I had a client that was using WordPress on GoDaddy and had an HTML website on GoDaddy. Both websites were hacked several times a couple of months ago. This prompted me to create an .htaccess security solution for my client and other GoDaddy clients and my own websites hosted on GoDaddy. I created a WordPress plugin called BulletProof Security. It uses an .htaccess security file that filters out XSS and SQL injection attack code. Yep it blocks base64_encode script injections. ;) I am very happy to report that it has now been over 6 months and none of the websites that are using my BulletProof Security WordPress plugin have been hacked. My BulletProof Security WordPress plugin is easily adapted for HTML websites. I am in the process of creating a pre-made html version for regular folks who are not coders. For anyone interested in immediate security protection for your HTML website on GoDaddy do a Google search for “BulletProof Security WordPress plugin” and you will find my WordPress plugin in the WordPress plugin repository. For now HTML users can download the PHP WordPress plugin from the WordPress repository and just use the secure.htaccess file that is included with my plugin.
All that is needed to use this secure .htaccess file on an HTML website is to edit and change the RewriteRule . /index.php [L] line of code in the secure.htaccess file to RewriteRule . /index.html [L]. This is of course assuming that your home page is index.html. If your home page is named something else than that would be the home page file name you would use instead. Example: www.yourwebsitename.com/home.html. Once you have made the edit / modification to the secure.htaccess file then just name the file to .htaccess (removing secure from secure.htaccess) and upload the .htaccess file to your website domain root folder. If you have a website in another folder other than the domain root folder (a subfolder ie http://www.yourwebsitename.com/anotherfolder/) the same file path modifications required for WordPress use applies to HTML website use. You need to add your subfolder name to these lines of code in the secure.htaccess file: RewriteBase /anotherfolder/ and for the RewriteRule: RewriteRule . /anotherfolder/index.html [L]
The HTML version of the BulletProof plugin will eventually have a nice GUI interface like WordPress plugin. I don’t have a whole lot of extra time these days. Someday I’ll get back to this project.
This is a rush post. I will fill it out with more detail later when I have more time. Add comments if you need clarification or help. Thanks.