John's wordpress blog

There is a commandline version of the wordfence plugin. You can use this to automate or script scanning your websites for malware. The output is just files which seem to be malware. You can then pass that list to the RM (remove) command. This is what I did. mkdir /scripts cd /scripts apt install python3.10 git clone https://github.com/wordfence/wordfence-cli sudo python /scripts/wordfence-cli/main.py scan /var/www/html/ I then took that list of files and gave them to the "rm" command. When it runs for the first time it will ask you to provide a "key" to it. You get that from wordfence's website.   https://www.wordfence.com/help/api-key/

There is a commandline version of the admin tools, called wp-cli, that you can install. However it does not let you run as "root", you have to turn into the web user to run it. Instruction manual here: https://developer.wordpress.org/cli/commands/plugin/ https://developer.wordpress.org/cli/commands/theme/ Here are some example commands: Force a theme update: sudo -u www-data -i -- wp theme update theme_name --path="/var/www/html/" Install a plugin (force update): sudo -u www-data -i -- wp   plugin install akismet --force --path="/var/www/html/" Bulk install plugins: cd /var/www/html/wp-content/ for i in `/bin/ls plugins` ; do (   sudo -u www-data -i -- wp   plugin install $i   --force --path="/var/www/html/" ) ; done Bulk enable or disable plugins: cd /var/www/html/wp-content/ for i in `/bin/ls plugins` ; do (   sudo -u www-data -i -- wp   plugin toggle $i   --force --path="/var/www/html/" ) ; done Reinstall the entire site: sudo -u www