Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
Ask a Question

Is it completely safe 1.8?

+1 vote
1.2k views
in Q2A Core by
Hello there.

I was using version 1.7.5 before. There were thousands of users and thousands of questions. One day, the hacker site in another country uploaded our index file. What I'm saying is, is this an attack like this in the 1.8 version I'm using right now? What should I do if there is an attack?

Let me ask you: can I find out if there is a file vulnerability on the site?

So, if they want to change the index file again, can they do that? Is it completely safe for 1.8?

I am using translation, sorry.
Q2A version: 1.8
by
Scan shows your site is hacked and malware detected. Let us fix this one by one.

1. Updated file using this fix. You need this fix on v180
https://github.com/q2a/question2answer/pull/607/files
2. Updated php to 7.x
3. Disable all plugins.

Let me know once done, I will check your site once again.
by
First of all, thank you very much. Now I'm going to add this code, do I make php version 7?

I'll disable all add-ons. Have I got it right?
by
So I'm going to add all of this code to qa-include / qa-theme-base.php, right?

public function body_hidden()
    {
        $indent = $this->isRTL ? '9999px' : '-9999px';
        $this->output('<div style="position:absolute; left:' . $indent . '; top:-9999px;">');
        $this->output('<div style="position:absolute;overflow:hidden;clip:rect(0 0 0 0);height:0;width:0;margin:0;padding:0;border:0;">');
        $this->waiting_template();
        $this->output('</div>');
    }
by
Yes, disable all add-ons and replace below function in qa-include/qa-theme-base.php file

    public function body_hidden()
    {
        $this->output('<div style="position:absolute;overflow:hidden;clip:rect(0 0 0 0);height:0;width:0;margin:0;padding:0;border:0;">');
        $this->waiting_template();
        $this->output('</div>');
    }
by
In php 7.0, I've disabled plugins. I'm waiting to hear from you. Thank you.
by
Hello there,

I have completed the necessary operations. I've reinstalled the plugins, and the resulting link is now safe?

https://neyseya.com/wp-content/uploads/2018/12/test.png
by
@Emre, malware warning is fixed now. Your q2a will be faster with php 7.x. I need more time to do testing of your site for other issues, will update you once done.

There are other issues with your site. sent PM to you, check. I dont want to list those here.

1 Answer

+2 votes
by
Emre, Q2A is completely safe but if your hosting server is not safe then it can be hacked. If someone replaces you index file it means permission on root folder are not correct. Better check your hosting. If you want me to check vulnerability of your site then PM me your site link.

also check your site here

https://sitecheck.sucuri.net/

It is better to update site to 1.8 version, there are many fix and features available. You can see complete list here.

http://question2answer.org/versions.php
Snow Theme by Q2A Market
Powered by Question2Answer
...