OJS OCS OMP OHS

You are viewing the PKP Support Forum | PKP Home Wiki



A lot of spams, how to protect OJS?

Are you responsible for making OJS work -- installing, upgrading, migrating or troubleshooting? Do you think you've found a bug? Post in this forum.

Moderators: jmacgreg, btbell, michael, bdgregg, barbarah, asmecher

Forum rules
What to do if you have a technical problem with OJS:

1. Search the forum. You can do this from the Advanced Search Page or from our Google Custom Search, which will search the entire PKP site. If you are encountering an error, we especially recommend searching the forum for said error.

2. Check the FAQ to see if your question or error has already been resolved.

3. Post a question, but please, only after trying the above two solutions. If it's a workflow or usability question you should probably post to the OJS Editorial Support and Discussion subforum; if you have a development question, try the OJS Development subforum.

A lot of spams, how to protect OJS?

Postby Ojser » Thu Jul 12, 2012 6:06 am

Hi,

I notice a lot of spams, ads and malicious visitors.
I'm wondering whether setting permission for all folders and files to minimum (440 or 400) will enhance protection. I've tried to set it for some folders but the website becomes inaccessible or deformed!
So my question is: how to protect journals without compromising the site accessibility?
Is there any specific precaution to take in consideration with OJS?

Thank you
Ojser
 
Posts: 152
Joined: Wed Mar 28, 2012 6:23 am

Re: A lot of spams, how to protect OJS?

Postby JasonNugent » Fri Jul 13, 2012 7:39 am

OJSer,

Turn the CAPTCHA plugin on. That is what it is for. It is a setting in your config.inc.php file.

Regards,
Jason
JasonNugent
Site Admin
 
Posts: 848
Joined: Tue Jan 10, 2006 6:20 am

Re: A lot of spams, how to protect OJS?

Postby Ojser » Fri Jul 13, 2012 8:45 am

Thanks Jason, but Captacha is enabled, except for one feature:

[captcha]

; Whether or not to enable Captcha features
captcha = off

; Whether or not to use Captcha on user registration
captcha_on_register = on

; Whether or not to use Captcha on user comments
captcha_on_comments = on

; Whether or not to use Captcha on notification mailing list registration
captcha_on_mailinglist = on


And even after I turned ON all these features, I don't see the CAPTHA code nowhere in the journal pages!
Is there a problem somewhere or it is intended to work in a background way?!

Regards,
Ojser
 
Posts: 152
Joined: Wed Mar 28, 2012 6:23 am

Re: A lot of spams, how to protect OJS?

Postby JasonNugent » Fri Jul 13, 2012 11:02 am

you need that first captcha feature. It's the one that turns everything else on.
JasonNugent
Site Admin
 
Posts: 848
Joined: Tue Jan 10, 2006 6:20 am

Re: A lot of spams, how to protect OJS?

Postby Ojser » Sat Jul 14, 2012 5:15 pm

JasonNugent wrote:you need that first captcha feature. It's the one that turns everything else on.


Sorry Jason, if you mean for the registration page, I've tried it but there is no CAPTCHA code!
I have only a dark zone without any visible letters. Here how it looks like:
Image
Why letters don't appear? I'm using the latest php and apache versions.
Ojser
 
Posts: 152
Joined: Wed Mar 28, 2012 6:23 am

Re: A lot of spams, how to protect OJS?

Postby asmecher » Sat Jul 14, 2012 5:29 pm

Hi Ojser,

Have you specified a valid path to a font to use? See the [captcha] section:
Code: Select all
; Font location for font to use in Captcha images
font_location = /usr/share/fonts/truetype/freefont/FreeSerif.ttf
Regards,
Alec Smecher
Public Knowledge Project Team
asmecher
 
Posts: 8316
Joined: Wed Aug 10, 2005 12:56 pm

Re: A lot of spams, how to protect OJS?

Postby Ojser » Sat Jul 14, 2012 10:57 pm

Thanks Alec, but which path should be specified?
By default, I have the same path you posted.
I also tried to change the font types by replacing for example "FreeSerif" in the path above with different fonts (NewTimes, Calibri, etc) but nothing changed! I don't see letters !
Is there any specific path other than the default one, to be specified?

Regards,
Ojser
 
Posts: 152
Joined: Wed Mar 28, 2012 6:23 am

Re: A lot of spams, how to protect OJS?

Postby JasonNugent » Sun Jul 15, 2012 9:45 am

Hi OJSer,

You'll need to look at your operating system environment on your server to find out where your fonts are stored. There are a few UNIX commands you can run, if you have shell access. These may or may not work in all situations.

Code: Select all
locate *.ttf


That will probably give you a bunch to choose from. You can also try:

Code: Select all
find /usr/share -name "*.ttf"


for others.

Jason
JasonNugent
Site Admin
 
Posts: 848
Joined: Tue Jan 10, 2006 6:20 am

Re: A lot of spams, how to protect OJS?

Postby Ojser » Sun Jul 15, 2012 3:13 pm

Thanks Jason!
It works nicely now! I didn't thought that I will need such an approach. I thought it should be self-working without need any extra configuration..
It may need a button to change the code, when it is hard to guess!
However, CAPTCHA code is in general not so efficient against all spammers and robots..
Anyway, my problem is solved in regard to this issue.

Thank you a lot.
Ojser
 
Posts: 152
Joined: Wed Mar 28, 2012 6:23 am


Return to OJS Technical Support

Who is online

Users browsing this forum: Google [Bot] and 3 guests