Anybody have experience with security.txt (on NS)?


as per title, security.txt is getting more attention and even TLD providers will provide discounts on domains having a correct security.txt file.


1 Like

No, no experience with it. But from reading that page, it seems like a simple text file that you’d serve at domain.tld/.well-known/security.txt. Doesn’t seem like there’d be anything unique involved in putting a text file at a specified path on your web server. The question I’d have would be whether (whoever wants it) wants it on every subdomain, or just at the apex domain; the former case would be a bit of a hassle.

Right, so the next question would be if one needs to create the ./well-known/ directory manually and if so where.

So there is a (sub) domain created by the WP module, and I have a domain created in NS8 admin gui and requested a certificate for it. 2 cases, 2 things to do/reckon with?