Table of Contents
Trend of OJS hack
The trend of OJS hack from judol (online gambling) or illegal backlink injection to Open Journal System (OJS) is alarming. As OJS is used by publishers to manage their articles and workflow of submission. This activity may decrease the reputation that has been built through the hard work by the the journal editor. This article covers exclusive OJS security tips that will help you to protect ojs from hack or illegal activity.
As the team of OJS experts that have been trusted by numbered reputable publisher, we have contributed to the improvement of OJS security. This commitment shown by reporting vulnerabilies to PKP team :
- https://openjournaltheme.com/user-xml-fatal-vulnerabilities-for-ojs-omp-ops-3-3-0-21-cve-2024-56525/
- https://openjournaltheme.com/urgent-critical-vulnerabilities-in-3-3-0-18-upgrade-your-ojs-now/
- https://github.com/pkp/pkp-lib/commit/7ffd51c00a20b55b14e6abe95fb30949bbfd204e
- https://openjournaltheme.com/critical-vulnerabilities-on-ojs-3-2-3-3-version3/
One may suggest even PKP that upgrading your OJS to the latest version will be the best approach. As an expert team suggestion, based on our experience in managing technical aspects of OJS in thousands of journals, we can say that this is surely not enough. Apart from that, we as OJS users can also take several actions that are expected to increase the security of our OJS site, such as using strong passwords, installing additional plugins, protecting from metadata changes, and many others.
As the user of OJS or Open Journal Systems, as it is open source, you may be burdened by not only managing the quality of publication, you also need to take attention to the technical aspect. It is including the OJS security, to maintain the reputation of your journal.
Then why is OJS security so important? As we mentioned previously, OJS is a platform that stores various important data such as journal data, user personal information, and others. Imagine if the OJS site that we have managed for years has even received a high ranking and then suddenly was hit by a hack attack, of course this would be very detrimental for us and everyone involved in it.
This article is part of our OJS security-focused series. It is recommended to read others :
Moreover, even if various important data such as journal data and user personal data are stolen or simply lost, this is very detrimental. Not only that, if your OJS site is hacked, this will reduce the reputation we have built over the years. In fact, the most fatal thing is that our OJS site can be blocked by various indexing sites.
Need a more comprehensive solution for the journal?
Consider using our Hosting service or Expert Support Service Package that uses two layers of security: Guardian AI and OJT Advanced Security
Recently we have received many reports from our clients, where their OJS and OMP sites were hacked.
The following is an example of our client’s OJS site that was affected by this hack.
When we received this report we thought that this problem would be rare. However, day by day we get more and more reports from our various clients, they complain that their OJS site has been hacked. Even their sites that have been hacked and are normal, end up experiencing the same problems again. After we investigated, the pattern of this problem was almost the same, namely that their OJS site was changed or directed to become a gambling site.
Some of the keywords that we often find related to this hack activity are gacor, slot, jackpot, withdraw, depo, win, cuan, and others. Then does this problem only occur in certain areas? no, we have got these reports from our clients who come from different countries. Therefore, you could say that this is a problem that is currently popular and is experienced by many publishers or OJS users.
What is the Impact of a Hacked OJS Site?
Nobody wants bad things to happen to the OJS site they own. For those who have experienced their OJS site being hacked, they will experience directly the negative impacts felt, whether losses and so on. However, for those of us who have never been hit by a hack attack, we should be more careful and wise to increase the security of our site.
Don’t let us be careless and let the security of our OJS site be weak, so that it can be hit by this hack attack. The following are some of the negative impacts resulting from the OJS site being hacked.
1. Reduced Reputation
Of course, all publishers want the OJS sites they manage to have a good reputation, and even hope that their rankings will increase. However, when the OJS site is hacked, it will not only disrupt journal publication activities, but it will also impact the reputation we have built over the years. So people will be reluctant to visit our site, and worse still, researchers will no longer want to submit their research articles on the OJS site. Not only that, if this hack occurs it will also affect the reputation of the institution concerned.
2. Blacklisted From Indexing
As we know, to be indexed on various indexing sites requires more effort from us so that our articles can be accepted by the indexing site. This is because each indexing site has its own set of requirements. Several popular indexing sites such as DOAJ, Scopus, WoS, and others. When our OJS site is hacked, this will affect the indexed articles. These indexing sites will detect and assume that your OJS site has carried out abnormal actions.
This is also one of the triggering factors why your OJS site is deindexed by Google Scholar.
So if we let our site get hacked then the worst possibility is that your OJS site will be blacklisted from the indexing site and will not be able to apply for indexing again.
3. Loss of Important Data
The OJS site that was hacked did not only affect its front appearance. However, this also poses a risk to various important data that we have previously stored. From the various cases that we have found, they did not only make changes to the front appearance of OJS. More than that, now they have been able to infiltrate the core data contained in OJS. From this, they can delete important data in OJS whenever they want to do so.
If this happens, it will certainly be very detrimental to us. What’s more, if we don’t have any data backup, then we can’t restore this important data to its original state.
4. Site Becomes Slow
From the several impacts resulting from hacking activities, this is the impact most commonly felt by users. Where the site they access will feel very slow unlike usual. This does not only happen on the front of the site, but can also be felt from the back (dashboard) of OJS itself. This slow site can also result in users failing to upload submission files in the OJS workflow.
Of course, this is very disruptive to journal publication activities on the site. Not only that, an OJS site that feels slow will reduce readers’ interest. If this is happen, then visitors to your journal will not increase and may even decrease over time.
5. Illegitimate change of published article metadata.
In our experience, one OJS hacker found a way to intercept as elevated roles such as: journal manager, admin, and section editor. They would do user farming. What is user farming? it is the technique as they create multiple user in each journal that can alter the meta data of the published article.
After they hack the OJS, the objective may change some of the metadata without the awareness of the editorial team that manages the journal. The OJS hacker may inject backlink to their JudOl (gambling or betting site) in the article’s reference, article abstract, or other metadata that will add a bonus to the rank of their online gambling site.
You know, this is a critical issue when there is no notification system that will inform the legitimate admin or journal manager roles about these alterations. This is the reason why we create a more advanced protection for such issues by creating OJT Advanced Security that protects any keyword or backlink insertion for any metadata in the published article.
Unified integration of Guardian AI and OJT Advanced Security plugin will block any such illegal activity that will threaten the credibility of the journal. This is a most essential plugin that is needed by the publisher for protecting their metadata.
What are the Types of OJS Security Threats?
For some people, they cannot know for sure what types of security threats pose a risk to OJS. Even worse, maybe they don’t realize that their OJS site is experiencing this security attack. So it is very important for us to know what types of security threats pose a risk to our OJS site. The following are several types of security threats that attack the OJS site.
1. Gambling Sites, Slots and Malware Attacks
This is a type of security threat that is currently occurring a lot. This threat will have an impact on the accessibility and visibility of the OJS site. More specifically, this threat will have the impact that our OJS site will become a gambling site. As we explained previously, this is a serious problem that is happening a lot at the moment, this is even happening in various countries.
The following are examples of site that were hacked in the form of gambling sites.
We can identify this type of attack by several keywords that generally appear on hacked site pages. Some of these keywords include slot, gacor, win, depo, jackpot, and cuan. Based on the results of our analysis, this type of attack works by manipulating or modifying some data in the OJS folder so that it displays content like the image above. In some cases, sometimes they also insert certain scripts or uploading suspicious file in the OJS. However, as time goes by, these hackers make various modifications or other disruptions that are even more difficult.
2. Phishing and Brute Force Attacks
A phishing attack is a threat in which the perpetrator tries to steal various important information in the form of a user’s personal data such as username, password, email, address, date of birth and so on. Usually this is done by hackers with impersonating a person or institution through an email address (can also be done in other ways) that seems trustworthy. From this email, they have prepared a link that leads to a certain site page. Here technically the hacker is trying to get the victims to visit the link and fill in some of the data in it. This data is then stolen and misused by hackers in order to infiltrate our OJS site.
Brute force is an attack where hackers try various password combinations. They do this with the aim that they can find the appropriate password so they can log in to the OJS site. This attack is automatic and usually occurs by involving a certain script that executes a command. So this script can try thousands to millions of password combinations that allow them to enter the site it targets. Some simple things you can do to anticipate this attack are to create passwords that are varied and difficult to guess.
Please note! avoid using passwords that are very easy to guess such as 123456, admin12345, admin@123, pass123, mypassword, password123, and others. Better you can using Password Generator to make more safe password.
3. User Spam Attacks
This is a type of attack that also often occurs on an OJS site. In this case, the attacker tries to disrupt the stability of an OJS site by registering many bot users en masse on a site. Not only hundreds of users, they are even able to insert thousands and many users on our OJS site. The more bot users there are on our OJS site, the more this will slow down the OJS site. There are various other annoying activities they carry out, such as making submissions and attaching other dangerous files.
Previously we wrote an article about how to anticipate user spam attacks on OJS. For more details, please visit the following article.
How to Protect Your Journal Site from User Bot and Spam Threats?
How to Protect Your OJS Site From Hacks?
After knowing the negative impact caused by this hack, it would be wiser if we act quickly to take several steps which are expected to be able to anticipate this attack. Below are several steps we can take to anticipate this hack attack.
1. Upgrade OJS Regularly
Upgrading OJS regularly is an important practice to reduce the risk of hacker attacks on OJS sites. Regular updates ensure that the latest security patches are applied, thereby protecting the system from newly discovered vulnerabilities that could be exploited by hackers. In addition to improving security, regular updates also provide access to new features and improved system functionality.
We have found various security issues in various versions of OJS. Especially for OJS versions below < 3.3.0.20. One of the initial approaches to address these security vulnerabilities is to upgrade OJS. We have explained it in details: Urgent Critical Vulnerabilities in < 3.3.0.18 Upgrade Your OJS Now.
2. Installing Additional Plugins
PKP, as the OJS developer, always carries out maintenance and continuously updates features by releasing new plugins. One of the plugins released is “Control Public Upload.” This plugin is very useful for controlling files uploaded by the author. With this plugin, we can provide restrictions and permissions for the types of files that are allowed to be uploaded in our OJS. For example, risky files such as PHP or JavaScript can be blocked, thereby increasing security and system integrity.
Additionally, this plugin allows administrators to set specific rules regarding the maximum file size and file types that can be uploaded. This not only helps in maintaining security, but also ensures that only relevant and standards-compliant files can enter the system. With tighter controls on uploaded files, the risk of malware and malicious scripts that can damage the system or steal data can also be minimized.
3. Create a Strong Password
Creating a strong password is an important step to provide optimal security at OJS, so that registered user accounts are not easily accessed or known by hackers. Currently, in the OJS gallery plugin, we can use the “Better Password Plugin” feature which allows authors who carry out the registration process to always be asked to create a more secure password.
This plugin helps ensure that each user creates a password with a complex combination of characters, including uppercase letters, lowercase letters, numbers, and symbols. By implementing a strong password creation policy, the risk of unauthorized access to user accounts can be optimally minimized.
4. Perform Regular Backups Data
Performing regular data backups is an important step to ensure data security and integrity in OJS. A good backup is one that is carried out by the system automatically and is carried out every day. In addition, backup files should be stored on another server. By storing backups on a separate server, we can ensure that the backup files can be accessed at any time, even if there is a problem on the main server.
Daily automatic backups help ensure that the latest data is always available and ready to be restored in the event of a system failure, cyberattack, or data corruption. With the right backup strategy, the risk of data loss can be minimized.
5. Choose the Right Hosting Provider
This is the most important step to make our OJS site safer, namely by choosing the right and trusted hosting provider. Maybe for some people who are still confused about how to choose a hosting provider or are using hosting for the first time, they consider it only in terms of price. However, there are many more important aspects that we must consider when choosing a hosting provider. Considering that OJS is a long-term platform and stores a lot of important data, we need to be wise in choosing a hosting provider so that our OJS site can run optimally.
When choosing a hosting provider, it is not enough to judge based on the price or server capacity they offer. However, we also have to pay attention to the services or features it offers, especially those related to site security. Moreover, the provider must be able to provide the right solutions to various problems that you will face in the future, and provide maximum support.
As a specialized OJS hosting that is built for OJS/OMP, here are several steps we take to improve the security of our clients’ OJS sites.
a. Develop and Implement Exclusive Security Infrastructure
We care deeply about the security of our clients’ sites, so we continually develop and implement strict security systems. Currently, our expert server team has succeeded in developing a proprietary and in-house security tool (Guardian AI and OJT Advanced Security) and infrastructure, and this is what we apply to our clients’ OJS sites. With this security infrastructure, it will further strengthen the security of your OJS site so that you can carry out your activities smoothly without having to worry about threats in the future. This security infrastructure can only be found on our hosting service.
b. Provides a fully compatible server environment for OJS
We provide specific servers that are optimized to run OJS. All functions on our server are designed and optimized in such a way that they can run all the features required by OJS. From several cases that we have encountered, if you use a general hosting provider, you will find that several important features that OJS requires cannot run properly and are even blocked by the server itself. Moving on from this case, we then provide a special server for OJS, so that we can ensure that all the features and menus required by OJS can run optimally.
c. Involving an Expert Server Team and OJS Support Team
Not only involve our expert server team, we also involve our experienced OJS support team. So your OJS will be strengthened from all sides, including the backend and frontend of OJS. Our OJS support team will help you to handle any technical problems related to OJS that you encounter. Various OJS technical problems will be handled directly by our support team.
As long as you use our hosting service, you will get Free OJS Priority Support. So you don’t need to worry about various obstacles that you will encounter in the future, and you can focus more on the research you are doing. So far, our OJS support team has directly handled various clients from reputable institutions and universities such as Qassim University, INCEIF University, Airlangga University, Zagreb University, Republic of Indonesia Financial Audit Agency, and many more.
We also provide support through several channels that you can choose. Several ways you can get our support are via email, ticketing system, and even direct WhatsApp. So our clients can choose the most comfortable and effective way for them according to what they want.
d. Implement Automatic Data Backup
Indeed, almost all hosting providers provide features for data backup. However, what differentiates our hosting from other general hosting is that our hosting has an automatic daily data backup feature. So you don’t need to bother backing up your data manually. Because by using our hosting service, all your data will be backed up automatically every day. This way, you can focus on managing your OJS site without worrying about data loss.
e. Free upgrade OJS Regularly
By using our hosting service, you will also get the Free OJS Upgrade service. The question is, is this OJS Upgrade really important? The answer is yes. Because by doing the OJS Upgrade we not only get the latest features, but OJS security will also increase. This is because at certain periods the OJS developer (PKP) regularly releases the latest version of OJS. Where in this latest release OJS improvements were made, especially improvements in terms of security.
Moreover, if your OJS version encounters a security issue like the image below, then this means that the OJS version has a security gap so you need to upgrade OJS.
In our hosting, we will choose the version of OJS that will benefit to the user and is proven stable. We take our distance for Fear of Missing Out (FOMO) as many of our OJS users have in mind. So we will discuss and educate the customer that newer or the latest version may not be a best choice for OJS installation.
f. Provides Exclusive Plugins
We also provide exclusive plugins to clients who use our hosting services. Some of these exclusive plugins include Crossmark Export Plugin, Letter of Acceptance, RePEc, and Copernicus. Using this plugin will help increase productivity on your OJS site. We also developed this plugin as a form of commitment and dedication that we give to our clients. So it is hoped that this can help increase the visibility and ranking of the journals they manage.
Conclusion
OJS is a platform that is widely used by academics and publishers to carry out scientific publications such as journals and so on. Various important data is stored in it, such as journal data, user personal information and so on. Considering the large amount of important data stored, we must pay attention to the security aspect. So that our OJS site is safe from external threats such as hacks and so on, we have to be more vigilant and find out what steps we can take to increase the security of the OJS site.
Moreover, there are currently many cases where OJS sites are hacked and then converted into gambling sites and the like. There are several steps we can take to protect our site from this hack threat, namely by periodically upgrading OJS, installing additional plugins, creating a strong password, and the most important thing is using an experienced and trusted hosting provider.
