My website is hosted on a GoDaddy shared plan and visitors are being sent to malicious pages at random moments while browsing. I have not yet attempted any fixes, so the server and site are still in the exact state where the problem can be observed. What I need now is a complete clean-up and hardening process: • Identify every injected file, script, or database entry that causes the redirects. • Eliminate the malware and close any back-doors. • Patch core, theme, and plugin vulnerabilities (WordPress tools like WP-CLI, Sucuri, ImunifyAV, or similar are fine as long as you document the steps). • Provide a post-cleanup security report and brief recommendations I can follow to keep the site clean. Acceptance criteria – No redirections or malicious requests for at least 72 hours after the fix. – Google Safe Browsing and other scanners show the domain as clean. – I receive a concise list of everything you changed. I can supply GoDaddy cPanel, FTP, and WordPress admin credentials once we agree on the start time.