So the files folder is in the web root? Do directives in .htaccess file prohibit the execution of scripts uploaded to the files folder?
I recommend also reading this post: Security issue: hacking of OJS 3.0.1 via submission - #5 by ctgraham
So the files folder is in the web root? Do directives in .htaccess file prohibit the execution of scripts uploaded to the files folder?
I recommend also reading this post: Security issue: hacking of OJS 3.0.1 via submission - #5 by ctgraham