Keamanan OJS pada Naskah yang sedang di review

Saat ini saya menggunakan OJS versi 2.4.8. Ada yang ingin saya tanyakan. Pada artikel yang sedang proses review ternyata bisa di search di google dan naskahnya dapat diunduh penuh tanpa harus login. Apakah ini termasuk bug yang ada di OJS atau ada kesalahan seting. mohon masukan dan saran dari para pengguna forum ini.
Screenshot saya sertakan. terima kasih



It appears you have left your private files_dir (see config.inc.php) as part of the application’s web root. You must either move the files_dir outside of your web root, or provide webserver configuration to prevent direct web access. See the instructions in README.

If executable scripting access is not prevented for a web-accessible files_dir, this is a serious security issue.

Thanks, I’ll try to move a file directory. I hope this is the way to solve my problem

Once you have moved your private files directory, these files will not longer be directly accessible. Only access mediated by OJS will be allowed. That way only the files actually published will be indexed. The old links will stop working. Links internal to OJS will not change.