Security and smooth access to our client journal site is our main priority. We always want to make sure that the journal that is handled by us by our clients can be truly safe and protected from various existing disturbances. However, with the current openness of information, there are always various threats that can disrupt the stability of our journal site. One of these threats is the existence of user bots and spam that have negative impacts on the platform.
Many of the issues required deep technical knowledge of the OJS platform, some issue can actually be solved by setup some configuration or adding a plugin to the OJS.
If a journal site is affected by user bots and spam, it will disrupt the stability of the site. One of the impacts that can be felt is the slow loading process of the site. This is because there is too much spam data entering the server.
There are several methods that can be used to protect your journal site from the threat of bot users and spam, such as using Google Recaptcha. As far as we know at this time, this method is not completely reliable. Because bot and spam attacks are now increasingly sophisticated, they can penetrate this protection.
The following is an example of an image from a journal site that has been integrated with Google Recaptcha but still cannot overcome user bot and spam attacks.
In the picture above you can see that there are more than 315,000 registered users. And we can be sure that most of these users are bot users. This is also felt when users access the journal site where the loading process feels slow. Not only that, but your journal becomes a potential victim of abuse as the bot may be used by the creator of the bot as one of the doors to access the feature in your OJS. The editor also suffers from the slowness of finding some user or assigning a reviewer or another role to the workflow.
In the frontend this issue may impact the journal site as the site will become slow, and unresponsive because it takes data to query the user. This is one of the answers as many of our customer ask us the question of Why their journal site become slow and unresponsive. This issue may become more complex as Google or other search engine will decrease the suggestion or ranking for your journal because they think that it will make the visitor unsatisfied with the site as it load too slow.
But don’t worry, we have found another way that you can use to protect your journal site, namely by installing the Honeypot Form Plugin. This plugin is a plugin that is available for free on your OJS site. Please read the following explanation.
Table of Contents
What is Form Honeypot Plugin?
The existence of bot/spam users attacking an online site is a classic problem on the internet that has existed for a long time, including being able to disrupt the stability of your OJS site. This problem is often experienced by various publishers. Until now, it is still not known for certain what the motives and objectives are behind the existence of bot users and spam carried out by irresponsible parties.
This does not rule out the possibility that these irresponsible parties are doing this with the aim of taking over our site, disrupting the stability of the site, or simply wanting to prove their capabilities or existence. However, this is of course very disruptive to the processes and activities that take place on the sites that we manage. Therefore, security issues are the main thing focused on by the OJS developers. So it is hoped that as time goes by, the security level of a site will be further improved.
The first gap that bot users pass through when disrupting the stability of your OJS site is by registering. This registration was carried out quickly and massively. Why can it be done quickly and massively? This is because the user bot itself is a program specifically designed to carry out commands massively, quickly and repeatedly. The algorithm applied to the bot user works by registering on the site it is intended for, by filling in false and repeated data. This bot also works by generating hundreds to thousands of emails and passwords to carry out massive registration.
Based on this conceptualized pattern, finally the OJS developers tried to create a plugin to prevent this massive bot user registration activity. One of them is by developing an anti-spam user bot plugin called Form Honeypot Plugin.
The Form Honeypot Plugin is one of the OJS built-in plugins that can be used to ensure that only human users can register, and avoid user bot spam attacks. This plugin is available for free on the OJS default system, so you can install and use it whenever you want. This plugin works by adding hidden fields or columns on the registration page, and if the bot fills in these columns an error will appear.
Apart from that, there are minimum and maximum time restrictions when completing the registration form. For example, if a bot user fills in the registration column in less than 4 seconds or tries to register on the same page for 30 minutes (1800 seconds) then the registration can be blocked. This plugin is a new alternative to increase the security of your OJS site. So it is hoped that all activities that take place on the OJS site that you manage can run well and smoothly, without any external interference.
Steps to Installing Form Honeypot Plugin
Installing the Honeypot Form Plugin is very easy. This plugin is the default OJS plugin which is available on the Plugin Gallery menu tab.
In more detail, here is how to install and set up the plugin. Please follow the steps below.
1. Please go to the dashboard website > website settings > plugins > plugin gallery
2. In the gallery plugin, please look for the Form Honeypot. Then click Install
3. If you have finished installing, then please go to the Installed Plugins menu tab and look for the plugin that was installed earlier.
4. After that, check to activate the plugin. Then click settings.
5. In this section, please fill in the minimum and maximum time limits in seconds. Fill in according to your needs. If so, don’t forget to click OK.
6. Finish
If you already have many of the bot user on the list of your user, you can also read this article on “How we remove the bot users on the OJS?“
Conclusion
The existence of bot users and spam is a threat that can disrupt the stability of our journal site. One of the impacts felt when a site is affected by this disruption is the slower response or loading of our journal site. One way that can be used to protect our journal site from the threat of bot users and spam is by installing the Form Honeypot Plugin. This plugin is the default OJS plugin that you can install for free. Regarding how to install and set up this plugin, please see the explanation above.
