I use 3.3.0.13 (still). As the OJS admin, I have earned the new title of “bouncer” who catches potential spammers registering themselves without any role (author, reader, reviewer) in any of the journals and I throw them out. Now, this has recently become a nuisance! Luckily, there are only a handful, and I have started to save their phpmyadmin entries. They use bogus emails and users names and are up to no good. This is of course my impression only after checking them in the journals first (we have 5). If I do not find them in the journal user lists, I can only disable or delete them using phpmyadmin via the cpanel because they do not appear in any of the journals where I could disable or remove them. I have been using recaptcha for several years and the config.inc.php file is set up that way as well.
Question: What can I do to block repeat-offender users in the OJS environment? While the cPanel offers an IP Blocker feature, the users table in phpmyadmin does not have an IP column, which would be helpful. I have access to the Apache server logs, but do nto know what lines I should look for. IP addresses do show in the log, so if I could identify the user in the log, I could add them to the IP Blocker.
Also: Is there a platform-level plugin (not used by any journal but one accessible to OJS admins) or a cPanel feature that I could query and block such users? Thank you for any helpful pointers in advance!
Have a look in the sessions table for IP address information. But you might also have a look at the akismet and form honeypot plugins, which are available in the plugin gallery.
Regards,
Alec Smecher
Public Knowledge Project Team
The sessions table does have the IP addresses but I need to create a relationship to the user table for a query. I will play with, but will try those plugins. It looks like they have to be associated with individual journals because they are not available in the system site settings. When I tried to install it in one of the journals I got the following message: "The “exec” PHP function has been disabled on your server. Contact your system administrator to enable it. " I guess, the message is referring to the host.
Thanks for these suggestions.
Arjun
Our server admin has enabled the php, but now when I enable the plugin and try to view Settings, I get the following popup: “Failed Ajax request or invalid JSON returned.” Where do I fix this?
You can probably get more information on a Failed Ajax request or invalid JSON returned message by looking at the PHP error log. But I’d suggest posting a new topic with the details; we try to keep each topic to a single subject/problem, so that someone else who encounters a similar message can search for it without running into other discussions.
As for the sessions table, it does have a user_id column linking it to the users table. You can use the ip_address in sessions and relate it back to users by user_id.
Thanks,
Alec Smecher
Public Knowledge Project Team
Hi Alec,
Thanks for pointing me to the error log. Our hosts has enabled me to see the up-to-date log, so I just have to mark the time I attempt to view settings and check the error log entries.
As for the sessions table, my bad! There is a user ID field, but I was so focused on user name because I have been checking recent registrations in the users table against users in each journal to make sure I am not deleting a legitimate users. Knowing the IP addresses will help me use IP Checker from now on.