I have malware somewhere in most of my sites. I located it and removed it last month, but it’s back, despite my crazy passwords.
I’ve been poking all around dreamhost today, check index.php, header.php etc etc all the usual suspect.
I’ve also deleted a bunch of unnecessary subdomains and databases, but wanted to double check that i’ve truly purged them from the server.
As I was checking MYSQL databases, I noticed under users, several odd names (and also some odd names for databases… eg: oneofmydomainnames_c_1)
Shouldn’t all the users just be me? no one else has permission… They are all odd names.
I’m afraid to delete the user because i don’t know if dreamhost defaulted to that… afraid i won’t have access myself!!
I hope this makes sense and that someone can assist me.
Thanks so much for any insight!!!