Hacked website

Hi,

During the past weeks, I have been trying to get rid of some malware I suppose.

Last month, I noticed my website was redirected to malicious websites after clicking anywhere on the page.

I ran scans with all kinds of security plugins (Wordfence, Cerber, Malcure, just to name a few…)

Except Malcure which detected malicious code in the database, none of the scans allowed to reveal malicious files on the server.

Yet, I reuploaded a clean version of wordpress except from the content folder, and I deleted weird files I could see through the FTP in the uploads folders.

With PHPmyadmin, I looked for the malicious URL my website was redirected to (dolohen.com) to see which tables were infected. Then I manually cleaned the infected tables, which were wp_posts and wp_options.

I changed my admin password, and all the editors, and authors passwords on the website. I changed the database user, and password etc.

I had tried securing the website with .htaccess (disallowing editing via wordpress, disallowing certain uploads…)

But it kept coming back…

Then I noticed another issue which was a pop-up window asking people to click to continue browsing the website (p79479.com).

So, I did the same thing all over again.

Now, my admin password has changed twice already today. I had to reset it. So, I added 2 factor authentication… I searched for the aforementioned bits of malicious codes in my database, and didn’t find anything.

Yet, I’m not sure my site is completely clean, and my host doesn’t provide those kinds of services. Thus, here I am, asking for help.

Has anyone ever dealt with dolohen.com / p79479.com hacks?

Thanks in advance for your feedback.

The page I need help with: [log in to see the link]