Skip to content

backdrop-contrib/securitytxt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

53 Commits

config

config

 
 

htaccess

htaccess

 
 

tests

tests

 
 

LICENSE.txt

LICENSE.txt

 
 

README.md

README.md

 
 

securitytxt.admin.inc

securitytxt.admin.inc

 
 

securitytxt.info

securitytxt.info

 
 

securitytxt.install

securitytxt.install

 
 

securitytxt.module

securitytxt.module

 
 

securitytxt.pages.inc

securitytxt.pages.inc

 
 

Repository files navigation

Security.txt

The securitytxt module provides the security.txt standard for Backdrop CMS.

Its purpose is to provide a standardised way to document your website’s security contact details and policy. This allows people to securely disclose vulnerabilities to you.

Requirements

If you are using backdrop version 1.22.0 or later then there are no special requirements.

However, if you are using backdrop version 1.21.4 or earlier then you must replace your .htaccess file with the one provided by this module at htaccess/modified.htaccess. This is because the original .htaccess file does not allow backdrop to serve pages starting with the .well-knownpath, see issue 5583.

Note: htaccess/original.htaccess is a copy of the default .htaccess file from backdrop version 1.21.4 which modified.htaccess is based on, it is only present for comparison purposes.

Installation

  • Install this module in the usual way, see the contributed modules of the user guide for details.

  • If you are using backdrop version 1.21.4 or earlier then you must replace your .htaccess file with the one provided by this module at htaccess/modified.htaccess, e.g. cp PATH_TO_CONTRIB_MODULES/securitytxt/htaccess/modified.htaccess PATH_TO_DOCUMENT_ROOT/.htacess.

  • Visit the configuration page under Administration > Configuration > System > Security.txt (admin/config/system/securitytxt) and enter the required information to create your security.txt file.

  • Once you have created your security.txt file you should provide a signature for it by visiting Administration > Configuration > System > Sign (admin/config/system/securitytxt/sign) and following the instructions.

  • Once you have completed all this configuration your security.txt and security.txt.sig files will be available at the following standard URLs:

    • /.well-known/security.txt
    • /.well-known/security.txt.sig

Issues

Bugs and feature requests should be reported in the Issue Queue.

Current Maintainers

Credits

License

This project is GPL v2 software. See the LICENSE.txt file in this directory for complete text.

Further reading

About

Provides a security.txt file for your site.

Topics

php security module backdrop backdropcms

Resources

Readme

License

GPL-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

9 watching

Forks

0 forks
Report repository

Releases 2

First Full Release Latest
Jun 8, 2022
+ 1 release

Packages

No packages published

Languages