MYSQL database users


#1

I have malware somewhere in most of my sites. I located it and removed it last month, but it’s back, despite my crazy passwords.

I’ve been poking all around dreamhost today, check index.php, header.php etc etc all the usual suspect.

I’ve also deleted a bunch of unnecessary subdomains and databases, but wanted to double check that i’ve truly purged them from the server.

As I was checking MYSQL databases, I noticed under users, several odd names (and also some odd names for databases… eg: oneofmydomainnames_c_1)

Shouldn’t all the users just be me? no one else has permission… They are all odd names.

I’m afraid to delete the user because i don’t know if dreamhost defaulted to that… afraid i won’t have access myself!!

I hope this makes sense and that someone can assist me.

Thanks so much for any insight!!!


#2

If you used the One-Click Installer to set up any applications, it probably created those MySQL databases and usernames — it automatically creates them, and tries to name them based on the site it’s installing the app for. They’re unlikely to be the result of malicious behavior.


#3

thank you for your reply!

Most of mine DO have user names that are based on the site name… but a couple have odd ones like “fdsrjhd”

i’m concerned because I have malware on ALL of my sites that are on my server…


#4

Our One-Click Installer used some pretty weird database names in the past, particularly for Easy One-Click Installs. If you’re concerned, though, please contact Support directly (through the Panel) so they can have a look!