Hi,
I just read the config file (jobe/application/config/config.php) that say that at line 455
" Enables a CSRF cookie token to be set. When set to TRUE, token will be checked on a submitted form. If you are accepting user data, it is strongly recommended CSRF protection be enabled."
I know that I must put this server behind firewall but I would like to know if it's possible to be more secure ( The security team ask me to enumerate all the possible way of jobe security possibilities )
So I though that there would have been a way to pass to jobe the moodle sesskey for example in order to start jobe just to authenticate moodle user.
(sorry for my poor english)