Skip to content

Commit

Permalink
security overview report: MDL-17222 lang string rewording
Browse files Browse the repository at this point in the history
  • Loading branch information
wildgirl committed Jan 12, 2009
1 parent 9c82ff2 commit b95c799
Showing 1 changed file with 49 additions and 50 deletions.
99 changes: 49 additions & 50 deletions lang/en_utf8/report_security.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,123 +16,122 @@
$string['statusserious'] = 'Serious';
$string['statuswarning'] = 'Warning';

$string['check_configrw_details'] = '<p>It is recommended to change file permissions of config.php script after installation so that the file can not be modified by web server.
Please note that this measure does not improve security of the server significantly, but on the other hand it might slow down or limit general exploits.</p>';
$string['check_configrw_details'] = '<p>It is recommended that the file permissions of config.php are changed after installation so that the file cannot be modified by the web server.
Please note that this measure does not improve security of the server significantly, though it may slow down or limit general exploits.</p>';
$string['check_configrw_name'] = 'Writable config.php';
$string['check_configrw_ok'] = 'config.php can not be modified by PHP scripts.';
$string['check_configrw_warning'] = 'PHP scripts may modify config.php.';

$string['check_cookiesecure_details'] = '<p>If you enable https communication it is recommended to enable secure cookies. You should also add permanent redirection from http to https.</p>';
$string['check_cookiesecure_details'] = '<p>If you enable https communication it is recommended that you also enable secure cookies. You should also add permanent redirection from http to https.</p>';
$string['check_cookiesecure_error'] = 'Please enable secure cookies';
$string['check_cookiesecure_name'] = 'Secure cookies';
$string['check_cookiesecure_ok'] = 'Secure cookies enabled.';

$string['check_courserole_anything'] = 'Do anything capability must not be allowed in this <a href=\"$a\">context</a>.';
$string['check_courserole_details'] = '<p>Each course has one default enrolment role specified. Please make sure no risky capabilities are allowed in this role.</p>
<p>The only supported legacy type for course default role is <em>Student</em>.</p>';
$string['check_courserole_error'] = 'Incorrectly defined course default roles detected!';
$string['check_courserole_legacy'] = 'Unsupported legacy type detected in <a href=\"$a\">role</a>.';
$string['check_courserole_name'] = 'Course default roles';
$string['check_courserole_anything'] = 'The do anything capability must not be allowed in this <a href=\"$a\">context</a>.';
$string['check_courserole_details'] = '<p>Each course has one default enrolment role specified. Please make sure no risky capabilities are allowed for this role.</p>
<p>The only supported legacy type for the default course role is <em>Student</em>.</p>';
$string['check_courserole_error'] = 'Incorrectly defined default course roles detected!';
$string['check_courserole_legacy'] = 'Unsupported legacy type detected in the <a href=\"$a\">role</a>.';
$string['check_courserole_name'] = 'Default course roles';
$string['check_courserole_notyet'] = 'Used only default course role.';
$string['check_courserole_ok'] = 'Course default role definitions ok.';
$string['check_courserole_ok'] = 'Default course role definitions OK.';
$string['check_courserole_risky'] = 'Risky capabilities detected in <a href=\"$a\">context</a>.';

$string['check_defaultcourserole_anything'] = 'Do anything capability must not be allowed in this <a href=\"$a\">context</a>.';
$string['check_defaultcourserole_details'] = '<p>Default student role for course enrolment specifies the default role for courses. Please make sure no risky capabilities are allowed in this role.</p>
$string['check_defaultcourserole_anything'] = 'The do anything capability must not be allowed in this <a href=\"$a\">context</a>.';
$string['check_defaultcourserole_details'] = '<p>The default student role for course enrolment specifies the default role for courses. Please make sure no risky capabilities are allowed in this role.</p>
<p>The only supported legacy type for default role is <em>Student</em>.</p>';
$string['check_defaultcourserole_error'] = 'Incorrectly defined default course role \"$a\" detected!';
$string['check_defaultcourserole_legacy'] = 'Unsupported legacy type detected.';
$string['check_defaultcourserole_name'] = 'Site default course role';
$string['check_defaultcourserole_notset'] = 'Default role is not set.';
$string['check_defaultcourserole_ok'] = 'Site default role definition ok.';
$string['check_defaultcourserole_ok'] = 'Site default role definition OK.';
$string['check_defaultcourserole_risky'] = 'Risky capabilities detected in <a href=\"$a\">context</a>.';

$string['check_defaultuserrole_details'] = '<p>All logged in users are given capabilities of the default user role. Please make sure no risky capabilities are allowed in this role.</p>
<p>The only supported legacy type for default user role is <em>Authenticated user</em>. Course view capability must not be enabled.</p>';
<p>The only supported legacy type for the default user role is <em>Authenticated user</em>. The course view capability must not be enabled.</p>';
$string['check_defaultuserrole_error'] = 'Incorrectly defined default user role \"$a\" detected!';
$string['check_defaultuserrole_name'] = 'Registered user role';
$string['check_defaultuserrole_notset'] = 'Default role is not set.';
$string['check_defaultuserrole_ok'] = 'Registered user role definition ok.';

$string['check_displayerrors_details'] = '<p>Enabling the PHP setting <code>display_errors</code> is not recommended on production sites because some error messages may reveal sensitive information about your server.</p>';
$string['check_displayerrors_error'] = 'PHP errors displaying is enabled. It is recommended to disable displaying of errors in PHP configuration.';
$string['check_displayerrors_details'] = '<p>Enabling the PHP setting <code>display_errors</code> is not recommended on production sites because error messages can reveal sensitive information about your server.</p>';
$string['check_displayerrors_error'] = 'The PHP setting to display errors is enabled. It is recommended that this is disabled.';
$string['check_displayerrors_name'] = 'Displaying of PHP errors';
$string['check_displayerrors_ok'] = 'Displaying of PHP errors disabled.';

$string['check_emailchangeconfirmation_details'] = '<p>It is recommended to require email confirmation step when user enters a new email address in user profile. If disabled spammers might try to exploit server for resending of spam.</p>';
$string['check_emailchangeconfirmation_details'] = '<p>It is recommended that an email confirmation step is required when users change their email address in their profile. If disabled, spammers may try to exploit the server for resending of spam.</p>';
$string['check_emailchangeconfirmation_error'] = 'Users may enter any email address.';
$string['check_emailchangeconfirmation_name'] = 'Email change confirmation';
$string['check_emailchangeconfirmation_ok'] = 'Changing of email must be confirmed.';
$string['check_emailchangeconfirmation_ok'] = 'Confirmation of change of email address in user profile.';

$string['check_embed_details'] = '<p>Unlimited object embedding is very dangerous - any registered user may launch XSS attack against other server users. Please disable it on production servers.</p>';
$string['check_embed_error'] = 'Unlimited object embedding enabled - this is very dangerous for majority of servers.';
$string['check_embed_details'] = '<p>Unlimited object embedding is very dangerous - any registered user may launch an XSS attack against other server users. This setting should be disabled on production servers.</p>';
$string['check_embed_error'] = 'Unlimited object embedding enabled - this is very dangerous for the majority of servers.';
$string['check_embed_name'] = 'Allow EMBED and OBJECT';
$string['check_embed_ok'] = 'Unlimited object embedding not allowed.';
$string['check_embed_ok'] = 'Unlimited object embedding is not allowed.';

$string['check_frontpagerole_details'] = '<p>Frontpage role is give to all registered users on frontpage. Please make sure no risky capabilities are allowed in this role.</p>
<p>It is recommended to create a special role only for this purpose and not set any legacy type.</p>';
$string['check_frontpagerole_details'] = '<p>The default frontpage role is given to all registered users for frontpage activities. Please make sure no risky capabilities are allowed for this role.</p>
<p>It is recommended that a special role is created for this purpose and a legacy type role is not used.</p>';
$string['check_frontpagerole_error'] = 'Incorrectly defined frontpage role \"$a\" detected!';
$string['check_frontpagerole_name'] = 'Frontpage role';
$string['check_frontpagerole_notset'] = 'Frontpage role is not set.';
$string['check_frontpagerole_ok'] = 'Frontpage role definition ok.';
$string['check_frontpagerole_ok'] = 'Frontpage role definition OK.';

$string['check_globals_details'] = '<p>Register globals is considered to be a highly insecure PHP setting, there is no reason why it should be enabled. Moodle is not compatible with register globals.</p>
$string['check_globals_details'] = '<p>Register globals is considered to be a highly insecure PHP setting.</p>
<p><code>register_globals=off</code> must be set in PHP configuration. This setting is controlled by editing your <code>php.ini</code>, Apache/IIS configuration or <code>.htaccess</code> file.</p>';
$string['check_globals_error'] = 'Register globals MUST be disabled. Please fix server PHP settings immediately!';
$string['check_globals_error'] = 'Register globals MUST be disabled. Please fix the server PHP settings immediately!';
$string['check_globals_name'] = 'Register globals';
$string['check_globals_ok'] = 'Register globals are disabled.';

$string['check_google_details'] = '<p>Open to Google settings helps search engines enter courses with guest access. Please note this settings is not expected to be enabled if guest login not allowed.</p>';
$string['check_google_details'] = '<p>The Open to Google setting enables search engines to enter courses with guest access. There is no point in enabling this setting if guest login not allowed.</p>';
$string['check_google_error'] = 'Search engines guest access allowed and guest access disabled.';
$string['check_google_info'] = 'Search engines may enter as guests.';
$string['check_google_name'] = 'Open to Google';
$string['check_google_ok'] = 'Search engines guest access not enabled.';

$string['check_guestrole_details'] = '<p>Guest role is used for guests, not logged in users and temporary guest course access. Please make sure no risky capabilities are allowed in this role.</p>
$string['check_guestrole_details'] = '<p>The guest role is used for guests, not logged in users and temporary guest course access. Please make sure no risky capabilities are allowed in this role.</p>
<p>The only supported legacy type for guest role is <em>Guest</em>.</p>';
$string['check_guestrole_error'] = 'Incorrectly defined guest role \"$a\" detected!';
$string['check_guestrole_name'] = 'Guest role';
$string['check_guestrole_notset'] = 'Guest role is not set.';
$string['check_guestrole_ok'] = 'Guest role definition ok.';
$string['check_guestrole_ok'] = 'Guest role definition OK.';

$string['check_mediafilterswf_details'] = '<p>Automatic swf embedding is very dangerous - any registered user may launch XSS attack against other server users. Please disable it on production servers.</p>';
$string['check_mediafilterswf_error'] = 'Flash media filter is enabled - this is very dangerous for majority of servers.';
$string['check_mediafilterswf_details'] = '<p>Automatic swf embedding is very dangerous - any registered user may launch an XSS attack against other server users. Please disable it on production servers.</p>';
$string['check_mediafilterswf_error'] = 'Flash media filter is enabled - this is very dangerous for the majority of servers.';
$string['check_mediafilterswf_name'] = 'Enabled .swf media filter';
$string['check_mediafilterswf_ok'] = 'Flash media filter is not enabled.';

$string['check_noauth_details'] = '<p><em>No authentication</em> plugin is not intended for any production sites. Please disable it unless this is a development test site.</p>';
$string['check_noauth_error'] = 'No authentication pluing can not be used on production sites.';
$string['check_noauth_details'] = '<p>The <em>No authentication</em> plugin is not intended for production sites. Please disable it unless this is a development test site.</p>';
$string['check_noauth_error'] = 'The No authentication plugin cannot be used on production sites.';
$string['check_noauth_name'] = 'No authentication';
$string['check_noauth_ok'] = 'No authentication plugin is disabled.';

$string['check_openprofiles_details'] = '<p>Open user profiles are often abused by spammers, it is usually recommended to enable <code>Force users to login for profiles</code> or <code>Force users to login</code> if you require login before any access.</p>';
$string['check_openprofiles_error'] = 'Anybody may view user profiles without logging in.';
$string['check_openprofiles_details'] = '<p>Open user profiles can be abused by spammers. It is recommended that either <code>Force users to login for profiles</code> or <code>Force users to login</code> are enabled.</p>';
$string['check_openprofiles_error'] = 'Anyone can may view user profiles without logging in.';
$string['check_openprofiles_name'] = 'Open user profiles';
$string['check_openprofiles_ok'] = 'Login is required before viewing user profile.';
$string['check_openprofiles_ok'] = 'Login is required before viewing user profiles.';

$string['check_passwordpolicy_details'] = '<p>It is recommended to enforce user password policy because password guessing is very often the easiest way to gain unauthorised access.
Do not make the requirements too strict, because users would not be able to remember their passwords and would keep forgetting them or write them down.</p>';
$string['check_passwordpolicy_details'] = '<p>It is recommended that a password policy is set, since password guessing is very often the easiest way to gain unauthorised access.
Do not make the requirements too strict though, as this can result in users not being able to remember their passwords and either forgetting them or writing them down.</p>';
$string['check_passwordpolicy_error'] = 'Password policy not set.';
$string['check_passwordpolicy_name'] = 'Password policy';
$string['check_passwordpolicy_ok'] = 'Password policy enabled.';

$string['check_riskadmin_detailsok'] = '<p>Please verify following list of administrators.<br />$a</p>';
$string['check_riskadmin_detailswarning'] = '<p>Please verify following list of administrators:<br />$a->admins</p>
<p>It is recommended to assign administrator role in system context only. Following users have unsuported admin role assignments:<br />$a->unsupported</p>';
$string['check_riskadmin_detailsok'] = '<p>Please verify the following list of administrators:<br />$a</p>';
$string['check_riskadmin_detailswarning'] = '<p>Please verify the following list of administrators:<br />$a->admins</p>
<p>It is recommended to assign administrator role in system context only. Following users have unsupported admin role assignments:<br />$a->unsupported</p>';
$string['check_riskadmin_name'] = 'Administrators';
$string['check_riskadmin_ok'] = 'Found $a server administrators.';
$string['check_riskadmin_warning'] = 'Found $a->admincount server administrators and $a->unsupcount unsuported admin role assignments.';
$string['check_riskadmin_ok'] = 'Found $a server administrator(s).';
$string['check_riskadmin_warning'] = 'Found $a->admincount server administrators and $a->unsupcount unsupported admin role assignments.';

$string['check_riskxss_details'] = '<p>RISK_XSS marks all dangerous capabilities that only trusted users may use.</p>
$string['check_riskxss_details'] = '<p>RISK_XSS denotes all dangerous capabilities that only trusted users may use.</p>
<p>Please verify following list of users and make sure that you trust them completely on this server:<br />$a</p>';
$string['check_riskxss_name'] = 'XSS trusted users';
$string['check_riskxss_warning'] = 'RISK_XSS - found $a users that have to be trusted.';

$string['check_unsecuredataroot_details'] = '<p>Dataroot directory must not be accessible via web. The best way to make sure the directory is not accessible is to use directory outside of public web directory.</p>
<p>If you move the directory you need to update <code>\$CFG->dataroot</code> setting in <code>config.php</code> accordingly.</p>';
$string['check_unsecuredataroot_details'] = '<p>The dataroot directory must not be accessible via web. The best way to make sure the directory is not accessible is to use a directory outside the public web directory.</p>
<p>If you move the directory, you need to update the <code>\$CFG->dataroot</code> setting in <code>config.php</code> accordingly.</p>';
$string['check_unsecuredataroot_error'] = 'Your dataroot directory <code>$a</code> is in the wrong location and is exposed to the web!';
$string['check_unsecuredataroot_name'] = 'Unsecure dataroot';
$string['check_unsecuredataroot_ok'] = 'Dataroot directory must not be accessible via web.';
$string['check_unsecuredataroot_name'] = 'Insecure dataroot';
$string['check_unsecuredataroot_ok'] = 'Dataroot directory must not be accessible via the web.';
$string['check_unsecuredataroot_warning'] = 'Your dataroot directory <code>$a</code> is in the wrong location and might be exposed to the web.';

?>
?>

0 comments on commit b95c799

Please sign in to comment.