Hi @oah433,
That site contains misleading information about OJS security. See PKP Position on Online Harassment for a statement about that company.
It’s difficult to give specific instructions for file permissions, as servers will have a number of different configurations. Essentially 777 permissions (on UNIX-like platforms) are never safe to use. There is a more comprehensive description of OJS’s requirements for file permissions in the FAQ area of this forum: How should file permissions be set?
The most important considerations for security are described in docs/README under “Recommended Configuration”. Note in particular the need for your files directory to be kept outside the web root, or protected – this is mentioned on the installation form, in the README, and elsewhere, but does get overlooked.
Regards,
Alec Smecher
Public Knowledge Project Team