Implementing security.txt.

A new standard has been proposed that will allow Web sites to provide a way to communicate security-related issues. A “security.txt” file containing the relevant information should be placed in the “.well-known” directory of the web server.

The securitytxt.org website has a form that allows you to quickly generate the text to be included in the “security.txt” file.

Copy the text you just generated and paste it into the file. Go to the root directory of your website and op the file.

# vi .well-known/security.txt
Contact: https://pieterbakker.com/contact/
Expires: 2023-11-09T23:00:00.000Z

The minimal information you need to publish is “Contact” and ” Expires”.