Gibbon stores school records, attendance, grades, and parent/student data. Hardening should focus on role separation, module controls, and secure database access.
- Restrict administrator and system-maintainer roles.
- Review permissions for teachers, office staff, and parents.
- Disable unused modules that broaden attack surface.
- Remove stale accounts at each academic term rollover.
- Force HTTPS and secure cookie/session policy.
- Keep MySQL service private and authenticated.
- Restrict upload directories and validate file types.
- Encrypt backups containing student and family records.
¶ 3) Patch governance and auditing
- Track Gibbon security updates and patch promptly.
- Keep PHP and web server dependencies current.
- Audit grade/attendance modification logs.
- Test restore procedures for term-critical data.
- Gibbon documentation: https://docs.gibbonedu.org/
- Gibbon source repository: https://github.com/GibbonEdu/core
Any questions?
Feel free to contact us. Find all contact information on our contact page.