Setting the Moodle login to work over HTTPS

Written by James Richardson

When loging into Moodle by default, the login information is transmitted over an HTTP connection. HTTP connections are not secure connections and a perpetrator could snoop on the network connection and potentially gain access to your username and password. To prevent this, the HTTPS connection can be used. HTTPS is an encrypted connection that encrypts the data in transit over the network, preventing the data from being read by hackers. Moodle 2.3 has a setting that enables the HTTPS connection for the login, while keeping the rest of the website HTTP.

VERY IMPORTANT! Before you set the Login to work on HTTPS, the server that hosts your Moodle site will need to be able to access through an SSL connection. If there is no SSL connection, the LOGIN WILL BREAK, locking you out of your Moodle software. To find out if your server has an ssl connection, visit your site by going to:

https://yourdomain.com

You will need to change yourdomain.com to your domain where your moodle site is installed. If the server does not have an SSL installed, there will be an error when visiting the site like the following snapshots.

force-ssl-login-connection-failed-moodle force-ssl-login-untrusted-moodle

For more information on SSL and HTTPS connections, please click here. Now that the details are explained, we can  go through the steps of setting up Moodle for logging in on an HTTPS / SSL connection.

Forcing HTTPS login

  1. Log into the Moodle Dashboard
  2. force-ssl-login-1-moodle Navigate to Site administration > Security > HTTP security in the Settings section.
  3. force-ssl-login-2-security-moodle On the HTTP security page, select the Use HTTPS for logins and Secure cookies only check boxes.

    Click Save Changes.


    force-ssl-login-3-final-moodle Now when going to the Moodle login the site will go to HTTPS instead of HTTP. If the HTTPS is working correctly, the data will transmit securely.


This concludes the article for Setting the Moodle login to work over HTTPS.

Like this Article?
Next »
Forcing Moodle 2.3 to work over SSL
Category
201: Moodle site security and server settings

Login to comment.

Support Center Login

Moodle site security and server settings

Site Security

1. Setting the Moodle login to work over HTTPS
2. Forcing Moodle 2.3 to work over SSL
3. Blocking IP's in the Moodle Site administrator
4. Setting up ClamAV AntiVirus for Moodle file uploads

Server settings

5. Enable / Disable maintenance mode in Moodle

Your Opinion Matters

... but we need to know what you're thinking!

I'm James Richardson, your friendly Community Support technician, and I wrote the article you're looking at now. I like to think it's perfect, but I'm sure you have some suggestions. Please, let me know what they are!

Feedback
Your Email Address
Because we'd like to talk with you!

Latest Questions

If you need some help, submit your question to our Community!
We guarantee a response within 60 minutes (8am - 9pm EST, Monday - Friday)
Ask a Question!
Recent Questions
  1. New Account - Control Panel Not Available
  2. Connecting email to gmail?
  3. Can I have Oscommerce installed on my site's server?
Browse other questions

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!