Details
Critical Description
Later studing logs I found a very worring issue: students can access IP-protected quizzes on our site from any computer! I try it myself under student login and found I can do this too. Also, Moodle will stop show the messages about IP-protection for the teachers if they used a computer outside valid range. This is a disaster to the security policy of our university!
IP address range used on our quizzes: 172.16.1.143/148, 172.16.1.136/137, 172.16.1.98/126.
Examples of addresses with student access from the logs: 85.172.119.4 or 213.234.0.194
The role for student is a standart Moodle role, without any redefinition.
I can e-mail you login and password to access to one of our courses with such quizzes with a student role if you can't reproduce the bug.
Please fix this with all possible speed. I already detected about 10 student's attempts to access protected quizzes (and save it's contents with feedback, they don't even bother to try to answer the questions).