Moodle on Mac - Advice Please

Sep 27, 2011
Reaction score

I am currently working with a collection schools that want to run Moodle (a LAMP project that has a Mac OS version) and these schools have XServes that are used to control Mac policies and builds but pretty much nothing else.

I am getting two contradicting feedbacks over the idea of running Moodle on the XServes: On one hand the TA’s are saying that it is too much of a vulnerability and (even though it will be trusted staff members) it would have too higher possibility of affected service. This could simply be down to them not fully understanding the subject matter and so saying no.

On the other hand, the Mac bods say that all will be rosy and isolated and nothing could go wrong and if we needed to turn it off we just untick a box. Although this could be simply down to them being fanboys and wanting an excuse to fiddle more.

Can I have some input on this (ideally with some authoritative references as whichever way I turn I will be strongly challenged). The main points as I see it are;
  • Can malicious code (whether PHP, Apache config, MySQL queries etc.) be run on the server that could affect the running of the server (other than the web server and sql)?
  • Would the admin user for the site require admin access to the server?
  • If Moodle was used very heavily could it affect the other functions on the server?
  • Could access be limited to only the required services?

I am sure there are other important points that can be pointed out.

Thanks in advance,
Sep 13, 2011
Reaction score
Kentucky, USA
Your Mac's Specs
Mac Pro 2 x 2.66 Xeon 6gb DDR2 1TB OSX Server
This could simply be down to them not fully understanding the subject matter and so saying no.

I'm leaning towards this on their reasoning. This is no different than any other IT/web programming lab.

The server needs to be properly managed firstly. Assign users logins and passwords to the database server limiting their access to their own database(s). The only malicious sql injections could only be done to their own db's albeit they aren't obtaining other users and passwords which is not really the scope of this discussion. Same goes for the web server. Determine access to each user and their directory. And assign group policy as needed for being able to read/execute files.

The main issue is just proper group policy for files and directories. Limiting access will help mitigate possible vulnerabilities.

Hopefully some of this is helpful.

Shop Amazon

Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.