In the video above I demonstrate how to close a WordPress blog to the public and make it available only to members who have a username and password created for them by the blog administrator. The site I demonstrate has 49,500 members that I created and bulk uploaded in about an hour. I show the plugin I used for the bulk upload of users. I’ll create a follow-up video in a week or so demonstrating how I used Excel to create those users from a file with nothing but first and last names. If you have need for a private blog/website to share with a few people or tens of thousands of people, this should help get you started.

Related posts:

1. Basic Editing of WordPress Twentyten Theme — For Non-Techies TweetIn the video below I demonstrate the basics of how...
2. How to Properly Upgrade Your WordPress Blog — Don’t Just Press “Upgrade Now” TweetIn the video below I demonstrate how to take a...
3. Install WordPress Multi-User Network — WP 3.0 and later Tweet I created a video a couple years ago demonstrating...

The research report attached to this post was published in the “International Journal of Information Technology and Knowledge Management, January-June 2011, Volume 4, No. 1, pp. 233-238“. It covers some major security flaws in Moodle that will not surprise anyone who has been following Moodle security issues for the past few years. I no longer need to use Moodle, but for those of you who do rely on it, don’t be fooled…just because I’m no longer dedicating time and effort to publically demonstrate major security flaws in the Moodle code and design, don’t take that as a sign that those problems no longer exist! I know of at least two major security holes in the latest version of Moodle and one of them is just as bad as this one I publicized not long ago…and like that vulnerability, it has been discussed in the Moodle forums for months and has received no attention by the devs. If that security issue is not addressed in the next few months, then I may do another “open demonstration” for the public…that seems to be the only way to force action by the Moodle lead dev.

In the meantime, you may want to read this study on Moodle security. Below are some of the more interesting excerpts from the paper.

LMS Moodle has much vulnerability like authentication, availability, confidentiality and integrity attacks. So, it is necessary to develop a mechanism that defends these security flaws of LMS Moodle.

Moodle is only for IT experts. It is complex for normal users to use and more than 66% of them are teachers, researchers and administrators [11]. It is difficult for beginner technicians to install and use Moodle [9], because there are many technical word lists in installation instructions.

It [Moodle] does not support the SSL implementation all over the site.

It stores the user data into cache which can be later used by the attacker to launch the attack for next session.

Brute force attack is possible on Moodle as the attacker may try different keys for several numbers of times.

We have determined following security attacks on Moodle such as session attack; design attack and user log out, session not closed. Session attack which is effective against Moodle is session hijacking. As per the concern of design attacks, Moodle is vulnerable to password prediction and user name prediction. Another, security vulnerability is that when the user logout still the session is not closed. When the user clicks on the back button then he reaches the page which was logged out earlier.

Moodle (modular object oriented dynamic learning environment) is defenseless to password prediction and username prediction.

I thought the last quote above about the modular object oriented design being “defenseless” deserves special attention. If you accept this conclusion, then what that really means is that Moodle is fatally flawed since that is the foundation of Moodle’s design–Modular Object Oriented Dynamic Learning Environment–is Moodle! So, to conclude that entire approach to LMS design is “defenseless” when it comes to security issues is quite damming.

Moodle = 1990′s Technology in 2012

Related posts:

1. “Moodle 2.0 Not Production Ready” — Conclusion of 14 Independent Colleges TweetAfter over three years of development and nearly four months...
2. New Moodle Leadership: Larry, Mo, and Curly leading moodle into the future ;-) TweetIt’s official…Larry, Mo, and Curly leading Moodle into the future...
3. Moodle “End of Life” policy TweetNow there’s a question all Moodle users should be keen...

I created a video a couple years ago demonstrating how to create multiple WordPress blogs using a single database and I still get lots of email asking various questions about that process. However, since the release of WordPress 3.0 and the merging of WordPress and WordPress Mu, that process is no longer needed. You can now create multiple blogs using a single install of the base WordPress code. Although I no longer actively create WordPress tutorials for the general public, I decided to do an update so that people wouldn’t be following the old procedure and unnecessarily uploading multiple copies of the WP code-base to create multiple blogs.

The video above demonstrates how to install a clean copy of WordPress on a Bluehost account and then configure the networking feature to allow for the creation of multiple blogs. Enjoy!

Related posts:

1. WordPress 3.0 Released — Nice Features TweetWordPress 3.0 was just released and it’s a very nice...
2. How to Create a Members-Only WordPress Blog & Enroll Thousands of Users Tweet In the video above I demonstrate how to close...

WordPress 3.3.1 is now available. This maintenance release fixes 15 issues with WordPress 3.3, as well as a fix for a cross-site scripting vulnerability that affected version 3.3. Upgrade now, but if you are not extremely tech-savvy, then view this first!

Related posts:

1. WordPress 3.0.4 Update Released–Upgrade Now! TweetWordPress just released a critical security update–version 3.0.4. If you...
2. WordPress 3.0 Upgrade — Problems? TweetIt looks like quite a few people are having problems...
3. How to Properly Upgrade Your WordPress Blog — Don’t Just Press “Upgrade Now” TweetIn the video below I demonstrate how to take a...

In the video above I demonstrate how to do some basic editing on the default WordPress themes (Twentyten and Twentyeleven) to reduce the header size and remove some of the items that, in my opinion, take up way too much space in the header. In the process, I show the basics of setting up a child theme and provide a glimpse into how I use local copies of WordPress running on my computer to make theme editing a lot quicker and simpler. I also demonstrate how to preview changes in Firebug and then copy those changes into your theme css file. This tutorial is intended for non-techies…if you are an expert, then this isn’t for you. Enjoy!

Related posts:

1. Basic Editing of WordPress Twentyten Theme — For Non-Techies TweetIn the video below I demonstrate the basics of how...
2. How to Edit the Kubrick WordPress Theme TweetIn the following videos I demonstrate how to edit the...
3. Basic WordPress Theme Editing for the Non-Techie: Part 1 TweetThe following video is intended for the non-techie who wants...

I thought for sure we were headed for a showdown of Blackboard vs. Moodle. However as time progressed, even months before the RFP went out I could tell that there was a big buzz about Canvas. So much that Moodle fell right off the radar of pretty much everyone.

Source: http://blog.usu.edu/kevin/2011/11/04/getting-ready-with-canvas/

Moodle: 1990′s technology in 2011

Related posts:

1. New Mexico State University Moves to Canvas — Moodle Stuck in the 1990′s TweetNMSU will be replacing Blackboard CE 8 with Instructure Canvas...
2. Hawaii Department of Education Drops Moodle for Blackboard TweetHawaii Department of Education Selects Blackboard Learn 9.1 to Replace...
3. San Antonio Community College Adopts Canvas — Moodle not even mentioned TweetI’m reminded of a line in that commercial…Lost another to...

In the video below I demonstrate how to take a full backup of your WordPress blog before upgrading so that you will have everything you need just in case the upgrade breaks your site and you need to get back to where you were. One of the biggest mistakes people make when upgrading their site is to just trust that everything will go well and fail to make a good backup. Don’t be a victim…you may make a hundred backups you never need, but one day you will need one.

Related posts:

1. Disciple pride and confidence in Moodle 2.0 — Can you feel it? :-) TweetI can just feel the pride and confidence oozing from...
2. “The performance of Moodle 2.0 = modem connection to the Internet” TweetI usually only highlight one moodle 2.0 upgrade disaster from...
3. Is Your Moodle 2.0 Backup Restorable? — Are you Sure? TweetSaw an interesting post in moodle-land today. Actually, it was...

I am a senior this year and getting to know a new program just to check my grades and post papers is ridiculous. Blackboard had become a friend to me; I knew everything about it and how to get to where I needed to be. Moodle is a stranger, one that I care not to know. You may say I am one of those people who does not like change, which is wrong: I love change, just not when it deals with my school work.

There is even a Facebook page called “Moodle Sucks.” If there are enough people to make a Facebook group dedicated to the hatred of Moodle, then something is obviously wrong. If you go to Google and type in “why Moodle sucks,” there will be an endless number of pages to scroll through and hear everyone’s opinion on the matter.

I say bring Blackboard back, we are paying over 30 thousand dollars a year to go to a private college, where is all of that money going? You would think they had a couple extra nickels and dimes to spare in order to keep Blackboard up and running.

Source: http://www.weathervane.emu.edu/radiant/archives/volume-57/2/opinion/blackboard-better-than-moodle/

No related posts.

Experienced users will appreciate the new drag-and-drop uploader, hover menus for the navigation, the new toolbar, improved co-editing support, and the new Tumblr importer. We’ve also been thinking a ton about what the WordPress experience is like for people completely new to the software. Version 3.3 has significant improvements there with pointer tips for new features included in each update, a friendly welcome message for first-time users, and revamped help tabs throughout the interface. Finally we’ve improved the dashboard experience on the iPad and other tablets with better touch support.

Read more here

No related posts.

If you don’t currently have your WordPress blog configured to render on mobile devi ces, then watch this video for directions on using the WPTouch plugin. In only a few minutes you have configure your blog to render very nicely on a variety of smartphones.

Related posts:

1. How to Create a Members-Only WordPress Blog & Enroll Thousands of Users Tweet In the video above I demonstrate how to close...
2. WordPress Tip: Delete Old or Unwanted Plugins TweetNote: The following is made available under GPL from http://codex.wordpress.org/GPL....
3. WP-Property — Cool WordPress Plugin for Real Estate TweetI was helping a real estate agent move and clean...