Hi @rkhalikov,
Check your files_dir
setting in confic.inc.php
. If it’s something within your web root, it needs to be protected with a .htaccess
file or equivalent.
It’s possible that your OJS was modified using some other method – e.g. if you’re on a shared server that’s using the mod_php
SAPI, in which case another vulnerable application could’ve been used to add spam links to your OJS.
Regards,
Alec Smecher
Public Knowledge Project Team
Hi,
In won’t open a new topic unless otherwise recommended. If you refer to the first post in this thread, which I posted some time ago, I could not be able to use my menu items once logged in. I’ve come to this findings.
My OJS is hosted in an university. If I access from outside the university (which is my situation) I can loggin, but I face the situation stated in the first post. However, if I access via VPN to the university, I can loggin and work normally.
Now, if I loggout OJS, close the VPN session, and log into OJS again I can work normally.
Systems and Communications people at the uni are having a look at the issue.
Do you think that OJS could be storing some sort o token or something that enables me to work normally during some time after closing the VPN session.
Thanks in advance for your reply.
Regards,
Juan
Hi @jascanio,
Try turning off the session_check_ip
option in config.inc.php
. I wonder if your connection is behind a proxy bank or something that’s changing your apparent IP address; a VPN would probably mask this from OJS.
Regards,
Alec Smecher
Public Knowledge Project Team