defaced files in vote plugin Topic is solved

[nettemor]

Hi,
i was told from my hoster that i have defaced files in my latest joomla 4 installation.

/media/plg_content_vote/images/vote-star-half.svg
www/media/plg_content_vote/images/vote-star.svg
How do i fix this? Can i just copy the "original files" from the installation package and overwrite these defaced (if they really are) files ?

Also all the kunena templates files that i bought are told to be defaced.

I am not sure what it means that its defaced, is it really hacked or is this just a kind of warning.

[AMurray]

You can "reinstall core files" from Joomla Update, yes. Try it. You should see an orange button within the Joomla Update interface. You need to set the update channel to "default" I think.

I wouldn't attempt to replace just the files in question, replace the entire install as above.

We need more information: without the context of what your web host told you we're not to know what you mean by "defaced". We need to see your site (provide a link) to the pages that are "defaced".

It may be just a template or compatibility problem. Same with the Kunena templates. Are they designed for J4? For Kunena, can you set it to the default template - or uninstall the extra templates and use the default? or uninstall Kunena altogether and reinstall?

The other solution, restore your site backup from a time before all this occurred.

[Webdongle]

Question ... how did they get defaced? And what do the defaced files look like.
https://sitecheck.sucuri.net/
https://mysites.guru/

[ceford]

These files are svg files. Here is my vote-star.svg:

Code: Select all

<svg aria-hidden="true" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"><!-- Font Awesome Free 5.15.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) --><path d="M259.3 17.8L194 150.2 47.9 171.5c-26.2 3.8-36.7 36.1-17.7 54.6l105.7 103-25 145.5c-4.5 26.3 23.2 46 46.4 33.7L288 439.6l130.7 68.7c23.2 12.2 50.9-7.4 46.4-33.7l-25-145.5 105.7-103c19-18.5 8.5-50.8-17.7-54.6L382 150.2 316.7 17.8c-11.7-23.6-45.6-23.9-57.4 0z"/></svg>

It is possible your host has run an svg security analyser that has returned false positives. Open your file with a text editor and see how it compares with the above.

[nettemor]

It seems like its a false positive on all these files. I have spoken to the developer of the kunena theme also, and he has checked it.
Also my host opened the site again, so seems like they agree that its a false positive.

Just dont know why this happens and its pretty annoing.

[JAVesey]

Just dont know why this happens and its pretty annoing.

It happens because your host runs a scanner that doesn't know enough about these types of files. That is the bottom line.