How we use it. Persons registering select their roles as reader, reviewer, author, or any combination thereof. The reader role does not have the option of posting on the site. Readers are notified when a new issue is published. The reviewer role does not have the option of posting on the site, except as follows: Reviewers are invited to review an article; they may accept or decline the invitation. If the reviewer accepts the invitation, he is provided access to the article, and also to a review form to complete and upload-he may also upload additional comments.. The process is built into the software- no outside email Authors post their articles according to software rules The article is initially in the unassigned category. I vet the article to remove identifying data and for evidence of plagiarism I assign the article to the theme editors The theme editors invite the reviewers NB Letters of invitation, assignment, acceptance, decline are all form letters contained with the OJS software; the review forms were created by us. None of the user roles within the software require or permit outside contact.
My college hosts two OJS journals (2 separate installations). I have a captcha installed on mine.
A malicious message was posted on the other one, which resulted in IT removing the “Register” link from the top ribbon on both journals, making it impossible for viewers to register on my journal as authors, reviewers, readers.
Is the access of users as reader, reviewer, author strictly contained within those “roles,” or does “registration” open some type of “back door?”