Job Title: One-Time WordPress Security Cleanup & Hardening Project Project Description: We have recently experienced a malware/virus attack on our WordPress website and are in the process of recovering. We are looking for a security expert for a one-time project to perform a final, definitive cleanup and to "harden" the site against future attacks. The goal is to have the site professionally cleaned, audited, and secured, applying all industry best practices. Scope of Work / Deliverables: Complete Malware Removal: Perform a deep, server-level scan of all website files and the database. Manually inspect and remove all malicious code, backdoors, and suspicious files. Provide a guarantee (e.g., 30 days) that the site is 100% clean. Website Hardening: Implement all core WordPress security hardening best practices (e.g., protect wp-config.php, disable file editing, secure login URL, etc.). Review and set correct file/folder permissions. Review all user accounts, remove any suspicious ones, and enforce strong password policies. Security Tool Installation & Configuration: Install and configure a premium security plugin and Web Application Firewall (WAF) to block common attacks. Enable 2-Factor Authentication (2FA) for all admin accounts. Updates & Audit: Update WordPress core, all plugins, and all themes to their latest, secure versions. Remove any unused or "abandoned" plugins/themes that pose a security risk. Final Report: Provide a detailed report of all malware found, actions taken, and all hardening measures implemented. Provide recommendations for our team on how to maintain security moving forward (e.g., backup schedule, update process).