GoDaddy is suggesting that my website has malware. They suggest I review htaccess file...
The file doesn't seem to have much in it... but I guess my website needs it... ? (I'm a layman, by the way).
What should I do? Should I delete all code that is currently in the file? My website has just several pages.
Here is the code currently in the file:
RewriteEngine on RewriteRule ^2693701498/(.)$ excitation-autographing.php [QSA,L] RewriteEngine on RewriteRule ^8460001373/(.)$ lucas-leia.php [QSA,L]
Not sure if that was placed there by whatever hacking bot attacked the website...
Thank you in advance!
Link to the website.
Based on your site I don't see how either of the .php files referenced have anything to do with your site. If you did not add those lines delete them.
Also, it would be wise to change any and all passwords (including FTP users) related to your website immediately.
What platform are you on?
You can change permissions in your file manager or FTP into your server -- I use Filezilla. Then right click on the .htaccess file and choose File Permissions. Try to set it at 664 and see if that makes a difference for you.
.htaccess is the settings file for Apache, it's normal for the file to exist.
But those lines are almost certainly put there maliciously. They'd be cleaned up be godaddy's website security product, but I'd remove it from your file, and make sure the php files it is pointing to don't exist in your hosting.