What are we doing?
On Tuesday, July 25, 2017 we will be joining the likes of Google, Amazon, Apple, CNET, Facebook, Instagram and many more web sites around the world in making Moodle at Capilano University a fully secure online environment.
Will there be an outage?
Yes, an outage to the Moodle site is required between 9 a.m. & 3 p.m. on Tuesday, July 25, 2017.
Why are we doing this now?
Increased threats to online security are becoming more frequent and impossible for security software to detect. A movement has begun to run all websites over HTTPS to prevent private information from being intercepted, manipulated or stolen by attackers. It is our intent to keep your private online course and student information safe while it’s in the hands of the University and delaying this change would leave us at unnecessary risk.
What does this mean for you?
You will no longer be able to embed content from non-secure (HTTP) sites that don’t support HTTPS. Most websites support HTTPS so we will be working hard this summer to convert much of the pre-existing embedded content from HTTP to HTTPS. However, we may find that some of the embedded content in your Moodle course sites link to non-secure sites. If your courses contain embedded content from non-secure sites, the content will break and you will be required to do one of two things:
- If there are no copyright infringements on the content you are using from the non-secure site, you can download the content and save it to your computer. You can then upload the content to your Moodle course.
- Find a new resource for your embedded content that is secure and supports HTTPS
Content that is not embedded in your Moodle site (for example, a link to a website) will be fine and no changes are necessary. After July 25, please take the time to check your existing content. If you encounter broken links or images and need assistance to replace or repair them, contact IT Services.
Wait, I thought Moodle was already secure?
Moodle at Capilano University is only secure at the time of logging in. In the past, making logins secure was considered sufficient for a website that does not deal with sensitive information such as online payments. That is now changing.
When you’re searching the Internet, you may have noticed the HTTP preface that comes before most website addresses. HTTP stands for hypertext transfer protocol, and it basically refers to the way that we communicate across the Internet.
There is another form of HTTP that is widely used as well called HTTPS, otherwise known as hypertext transfer protocol secure.
Every time you use PayPal, Gmail or log into Facebook, a layer of encryption protects the information that you send across the Internet. These sites all use HTTPS, a layer of security added to the standard HTTP.