Malware in my Wordpress
I have a Malware in various files of my wordpress.
I try to restores from a couples of backup but the problem persist.
I scanned the site and i find where are the malware files to remove it, but the malware don’t let me get in the wp-admin, so the only way to remove it, is getting to the database… But cloudron not let user access the wordpress database.
any suggestions to get into the database or how to remove malware files from a installation.
*The malware are not in the plugins or worpress files, the malware are estores in pages like, contact us, like terms and Conditions, etc.
Thanks in advance for any suggestions
But cloudron not let user access the wordpress database.
This is not the case. Please see https://docs.cloudron.io/guides/connect-mysql/ . You can also access the db via the CLI through the Web Terminal. Open Web terminal and there is a button on the top that says MySQL.
first of all, get yourself Wordfence - even the free version is pretty good in scanning for changed files. Once a system was infected it is best to set up everything new, export your blog posts and reimport in a fresh installation. I've seen it often that malware write reinstallation code somewhere in the options table, and finding that really in a pain in the butt.