Security Txt
The Security Txt plugin is a robust solution designed to automate the generation of a security.txt file for websites powered by Publii CMS. With an intuitive user interface, the plugin allows site administrators to provide essential and optional information that will be included in the generated security.txt file. This file is a standardized method for security researchers to report vulnerabilities found on your website.
What is security.txt?
The security.txt file acts as a formal protocol, allowing organizations to define how to report security issues affecting their websites. It offers a quick and efficient way for security researchers to find the appropriate contact within an organization and understand the accepted reporting procedures.
Key Features
- Contact Information: Clearly define the method for reporting security issues.
- Expiration Date: Specify when the information in the
security.txtfile will be considered outdated. - Encryption: Provide a URL to a public PGP key to enable secure communications.
- Acknowledgments: Include a link to a page that recognizes the contributions of security researchers.
- Policy: Direct users to your vulnerability disclosure policy with a URL.
- Hiring: If you’re hiring in the security field, include a link to your job listings.
- Signature: Add a digital signature for verification of the
security.txtfile. - Preferred Languages: State which languages you prefer for security reports.
- Canonical: Checkbox indicating that the security.txt file is located in the site’s root directory.
- Additional Directives: Allows you to add custom directives not predefined in the plugin.
Details
- Version:
- Updated:
- Oct, 04 2023
Requirements and compatibility
- Browser:
- Edge, Firefox, Chrome, Safari, Opera
- Requirements:
- Publii 0.43 and up