If I understand correctly, you need an adaptive width and height of the blocks?
https://codepen.io/dcfanoid/pen/JmMyeG

Width/height as a percentage is calculated from the width/height of the parent block.
I think you want to reduce the height of your block when you decrease the width.
If so, you need to use vw units.

There may be attacks on the web server itself, which serves your site to clients when requested from a browser.
And in this case - the application code (html, css, js) no longer matters.
The site code itself (web server application) - does not process client requests.
And it is from this point of view that the site code is safe, but this does not mean at all that it is protected .

Pretty strange question.
By itself, static html is safe.
But there is a chance that they will break ftp or whatever you have there.

Yes. Safe.

The site itself, in this case, is a set of static pages, which means that the site itself is safe.
But the software on the Web server may be vulnerable. What do you have there? Apache? Nginx? And what operating system? Here is an example of a vulnerability on Apache, where, with a large number of requests, the server starts to behave incorrectly. In order not to worry that your software has such vulnerabilities, it is necessary to make updates periodically.
Another hack option is to take control of your server. How do you manage the server? SSH? Remote Desktop? If you have simple authentication through login and password, then urgently change to authentication by key (google those ssh key). If you have a simple username and password (for example, root:password) then consider that you have already been hacked.
To give a more specific answer, you need to clearly understand: what exactly we protect and from what we protect.