I recently installed Moodle using Simple Scripts and when I log in to administrate I get a warning message:
"Your site configuration might not be secure. Please make sure that your dataroot directory (/home/foo/public_html/moodle/moodledata) is not directly accessible via web."

My question is, where would I move it and what would the URL be?

I'm not clear on how accessible the public_html folder is. If I browse to http://www.mysite.com/moodle/moodledata/test.html I get a 500 error.

Any help or link to explanation of public_html would be appreciated.

What is in public_html may be accessible from the web unless you implement something to block the access. Anything outside of public_html is not accessible from the web.

You should try changing the permissions on the moodledata 0700, and all the files inside to 0600. and see if that works..

If it makes your installation run funny, try out 0750 for the moodledata directory, and 0640 for the files inside.

You can change these inside the regular file manager from the cPanel, the permissions are on the far right hand side.

Thanks for your replies.
So it seems Moodle is warning and recommending moving it outside of the public_html folder. But if I do that, how would a user access it in a browser?

If no one here knows the answer to that question, you might want to wander over to the moodle site (http://moodle.org/), where they have a support section and some forums ("Community").

Thanks. I just signed up for their forum and have it open in another tab.

The user doesn't access the data directly so they don't need access via public_html. The user accesses the data indirectly via cgi scripts. This allows Moodle to provide a layer of security.

By putting the data under the public_html a user could access data using a browser rather than through the Moodle scripts, thus bypassing any security.

Don