HiRestore a backup from a time before the websites were attacked, then update wordpress and all the plugins on all of them. That's what backups are for, to restore to broken system, website or application to a time when they were working correctly.
Let me tell you a short story of my websites. All my websites have been running in the server of my previous hosting company, say old_h_com, without problem for several years and some of the websites even running >10 years. I just changed to this new hosting, say new_h_com, about 3 months ago. The cause of this change is NOT cost. It is because the old_h_com is not experienced on WordPress sites.Yeah, you can use Cerber in addition to WordFence. Both are really only good at preventing - and NOTHING is 100% secure, making backups very important. It's also possible that someone else on your shared hosting is infected and your hosting company isn't very good at their jobs.
OK, I haven't compressed it. It is a small .php file of size 16.6kB. The file has been sent.Anyhow, send me a copy of the file - if you want. DO NOT SEND IT UNCOMPRESSED! Send me lock360.php to admin *at* linux-tips.us and I'll take a look at it. Be sure to compress it. I won't get time to look at it tonight, but I'll see what time I can free up tomorrow.
I'll go through it later. ThanksSee also the longer answer here:
I have to fix a website that is infected with malware. When I try to access to the WP Admin it says "to many redirects". Hosting company did a scan, there were to many infected files. I m...stackoverflow.com
I have backups and Duplicator Migration packages of all websites download to PC, local network. Also I found Softaculous on cPanel (pls see screenshot - screenshot_softaculous_backups.png attached). I suppose they are automatically created by the server of my new_h_com.And, you don't have any backups you can push out? It's cPanel, so you might have Softaculous backups or you may have JetBackup?
Este archivo se instala junto a los archivos de tu web y a través de el se obtiene acceso a todos los archivos. Creando y modificando a su antojo.flejedecosas.com
You may need to translate it.
Hi HGIII,The reason for compressing it isn't the size, but so that I actually get the attachment. I'll retrieve it from the server and take a look at it.
An automatic translator, such as deepl.com, should be good enough to translate the page that's in Spanish.
Oh sorry. I'll compressed the file and resend it to you. Please advise;Oh, yeah, the server appears to have eaten it - probably because it thinks it's malware. That's why you should compress it, so you can make it through my email system. I was unable to find it anywhere, including in the quarantined folder.