I have a WordPress site that is continually being attacked. I am constantly removing files and suspicious code. It doesn't matter what I do they are continually getting in. I am pretty sure is not my host. I've gone through many troubleshooting guides and no luck. I reinstalled my backup version of the site, but they must have gotten in before I backed up the site.
I even installed Google authenticator and are still getting in. They must have still been in there when I installed it.
I need to hire someone to help me secure my site because this is more advanced than I am. I have gotten name of a couple of websites from these board to post jobs on, but I'm not exactly sure what I am looking for in someone I am hiring. What are some key things I should look for in their resumes/references? Does anyone know about what something like this should cost? I would greatly appreciate any tips.
Thanks in advance!