You are viewing the PKP Support Forum | PKP Home Wiki

Security of the system

Are you responsible for making OJS work -- installing, upgrading, migrating or troubleshooting? Do you think you've found a bug? Post in this forum.

Moderators: jmacgreg, btbell, michael, bdgregg, barbarah, asmecher

Forum rules
The Public Knowledge Project Support Forum is moving to http://forum.pkp.sfu.ca

This forum will be maintained permanently as an archived historical resource, but all new questions should be added to the new forum. Questions will no longer be monitored on this old forum after March 30, 2015.

Security of the system

Postby acabello » Wed Nov 28, 2007 2:19 pm

Hi Alec

For several months now, a user with an email sandra-iz@mail.com (the last two letters after sandra- changes with every mail) registers ones or twice a week (even more). The system sends a welcome email to the user, however, it returns indicating an error. The user name is usually the name Sandra-iz (the last two letters are the same as in the email). The password in the email indicates that it is unknown. We are experiencing the same problem now with Yorkshire-kk@NetZoola.com... The last two letters after Yorkshire- changes every email. It is clear that these emails and registrations are being conducted through an automated process. Fore some reason I can’t detect the emails or users in the system when I search among the users.

Is someone else having this problem? How can we secure our site to this kind of invasion?

Since the system is sending the welcoming email (with a non-functioning email) there is a new registration, that for some reason the system is not detecting.... what problems might this bring?...I dont know!!


Ciencias Marinas
Posts: 4
Joined: Mon Jul 02, 2007 9:16 pm

Re: Security of the system

Postby asmecher » Wed Nov 28, 2007 9:02 pm

Hi Alejandro,

See e.g. http://pkp.sfu.ca/support/forum/viewtopic.php?p=8605#p8605 for a discussion of similar problems. Spam registrations have been reported by several users; these aren't any kind of risk (security or otherwise), but they can clutter up role lists. CAPTCHA testing, due for release shortly with OJS 2.2, should solve the problem.

Alec Smecher
Public Knowledge Project Team
Posts: 10015
Joined: Wed Aug 10, 2005 12:56 pm

Return to OJS Technical Support

Who is online

Users browsing this forum: Google [Bot] and 6 guests