, and write access only to the directories previously mentioned. This way, these files need - only be readable and writeable by the Apache process owner, not by the - entire world. It would also be adviseable to make all writeable directory + only be readable and writable by the Apache process owner, not by the + entire world. It would also be advisable to make all writable directory refuse the interpretation of PHP files (except for the root of the courses directories). Don't hesitate to hire an experienced administrator to do that, it might be a bit more expensive now, but you'll be happy not to have to loose @@ -75,7 +89,8 @@ This will prevent direct access to your settings and make it seem totally the sa
Authors
-
-