What is OJT Advanced Security Plugin

What is OJT Advanced Security

OJT advanced Security is our exclusive plugin that we built to add additional crucial protection to the OJS from illegal backlink injection, preventing the illegitimate user access caused by data breach, meta-data protection changes from the issue and articles (especially from past issue and published article) that can be abused to promote online gambling site or judol or other ilegal keyword or backlink.

Why OJT Advanced Security Plugin ?

As we have handled more and more client, the security is become one of main concern for their journal. As we heard about the leaked credential and the phishing site become daily threat.

For example, submissions that lead to phishing site.

Many of this hack attempt grant a successful credential thief by the hacker by stealing the cookies or seducing the OJS user to input their credential.

After they have gained access to the OJS, they may place a nasty backdoor to explore the server and take over the server’s highest roles as root. This is the reason that many of users that use the hosting that uses CPanel can also get hacked without the hacker needing to inject any malware or abuse the vulnerability in OJS. In another case, the hacker attaches a link to JUDOL. The negative impacts of this activity includes: Journal becoming seen as the host of online gambling affiliation, the data being manipulated by hackers, Google Scholar removing all the articles of the journal in their indexing, and many more negative impacts that affect the credibility of the journal.

The need for improved security protection become an essential and must-have feature for this kind of threat become essential for many of our client. The commitment to provide better support for our clients became our top priority. We also note that the OJS has very limited security feature. One of the proof is although we have implemented all the security features in OJS, the journal may still have a chance for getting hacked.

Currently in OJS, there are only very basic configuration in OJS security. Such as there is the feature of configuring the Google Captcha and Allowed Host. However as the attack pattern is more complex in the digital world, We develop an exclusive plugin for enhancing the security of OJS.

To prevent this kind of threat, our team has divided into two team: the first team that created a OJT Guardian that is created to protect our server based on Python and not directly related to OJS. The second one is to create an OJT Advanced Security which is an OJS plugin that can be deployed to all of the support and hosting clients.

In this we will introduce you OJT Advanced Security

OJT Advanced Security is created with the purpose to improve and provide the better security tool for our client. The features that we have built are based on our vast experience in handling many of reputable client. The feature include :

  1. Keyword Injection Protection
  2. IP Address Blocker
  3. 2-Way Authentication method
  4. User Agent Protection

With this plugin, you can configure improved security features such as when some user wants to add a backlink to online gambling, it will automatically block the activity. You as the OJS administrator can also block requests from certain IP Addresses. We also implement a sophisticated algorithm inspired by ModSecurity that will add a trust score to the traffic of OJS. If the request is decided below the trust score it will automatically block the request.

We also regularly update the pattern of attack to our client such as SQLI Pattern, RFI, and many more patterns. This is to make sure that the configuration get updated and makes the use of journal without interruption.

Any hacking attempt will be thwarted by the plugin, providing a shield that keeps you at ease in mind

We believe that this advanced protection is the ONLY tool that is provided by us – OJT Team as the vendor that is focused on OJS. This also shows our commitment to providing better support and enriching the ecosystem of the OJS.

More configuration is included and will gradually improved based on our case to handling our client.

Why you need metadata change protection ?

Protecting OJS from Metadata Tampering and Security Threats

Through our experience managing thousands of OJS (Open Journal Systems) clients, we have identified a major security risk: OJS provides very limited built-in protection against unauthorized changes to journal metadata.

For example, OJS does not send alerts or provide controls when someone attempts to modify critical metadata such as:

  • Article citations
  • Abstracts or full-text content
  • Author names and article participants
  • Issue metadata or publication information

This creates a serious risk to journal credibility and indexing.

How Hackers Exploit OJS Vulnerabilities

If a hacker gains access to an OJS installation—often via a data breach—they can:

  • Inject hidden backlinks into abstracts or full-text articles
  • Alter citations or DOI metadata
  • Modify author names or article participants
  • Change indexing-related metadata without detection

Even small unauthorized changes can severely impact journal indexing, including:

  • Google Scholar author profiles and citations
  • DOI records
  • Scopus or other major academic indexes

Our Solution: Metadata Security & Injection Protection

To address this critical OJS vulnerability, we developed a specialized protection tool that:

  1. Monitors OJS metadata in real-time
  2. Detects any suspicious changes or illegal keyword injections
  3. Notifies journal managers or admins immediately

With this system, your journal is protected against hidden attacks that could damage credibility, impact indexing, or harm author reputation.

The OJT Advanced Security plugin and the OJT Blazing Cache is included in our support service and hosting service.

With OJT Advanced Security features, we ensure you can operate with peace of mind and focus on what truly matters. No need to worry about non-essential disruptions, as our system is designed to safeguard your business, allowing you to be more productive and efficient in achieving your goals

About the Author
user-avatar

Project Manager

Hendra here, I love writing about OJS and share knowledge about OJS. My passion is about OJS, OMP platform and doing some research on creating innovated products for that platform to help publisher to improve their publication.

Leave a Comment

Your email address will not be published. Required fields are marked *

Open Journal Theme

Need More Services  or Question?

Openjournaltheme.com started in 2016 by a passionate team that focused to provide affordable OJS, OMP,  OPS,  Dspace, Eprints products and services. Our mission to help publishers to be more focus on their content research rather than tackled by many technical OJS issues.

Under the legal company name :
Inovasi Informatik Sinergi Inc.

Secure Payment :

All the client’s financial account data is stored in the respective third-party site (such as Paypal, Wise and Direct Payment).
*Payment on Credit card can be done by request
Your financial account is guaranteed protection. We never keep any of the clients’ financial data.

Index