Description
Security.txt is an open standard (RFC 9116) that allows ethical hackers and security researchers to contact you when they have found a vulnerability on your website.
The principle is simple and effective: contact information is put into a txt file and placed in a fixed location in your website’s directory structure (well-known folder). In this way, contact can easily be made.
This plugin helps you to create and place the security.txt file without any knowledge of the open standard. This makes you easily accessible in case something is wrong with your website.
Screenshots
Installation
- Upload
generate-security-txt
folder to the/wp-content/plugins/
directory - Activate the plugin through the ‘Plugins’ menu in WordPress
- Go the Tools > Generate Security.txt
- Find out of you have any critical requirements that you miss through the plugin admin interface like HTTPS or the PHP-extension ‘gnupg’.
- Generate your keys and security.txt
FAQ
-
What if I don’t have the PHP-extension ‘gnupg’
-
You will not be able to generate keys and sign your security.txt. This isn’t a full requirement as per securitytxt.org, but an internet.nl validation will not green-light the file.
We recommend contacting your webhostingprovider and ask them how to enable this extension.
-
What if I don’t have HTTPS
-
Your security.txt file will not be valid without URIs starting with ‘https://’. It’s critical as per securitytxt.org standards
Reviews
There are no reviews for this plugin.
Contributors & Developers
“Generate Security.txt” is open source software. The following people have contributed to this plugin.
Contributors“Generate Security.txt” has been translated into 1 locale. Thank you to the translators for their contributions.
Translate “Generate Security.txt” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0
- Initial release version