i ran severel years a mini confluence wiki with a few pages. This Confluence instance was infected with malware (kinsing), due to time indisposition I just stopped the server and did not deal with it further.
Currently, we have decided to migrate this confluence installation to the cloud, but when I try to start the server, the confluence is in the "install database" state and cannot be exited.
I would like to ask - is there any option to recover data? Conflucene is connected to the mysql database, I have a backup of it, but I am not familiar with the tables structure. it would be enough for us to find out the content stored in the spaces.
Would anyone have any advice on this?
Thanks for any advice, regards, Rene
Your instinct to reach for a backup is exactly right. I would want to start with a clean installation of the software, in a different location (ideally different server - nuke the old one from orbit, it's the only way to be sure)
Your malware attack might have damaged the data in the database, but it won't be able to inject anything that can proliferate, so even if it has damaged your data, your backups should be fine.
To recover, I would
The question at this points becomes what type of backup you have taken. If your database has not been affected by the malware, then you could just stop Confluence, point it at your old database, move the attachments to the new server, restart it and kick off a re-index. If your backup is a database dump, you can do much the same after restoring the dump to a new database. Or if you're relying on the XML backups, go to Admin -> backups -> Restore to re-import everything. There are, of course, other backup methods, so we'd need more info if you have used something else.