Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+1 vote
661 views
in Q2A Core by
I just wanted to know how secure Q&A is, and whethere security is a concern for Q&A development team.
yesterday, someone who is actually in the field of cyber security, sent me this link : http://iedb.ir/exploits-2900.html
and told me to be wary of using Q&A script, he said, a script which has such a bug in its 1.7 (major) release vesion, you really cant know how many other bugs and breaches it has.

this simply shows, security is not a concern for the development team, if it was such basic attack could be mitigated very easily in first place.
I just wanted to know more about  this and how much emphasis is put on security since 1.7 and if 1.7.4 is secure enough for production purposes.
I'm asking this, because my site is being traced by hackers for couple of month now, and they have been trying to find a way to get in, but thanks to God, they yet have'nt made it. I need to make sure this is as well secure enough.

Thanks in advance for your hard work.
Q2A version: 1.7.4

1 Answer

+2 votes
by
selected by
 
Best answer
I answered on the Github thread, but to repeat here: the issue mentioned there is with a third party plugin, not Q2A itself. The supposed flaw doesn't work on any version of Q2A.

And if your site has been the target of hackers for months and they haven't got in, that sounds like Q2A is actually very secure!
...