Hi OJS Team,
We are exploring OJS 3.3.0-19 LTS for one of our journals. Just want to know what proactive measures are available natively to the OJS software to safeguard against online attacks. Clam Antivirus is available as a plugin, but is there any robust web application firewall system available? If not, it would be great if you could recommend a free and open-source firewall software that works with OJS scripts without issues.
Hi @sumeshks,
It’s common for sites to use ClamAV for virus checking of uploads, and tools like mod_security and fail2ban to watch for malicious requests. If you do use mod_security, you might find that it sometimes causes false positives – i.e. requests containing legitimate sequences of words that mod_security thinks are an attempted attack. So you might find that the ability to adjust its rules is helpful.
Regards,
Alec Smecher
Public Knowledge Project Team
Hi Alec, thanks for the reply. I shall try these options.
Hi @sumeshks,
I forgot to add – there are also several plugins in the OJS Plugin Gallery that you might consider.
Regards,
Alec Smecher
Public Knowledge Project Team