Users Section Hacked - 38,000+ Readers Added - Help!

I started getting Russian spam from my OJS journal website a few days ago (sent from my own email address). I changed my password, but it still seems to be coming. When I investigated a little deeper, I found that there were over 38,000 Readers added to the journal. Someone is using the journal to send spam (in Russian) to these 38,000 email addresses. I have now turned off the self-registration by users option.

Any suggestions on how to deal with this, short of shutting the journal down???


Hi @Alan_A,
What I understand from your question is:

  1. There are a lot of spam registration in your website.
  2. You are getting spam mail from your website.

To prevent spam registration, I suggest you enable re-captcha in your system. Search the forum, there are discussions on that subject.

If you are getting spam mail from your system, it seems that it has already been infested. I suggest:

  1. you review you security setting, keep you file folder outside the web accessible folder. (Out of the public_html or www).
  2. Set properly the permission of your file and folder (I never understood it properly; make the user the owner and make permission 755 for folder and 644 for file. This is my shortcut)
  3. You should have made several backup of your website. Now use the one which was saved before your system got infected (I don’t know how to find when it was infected, use your best guess). Restore your website from that backup.