I run a web hosting service, so I have experience cleaning up infections and securing servers.
This bid includes cleanup on a couple standard Wordpress(the most common) site, or one moderately complex custom PHP site, ensuring Fail2ban is configured, enabling modsecurity and browsing around to ensure no false positives pop up. Keep in mind that modsecurity will need to be monitored to ensure no false positives impact site functionality.
These measures help prevent hacks, but the one crucial thing that needs to be done is ensuring that site software (wordpress/joomla/etc) is up to date. Even with a firewall and modsec running, outdated sites can still be infected.
Please note that this job includes updating the hacked site's software. If the site is very old, updating plugins/site software may cause visual/layout issues. Correcting these falls outside of this bid's scope and should be addressed by a web designer/frontend person.