Hi @alexpineda,
You might be encountering something like what’s described on this thread. We’re aware of automated attacks using known issues in older releases of OJS 3.3.0-x; I’d strongly suggest upgrading to the latest 3.3.0-x release – this should simply be a matter of updating the code – then making a couple of further checks:
- Review your journal settings for any unexpected Javascript (e.g. by checking
journal_settings
in the database) - Review your installation codebase for any unexpected files (search the forum for
diff
to find some recommendations, or find some general guides on e.g. StackOverflow) – in particular, look for unexpected plugins - Check to ensure that your
files_dir
is not publicly web-accessible; this is the most common way that OJS installations are attacked - Change any Journal Manager or Administrator account passwords
Regards,
Alec Smecher
Public Knowledge Project Team