Moodle 3.5.3 has been released, containing a number of fixes and improvements.

One of these changes related to GDPR. It is now possible to delete data for users that are already marked as deleted, within the interface.

There are also a big change in how User Expiration works and how this is calculated base on the users course enrolments and when they last logged in.

You can see all release notes via Moodle Docs here.

Caution! Upgrade with care!

We highly advise upgrading to the latest minor release. However, for Moodle 3.5.3 there is a change in how the login system.

If you are using a third party theme, login template, or logging in via an external source – you may find after upgrading that no one can log in!

This can be resolved by adding $CFG->disablelogintoken = true to your config.php file.

This was introduced as part of tracker issue MDL-63183, but this is not visible to public at the time of writing.


A new Moodle Docs page has been released, explaining the Login Token and what is required to ensure logging in works on your Moodle site securely.

Disabling the login token is not recommended.

Moodle 3.3 Support has ended!

With the release of Moodle 3.3.9, Moodle 3.3 support has ended . This means there will be no more security issue fixes for Moodle 3.3 from this date.

Upgrade Now!

As always, we recommend upgrading to the latest releases for the most up to date features, bug fixes and security fixes.

If you need help upgrading your Moodle site, get in touch with us 💌!

About This Author

Dan Bennett

Dan has been working with Moodle since 2008, starting when Moodle was at version 1.9, having worked with customers from many backgrounds, supporting them with their Moodle sites when an issue arises – whilst also helping Moodle users in the Moodle Forums...