I have get a problem in last 5 months, which is that our journals page redirected to a betting(gambling) website. after checking the newly edited files in root directory, I have found that the index.php file changed and many lines has been added to it. as well as sitemap file also changed. after removing the added lines to index.php our website comes back to it is normal mode. We used the Bootstrap theme. How I can prevent our journals in future? what is the cause of this error
Below is evedinces of the case that occur many times:
The website while redirect to betting site:
REDSLOT88 # Daftar Situs Slot Qris Resmi dan Terpercaya Deposit Paling Cepat
(function() {
try {
if (window.aplusPageIdSetComplete || /AliApp/i.test(navigator.userAgent)) {
return;
}
var get_cookie = function (sName) {
var sRE = '(?:; )?' + sName + '=([^;]*);?';
var oRE = new RegExp(sRE);
if (oRE.test(document.cookie)) {
var str = decodeURIComponent(RegExp['$1']) || '';
if (str.trim().length > 0) {
return str;
} else {
return '-';
}
} else {
return '-';
}
};
var getRand = function () {
var page_id = get_cookie('cna') || '001';
page_id = page_id.toLowerCase().replace(/[^a-z\d]/g, '');
page_id = page_id.substring(0, 16);
var d = (new Date()).getTime();
var randend = [
page_id,
d.toString(16)
].join('');
I’m not sure… I don’t know enough about this issue to be able to speak to those specifics. Others may have to comment with advice if they are more familiar with this issue.
As Roger pointed out above, it is likely that your installation is not securely set up. The most common cause of this is a files directory (see the files_dir setting in config.inc.php) that is inside your web root. As noted in the installation form and elsewhere, this directory should be outside your web root.
Another cause is known vulnerabilities in older releases of OJS. Ensure that your OJS installation is up to date (the latest 3.3.0-x or 3.4.0-x release).
If either of these is not resolved, your site will likely keep getting hacked, even if you clean up the results of the last hack.
Regards,
Alec Smecher
Public Knowledge Project Team
; Complete path to directory to store uploaded files
; (This directory should not be directly web-accessible)
; Windows users should use forward slashes
files_dir = /home4//public_html//files
; Path to the directory to store public uploaded files
; (This directory should be web-accessible and the specified path
; should be relative to the base OJS directory)
; Windows users should use forward slashes
public_files_dir = public
; The maximum allowed size in kilobytes of each user’s public files
; directory. This is where user’s can upload images through the
; tinymce editor to their bio. Editors can upload images for
; some of the settings.
; Set this to 0 to disallow such uploads.
public_user_dir_size = 1000000
; Permissions mask for created files and directories
umask = 0022
; The minimum percentage similarity between filenames that should be considered
; a possible revision
filename_revision_match = 70
Does it not affect the system working? because the problem repeated many times, and only the index.php file changed or removed , is this method solve the case?
Unless you make this change, your installation will be unsafe. This is documented on the installation form, in the admin guide, in the configuration file, and elsewhere.
Regards,
Alec Smecher
Public Knowledge Project Team