Table of Contents
Introduction
Open Journal Systems (OJS) is a popular and widely used platform for managing and publishing articles. Based on data compiled by PKP, as of 2023 there are more than 52,320 OJS users/publisher globally, and this number will continue to increase every year. The large number of publishers using OJS proves that OJS is the only one article publishing platform that is highly suitable and easily adaptable by any user globally. This is also thanks to the hard work of PKP as the developer of OJS. We should be very grateful to PKP.
Of the many journal managers who use OJS, there are journals that have existed and operated for years as well as newcomers. However, regardless of their ranking status (indexing) and how long they have been operating, unfortunately many of them are still not fully aware of the important role of the hosting/server environment in supporting the sustainability, security and stability of the OJS site they use.
*For those of you who are new and still don’t understand what hosting is, please read this article: What is web hosting
As a result, over time, various obstacles often arise, ranging from slow load speeds, users failing to upload files, being hit by keyword injection and illegal backlinks, hacked and various other problems. In fact, various technical problems arise that are not always caused by OJS, but also by an unsuitable hosting environment itself. The hosting environment is an important aspect that journal administrators must consider, yet it often does not receive sufficient attention.
The big question is can every type of server or hosting run OJS stably and securely? Unfortunately, no. OJS has different requirements compared to common websites like WordPress. You may find many well-known hosting providers out there, but the fact is not all of them can support the specific needs of OJS. OJS might be installed successfully at first, but in the long term many special requirements will appear. If the provider cannot handle them, your OJS site may face problems, it can become unstable, authors may fail to submit articles, or even worse, the system could be hacked due to weak security.
The hosting/server you currently choose or use has a significant impact on the performance, stability, security, and long-term maintenance of your OJS site. If you choose the wrong hosting provider, it will be very detrimental to you and disrupt the operational activities of your journal site. And even if your site goes down or gets hacked in the long time, it has the potential to cause your site to be deindexed or blocked by Google Scholar or other indexing sites.
Is it too late now? Not entirely. For those of you who are new to or have not yet used OJS, this article will help you consider which hosting is right for you. As for those of you who are already running OJS, you can reflect and evaluate your current experience.
To make it easier for you, this article will explain why hosting requirements for OJS differ from those of non-OJS platforms. Please read on.
Why do you need to choose hosting specific for OJS?
As we explained earlier, OJS has different requirements than other platforms (such as WordPress). Therefore, it is very important for you to use a server that is specifically designed for OJS. This is very useful to ensure that your OJS site is secure, stable, and runs well. Moreover, the long-term sustainability of the site is greatly influenced by the quality of the hosting infrastructure you are currently using. Many issues experienced by users are actually due to limitations of the servers they use for their OJS.
Here are several reasons why we need to choose a server specifically designed for OJS:
1. OJS is Not A General Website
The OJS system works differently when compared to other CMS platforms such as WordPress. Regular websites generally only display a single page or other static content. Meanwhile, OJS is naturally designed to manage more complex and dynamic article workflows. Therefore, it can be said that OJS not only displays publication results, but also serves as a center for managing the entire article publishing process.
Within OJS, there are various processes, such as article submission by authors, editor assignment, reviewer assignment, article revision, and the production process for publishing the final article. All of these processes run in a structured manner within OJS. Each process involves intense interaction with various components such as databases, file management, and various other accesses according to the user’s role. Due to this complexity, OJS requires a stable server that is specifically designed to run every OJS function properly.
2. Database-Intensive Operations
Technically, OJS is highly dependent on database interactions in almost all activities that take place within it. For example, activities such as article submissions by authors, article metadata input, activity logs, and various other processes are stored and processed through the database actively and dynamically. Therefore, naturally, every user activity in OJS, such as those of authors, managers, editors, reviewers, and others, will directly result in an additional load on the database system.
Moreover, when the number of article submissions increases and there are more users in OJS, the load also increases significantly. If the server has limitations or is unable to handle this, it will have various impacts, such as slow OJS load speed, and even trigger errors in other parts. Therefore, server resources that are able to handle this stably are an important and primary factor in running a stable and smooth OJS site.
3. File Structure and Permissions Matter
OJS stores various important data or documents related to articles uploaded by users. All these files are stored in various directory structures that have been systematically organized. This is not just ordinary storage, but also involves access settings based on user roles that have been set as default standards in OJS. Therefore, the folder structure, permissions, and various storage configurations on the server must be implemented correctly so that OJS can read, display, and execute files smoothly.
Based on case by case experiences of OJS users, several problems sometimes arise related to inappropriate folder accessibility and various other advanced configurations. As a consequence, if the access permissions applied to folders are not appropriate, this can cause system failures and potentially create security vulnerabilities. On hosting infrastructure that is not specifically designed for OJS, this can become a recurring issue that has the potential to disrupt journal operations.
4. Security Risks Are Different
Basically, every website on the internet has security risks, regardless of what kind of site it is. This does not mean that we should be complacent about security on OJS. However, we need to understand that OJS has its own characteristics, which require a specific approach to improve security on OJS. We cannot use general security infrastructure, because OJS has its own structure that requires security built specifically for OJS. In some cases, there are various security vulnerabilities in OJS, such as hackers being able to change themselves to admin, illegal insertion of backlinks or keywords, insertion of backdoors, and various other cases related to the exploitation of server configuration vulnerabilities that are not realized by users.
Unfortunately, the security layers commonly provided by general hosting are not fully capable of addressing the specific risks to OJS. Without the right tools and server configuration, your OJS site could be hacked at any time. Therefore, we need to be very selective in choosing an OJS hosting provider that provides exclusive security tools for OJS. This is to maintain the security and stability of your OJS site in the long term. Because if your site experiences disruption or is hacked, there will be various major consequences, such as a decline in journal reputation, your site being blocked by Google Scholar and other indexing services, a drastic decline in visitors, and various other detrimental effects.
5. Long-Term Stability and Updates
Another important thing is that OJS requires regular system updates. These updates serve to improve features and cover existing security gaps. Moreover, older versions of OJS have various security gaps, as we explained in an article titled “Urgent Critical Vulnerabilities in < 3.3.0.17. Upgrade your OJS now!”. The OJS upgrade process is not just a matter of increasing the version, but also concerns compatibility with the PHP version, database, and various other configurations on the server.
If the server cannot meet the requirements of the latest version of OJS, users will experience various problems. Among these problems are authors failing to submit articles, reviewers failing to upload files, plugin menus being inaccessible, statistics not running, and various other vital problems. In the long run, problems like this will have a negative impact on the sustainability and operation of your journal. Authors will be reluctant to submit articles there, visitor traffic will decline, the journal will be deindexed by various indexing services, and so on, so that over time your OJS site will decline until it can no longer operate fully.
Therefore, from now on, you must be selective in choosing the hosting provider you will use to run your OJS site. Because if you make the wrong choice, this will have a negative impact on your journal in the long run.
6. Performance Under Growth
As time goes by, the number of visitors and submissions to your OJS site will increase. This is in line with the increasing demand for server resources. Various activities such as article uploads, the review process, and reader access to article pages will require various resources from the server, including CPU, RAM, database capacity, and others, all at the same time. This may not be noticeable at first, but as time goes on and the number of users/visitors increases, this effect will directly impact the speed of your site.
If your server provider does not have sufficient resources to accommodate these activities, your site will not perform optimally and will experience various problems. These problems include failed file uploads, inability to install plugins, slow dashboards, and even total site downtime and inaccessibility. We often encounter this problem among other OJS users, who experience problems in operating OJS due to server limitations.
7. Expert Support That Fully Understands OJS
Although server providers generally consist of IT support teams, unfortunately not all of them have in-depth experience and understanding of OJS. There are many server providers out there that provide general server-level support, but they do not really understand the workflow structure, functions, user roles, technical aspects that occur during the editorial process, and various other important things in OJS. Instead of getting a solution, when you ask them about OJS issues, they only respond in general terms without providing the right solution for you.
In particular, troubleshooting OJS often requires experience and a deep understanding of the OJS workflow. This is because there are many events that occur in the OJS process, such as the submission workflow, file management, database interactions, and various other things. Without this experience, the problem identification process can take longer and potentially cause confusion and unclear solutions. Or worse, if mistakes are made during the fixing process, there is a risk of losing important stored data. Therefore, when you choose a hosting provider, make sure they have a team of experts who truly understand the structure and workings of OJS thoroughly.
Choosing the right hosting for OJS is essentially an important step to minimize various risks in the long term. When choosing hosting, you should not only make OJS online, but you must also consider various factors such as server security, capacity, support team provided specifically for OJS, and others as we have mentioned above.
Given that OJS has different characteristics from other websites, we need to pay attention to these points so that our OJS website can run smoothly and efficiently. By understanding these differing needs, you can make informed and targeted decisions when selecting the hosting or server you will use for OJS.
Why OJS must secure?
This is an important point that you need to understand. Security on the OJS site is not only about protecting the site from common attacks, but also about maintaining the reputation and integrity of the entire publishing process that takes place on it. Specifically, OJS stores various important data such as article documents, user data, editorial decisions, review notes, and article metadata that greatly affect indexing. If this aspect is not properly maintained, the impact will not only be technical but also damage the reputation of your journal or institution.
In this case, you must understand why OJS must be secure. Here are some reasons:
1. Metadata Integrity and Indexing Impact
OJS not only stores article documents, but also stores metadata such as titles, abstracts, author names, email addresses, and other important information. This collection of metadata plays a very important role in the indexing process and visibility of articles by search engines (such as Google) and other reputable indexing institutions. The input of illegal content in article metadata by hackers can damage the reputation of your site and even interfere with the indexing process. In some cases, this has caused OJS sites to be deindexed or blocked by Google Scholar and other high-reputable indexing agencies.
Based on cases frequently experienced by OJS users today, security gaps can be exploited by hackers to insert various keywords, backlinks, and other illegal content into OJS sites. What is currently prevalent is the increasing number of OJS sites being hacked into gambling sites. This is highly detrimental to journal administrators and all parties involved. Therefore, security layers must be able to prevent such illegal actions to maintain the integrity and sustainability of journals in search engines and indexing systems.
2. Protection of Manuscripts
One of the most important assets on the OJS site is unpublished manuscripts. This data generally contains research results that have not been published elsewhere and can only be accessed by parties or roles involved in the article review process. If there is a data leak, there is a risk of plagiarism or misuse of articles by anyone. This is very detrimental to both the author and you as the manager or owner of the journal.
Around 2025, we encountered a case involving one of OJS users that reported to us. At that time, a hacker managed to exploit the server. Tragically, the hacker deleted all article files in OJS. To make matters worse, the OJS site did not have a data backup at that time. As a result, they could only stand by and watch, unable to restore the site to its original condition. In the end, all parties suffered losses, and the reputation of the journal and institution was instantly destroyed.
If server security is weak, this has the potential to pose various threats to your OJS site. These include the insertion of malicious files, backdoors, and various other dangerous scripts. If this happens, hackers will have full access to your OJS data, and the continuity of the important data within it will be threatened.
3. Reputation of Journal and Institution
When we discuss OJS security, it is not only about technical aspects, but also related to the reputation of the journal and the institution behind it. When an OJS site experiences incidents such as defacement, hacking, data leaks, data loss, illegal content input by hackers, and others, the impact will be very detrimental to you. The public will question the credibility of your journal, and it is possible that they will blacklist your OJS site as a place for publishing articles.
This is not just a matter of image; a damaged reputation can have a negative impact on the journal itself. For example, authors may be hesitant to submit articles there, reviewers may not want to be involved in the assessment process, and readers may question the validity of the articles and content published. In the long term, the public will judge that your journal and institution are unprofessional or unable to maintain the standards of its management system. If this perception is formed, the activities and sustainability within OJS will decline drastically, and this will certainly have an impact on the growth and sustainability of your journal and even the reputation of your institution.
4. User Account and Role Management
OJS has a complete and complex data structure for each role within it, such as author, reviewer, manager, editor, section editor, and others. Each of these roles has different tasks and access rights and is interconnected in a single workflow. If a user account is hacked or its credentials are leaked, this will have a significant impact on the entire editorial process currently underway.
For example, if a Journal Manager’s account is hacked, they will not be able to assign editors or forward articles to the next stage. This is very detrimental to both the journal management and the authors themselves. Furthermore, due to the uncertainty and disruption caused by this, all parties involved may be reluctant to carry out editorial activities on your OJS site. Over time, this will reduce the productivity and progress of your OJS site. And in the long run, your OJS site will even cease to operate, because no authors will want to submit their article to your site.
5. Server-Level Security Is Critical
So far, many administrators have only focused on security at the application level (OJS), while server-level security is equally important. For example, improper configuration, weak security tools, problematic file permissions, lack of additional security layers, and other inadequacies can become loopholes for hackers to exploit your server. Worse still, if hackers manage to take control of your server, they will essentially have complete control over your OJS site and will be able to do anything they want with it.
Servers that are specifically designed for OJS, especially in terms of security, have special capabilities to minimize various threats that may occur. Several things are protected, such as file directories, protection against malicious file uploads, monitoring, and execution during the security process. This approach is very helpful in maintaining the stability, security, and sustainability of your OJS site as a whole at the server level.
Top 5 OJS Hosting Options
Not all hosting services are designed to handle the technical demands of OJS. A poor hosting choice can result in slow performance, frequent downtime, data loss, or even security breaches that threaten your journal’s credibility. That is why choosing the most secure and stable hosting solution is not merely a technical decision, but a strategic one for the long-term sustainability of your journal.
Below are some OJS hosting options you can consider, from general-purpose hosting providers to specialized OJS hosting services. Each option comes with its own strengths and limitations. Understanding these differences will help you determine which solution best matches your journal’s scale, budget, and security requirements.
1. Hostinger
Hostinger is one of the most well-known hosting providers globally. We recognize that quite a few OJS users utilize their hosting services. This is because the prices they offer are quite affordable and even relatively cheap. This makes Hostinger the initial choice for users who want to start using OJS as a platform for publishing articles.
Generally, Hostinger offers various package options that can be tailored to your needs. For those of you who are just starting out with OJS or have low to medium traffic, there are packages available that are suitable for this. On the other hand, for those of you who have an expert IT team, you can choose a higher package with the VPS option provided by Hostinger.
Next, here are the advantages and disadvantages of Hostinger.
Advantages:
1. Supports the minimum OJS specifications (PHP, database, SSL) so that OJS can also be installed here.
2. Performance is stable enough for journals with a small number of articles and visitors.
3. Relatively affordable for educational institutions or journals with limited budgets.
4. Various package options are available that you can customize to suit your OJS needs.
5. Some packages offer a free domain.
6. You have full access to cPanel, the database, and other support panels.
Disadvantages:
1. So far, there is no dedicated support team for OJS, so if there are specific problems related to the flow in OJS, it will be quite difficult to find a solution quickly.
2. Server security is still general in nature, there are no specific security tools available for OJS.
3. Journal administrators must handle OJS upgrades, patching, and other specific OJS requirements themselves.
4. There are no exclusive or free OJS plugins available to improve journal visibility and administration.
5. There is no dedicated team with a thorough understanding of journal visibility or journal indexing best practices (e.g., Google Scholar, EBSCO, DOAJ, and others).
2. Namecheap
In general, Namecheap is known as a domain provider that is quite well-known to many people. On the other hand, NameCheap also provides hosting services for OJS. Of the various OJS users we have handled, some of them use Namecheap. They say that many users choose Namecheap for OJS because, apart from its affordable price, the technical support provided here is quite good, even though the technical support is general and not specifically for OJS.
Namecheap also provides a hosting environment that can be used for OJS. However, just like Hostinger, this hosting service is general in nature and not specifically optimized for OJS. So if you use this service, you must have your own experienced and creative IT team in order to run your OJS optimally. In addition, Namecheap also provides cPanel mail services, making it easy for you to migrate your cPanel mail from another provider to Namecheap.
Next, here are the advantages and disadvantages of Namecheap.
Advantages:
1. Stable enough for OJS installation for newcomers and intermediate users.
2. cPanel is available to facilitate the management of OJS databases, article files, and plugins.
3. The price is relatively affordable and not too expensive in the long run.
4. Mail cPanel is available
Disadvantages:
1. Does not provide specific technical support for OJS (e.g., error submission, issue reviewer workflow, or OJS plugins).
2. Automatic backup is only available in certain packages.
3. Performance may decline if the journal begins to have many PDF articles and high traffic.
4. Does not yet have specific security for OJS, either from the application side or the server level.
5. No guarantee for regular OJS patching
3. Bluehost
Overall, Bluehost is recognized as one of the web hosting providers recommended by WordPress.org. In addition to being frequently used for websites and blogs, Bluehost is also utilized by several institutions to manage OJS-based journal systems.
Of the many OJS users we have encountered, Bluehost is often chosen for its reliability, ease of use, and comprehensive hosting features. Bluehost offers a general hosting environment that runs OJS well, including support for PHP, MySQL, and cPanel access.
However, like Namecheap and Hostinger, Bluehost does not offer hosting specifically designed for OJS. This means that users need to handle the setup, updates, and troubleshooting themselves. Therefore, support from an experienced IT team is still needed to maintain optimal OJS performance.
Advantages:
1. Stable enough for OJS installation for beginner and intermediate users.
2. cPanel is available to manage databases, journal files, and OJS plugins.
3. Easy setup and user-friendly interface for institutions new to web hosting.
4. Good uptime and global reputation as a reliable hosting provider.
Disadvantages:
1. Does not provide dedicated technical support for OJS (such as submission workflow errors or plugin issues).
2. Automatic backups are limited and depend on the hosting plan.
3. Performance may degrade when journals contain many PDF files and experience high traffic.
4. There is no dedicated security configuration specifically for OJS applications.
5. Updating and patching OJS must be handled manually by the user.
4. Siteground
SiteGround is one of the hosting services known for its fast server technology and modern management system. For OJS-based journal publishing, SiteGround can be used as a place to run an online publishing system quite smoothly, and you need to choose a package that suits your specific needs.
We have encountered several OJS users using SiteGround hosting, and we acknowledge that in terms of stability and speed, it is sufficient for running OJS operations on a small to medium scale. SiteGround has fairly good security in general, one of which is the 2FA feature when logging into their hosting panel. This ensures that your access security is fairly guaranteed. SiteGround also has a user-friendly UI/UX that is easy for anyone to adapt to.
Advantages:
1. The server is fast enough to allow journal pages to load more responsively for readers.
2. A daily backup system is in place to prevent journal data loss.
3. The hosting management panel is modern and easy to understand for new users.
4. The hosting environment supports the latest PHP versions required by OJS.
5. Suitable for journals seeking a professional and stable appearance.
Disadvantages:
1. There is no dedicated support service for OJS technical issues.
2. There are no security tools specifically provided for OJS, either at the application or server level.
3. Subscription fees are relatively high for small institutions.
4. Storage space can be a constraint if many article files are large.
5. There are no built-in features specifically designed to optimize the OJS system.
5. OJT Hosting Service and Security for OJS
OJT Hosting and security is the only one provider that provides the most secure and stable servers specifically designed for OJS. By using this hosting service, all essential OJS functions can run optimally. Not only that, at OJT Hosting, we also equip our servers with multi-layer security such as Guardian AI and Advanced Security Plugin, ready to protect your OJS site every single time. This security includes protections such as prevention of malicious file uploads or backdoors, blocking of illegal keyword injections and backlinks, 2-Way Authentication, anti-spam bots, and more.
Additionally, while using OJT Hosting, you will receive free OJS Technical Support. This means that any technical issues you encounter with OJS will be handled by our expert team. We have a dedicated team of experts with years of experience in handling OJS issues and problems. This means that any challenges you face can be addressed quickly and accurately. With this support, you can focus more on your research without having to deal with technical issues that you shouldn’t have to handle.
Currently, OJT Hosting is used by various journals ranging from new journals to highly reputable journals spread globally. The services provided are considered as the most secure and stable hosting for OJS. The trust of many journal managers is proof of the quality of the system provided. With continuously developing support, OJT Hosting has become one of the top choices in OJS Hosting and Security Services.
Here are some of the advantages and disadvantages of OJT Hosting:
Advantages:
1. The most secure and stable server for OJS globally
2. Exclusive security tools for OJS (such as Guardian AI and Advanced Security Plugin) are available to protect your OJS from various aspects, both at the application and server levels
3. Direct technical support from the OJS expert team is ready to assist you
4. Includes automatic daily backups to ensure the overall continuity of your OJS data
5. Servers designed with above-average uptime
6. Server performance and infrastructure compliant with indexing and SEO standards
7. OJT Blazing Cache Pro available to provide maximum OJS load speed experience
8. Various exclusive OJS plugins available, such as Certificate Generator (create certificates for authors, editors, and reviewers), RePEc Plugin, and JATS Editor.
9. Your OJS site is monitored 24 hours a day by real people from our team of security experts and our internationally certified servers (CSCU, CEH, CTIA, CND, ECIH).
10. Free OJS upgrades
11. Regular OJS patching
12. An integrated ticketing system within the OJS dashboard, facilitate direct communication with our OJS expert team for resolving any technical issues you encounter
13. Free SSL forever
14. Affordable pricing tailored to your needs
Disadvantages:
1. You need to purchase or provide your own domain from a third-party domain provider.
2. The hosting control panel looks slightly different from cPanel, but it is still easy and user-friendly
3. Existing email accounts from cPanel (if any) cannot be migrated to our server because we do not use cPanel mail services. We provide our own mail server infrastructure, which is different from cPanel mail. If you want to keep using your cPanel email service, you can use a third-party cPanel mail provider.
If you want your OJS site to run fully secure and stable, so the OJT Hosting and Security Service for OJS could be the right choice. This service is specifically designed to protect OJS from various security risks while maintaining optimal server performance. Don’t wait until problems arise, protect and optimize your OJS site now.
Conclusion
Choosing the right hosting is very important for running an OJS website safely and smoothly. OJS is not the same as regular websites because it uses complex workflows, large databases, and stores many important files such as manuscripts and metadata. If the hosting environment is not suitable, many problems can occur, such as slow performance, failed uploads, security breaches, and even the risk of being removed from indexing services like Google Scholar.
Selecting the correct hosting for OJS is not only about making the site online, but also about ensuring security, stability, performance, and long-term growth of the journal. A well-chosen hosting provider will protect your data, maintain your journal’s reputation, and support the continuous development of your OJS site.
