Hello.
Unfortunately it happened to me to be hacked (it altered me the home page of my site) by the same Indonesian guys which apparently they are doing it for fun. That because my “files” folder was created initially inside the public html.
(I limited the submissions by registered users.
Many suspect users (mostly from Indonesia) made accounts and tried to upload scripts but nothing happened.)
The situation it is really frustrating for the real submitters: they make an account and cannot submit. Many leaves.
Please let me know if I can let the submissions enabled after moving\modifying the directory outside the public_html.
A few questions:
-
I already have a couple of journals and articles published. Does the change in the config.php doesn’t affect the integrity of database and all the structures already created with the old configuration?
-
It is really safe against the future attacks of this kind? It is necessary to add some .htaccess rules too.
-
What changes I have to do excepting the path in config.php and the physical location of the files?
My OJS version is 2.4.7.1.
Thank you and my best regards.