My WordPress site (hosting Aruba.it) has been compromised by unknown files and scripts and is blocked at the moment. I need a seasoned WordPress security specialist to perform a complete deep-clean, safeguard my data, and return the site to full health without interrupting normal operation. Scope of work • Make a full off-server backup of every file and the database before touching anything. • Identify and remove every trace of infection—even hidden or obfuscated code—then verify that pages load correctly and no redirects, spam, or rogue scripts remain. • Restore the cleaned site on the live server so all content, media, plugins, and core functionality behave exactly as they did prior to the hack. • Hard-secure the installation (FTP permissions, wp-config tweaks, database hardening, recommended plugins, .htaccess rules, etc.) to minimise the risk of repeat attacks. Acceptance criteria / deliverables 1. Downloadable backup of the original site and a second backup of the cleaned, hardened version. 2. A fully functional WordPress website, malware-free, with no residual “unknown files or scripts” warnings. 3. A brief security report outlining what was removed and the preventive measures applied, plus any ongoing recommendations. 4. The website is restored to the original You will need strong experience with FTP, phpMyAdmin, and direct database work, along with a proven track-record of WordPress malware removal and site hardening. Speed, accuracy, and zero data loss are critical.