Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.

Is it completely safe 1.8?

+1 vote
66 views
asked Nov 30 in Q2A Core by Emre
Hello there.

I was using version 1.7.5 before. There were thousands of users and thousands of questions. One day, the hacker site in another country uploaded our index file. What I'm saying is, is this an attack like this in the 1.8 version I'm using right now? What should I do if there is an attack?

Let me ask you: can I find out if there is a file vulnerability on the site?

So, if they want to change the index file again, can they do that? Is it completely safe for 1.8?

I am using translation, sorry.
Q2A version: 1.8
commented Nov 30 by ProThoughts
Yes, disable all add-ons and replace below function in qa-include/qa-theme-base.php file

    public function body_hidden()
    {
        $this->output('<div style="position:absolute;overflow:hidden;clip:rect(0 0 0 0);height:0;width:0;margin:0;padding:0;border:0;">');
        $this->waiting_template();
        $this->output('</div>');
    }
commented Nov 30 by Emre
In php 7.0, I've disabled plugins. I'm waiting to hear from you. Thank you.
commented Dec 1 by Emre
Hello there,

I have completed the necessary operations. I've reinstalled the plugins, and the resulting link is now safe?

https://neyseya.com/wp-content/uploads/2018/12/test.png
commented Dec 1 by ProThoughts
@Emre, malware warning is fixed now. Your q2a will be faster with php 7.x. I need more time to do testing of your site for other issues, will update you once done.

There are other issues with your site. sent PM to you, check. I dont want to list those here.

1 Answer

+2 votes
answered Nov 30 by ProThoughts
Emre, Q2A is completely safe but if your hosting server is not safe then it can be hacked. If someone replaces you index file it means permission on root folder are not correct. Better check your hosting. If you want me to check vulnerability of your site then PM me your site link.

also check your site here

https://sitecheck.sucuri.net/

It is better to update site to 1.8 version, there are many fix and features available. You can see complete list here.

http://question2answer.org/versions.php
...