Abstract
This study developed and evaluated an integrated intrusion detection and prevention (IDP) model for Moodle Learning
Management System (LMS), utilizing Snort 3, Open-Source Security (OSSEC), ModSecurity, and Moodle's security
settings. The increasing security threats facing LMS platforms was addressed in the study by leveraging the strengths of
each tool: Snort 3 for network-level detection, OSSEC for host-based monitoring, ModSecurity for web application
protection, and Moodle’s native security features for enhanced control. An experimental approach was adopted,
beginning with a literature review to identify vulnerabilities, followed by system design, tool configuration, and
integration. The model was tested against simulated attacks, with performance measured by detection accuracy. The
results demonstrated the model's effectiveness in identifying and mitigating common security threats within Moodle LMS
such as distributed denial of service, brute force attack, SQL injection and aggressive scan. The study concludes by
recommending the deployment of the IDP model in a live environment for both private/individual owned and public
owned Moodle platforms, for the provision of a robust framework for enhancing security. This work contributes to the
broader field of LMS security through the provision of a comprehensive, multi-layered approach to protecting
educational platforms from cyber threats.