When checking the submissions folder, I realized I almost got a defaced site. After checking the .phtml files, and trying to run them from a VM, it is apparent that the links the .phtml files referred to are dead, and much of the code is rendered obsolete (also a few typos here and there), so that’s probably why the attempts didn’t work.
So the site survived. But now I don’t know about the integrity of everything. There might be backdoors.
Asmecher have frequently suggested that victims of defacing should revert to the original .tar.gz OJS code. I am willing to do this, but currently there are several submissions in review, and coordinating everyone doesn’t seem good at the moment.
What solutions do I have, so that the .tar.gz file can be reuploaded, but credentials and the processes stay the same? The databases don’t seem affected by the attempt.
Also, at the moment I couldn’t yet upgrade to OJS 3.x, because of bureaucracy.
Thank you for your kind help.