Moodle has set up a dedicated site, which you can find at https://moodle.org/security/, that deals with security issues. If you register your Moodle site, which is highly recommended, your e-mail address will automatically be added to the security alerts mailing list, which gives you advanced notice of vulnerabilities and updates a couple of days prior to public release. To set this up, go to Registration, fill in the required information, and click on the Register with Moodle.org button.
When you click on the Notifications link in the Site administration section, Moodle will display any potential issues with your site. This link is also used to initiate the installed Moodle updates and plugins (refer to Chapter 8, Moodle Plugins).
Three messages are displayed in the following screenshot; the first two issues would clearly fall into the security category:
Moodle monitors failed login attempts in its log file, as described in Chapter 10, Moodle Logging and Reporting. Repeated login failures can indicate that unauthorized users are trying to get access to your system. In addition to checking your log files regularly, you should consider monitoring these activities by configuring the settings when you navigate to Security | Notifications:
You can specify whether users will see a message displayed on their screens about previous failed logins and who will be e-mailed about login failures. You can further set the number of failed logins from the same IP address that will trigger these notifications.
While this is not foolproof, it can potentially highlight some problems within your system, and it is recommended that you activate it. Another benefit of getting these notifications e-mailed to you is the customer care aspect of being able to get back to legitimate users who have felt frustrated when trying to get access to your site.
Another mechanism that we have already touched on in Chapter 10, Moodle Logging and Reporting, is the security report (go to Reports | Security overview):
The report shows a number of potential key security issues, their status (OK, Information, Warning, and Critical), and a short description (as shown in the preceding screenshot). When you click on the issue name, you will be redirected to a page that provides more information about the problem and, if available, also a further link to the settings page where you can rectify the situation (here, it's Site policies):
The Security overview report is a good starting point to identify some potential issues. However, it does not replace a full security audit, penetration test, or health check as offered by some Moodle Partners.