{"id":15026269,"url":"https://github.com/austinheap/wordpress-security-txt","last_synced_at":"2025-10-03T23:32:28.665Z","repository":{"id":62489626,"uuid":"111479243","full_name":"austinheap/wordpress-security-txt","owner":"austinheap","description":"A plugin for serving `security.txt` in WordPress 4.9+, based on configuration settings. https://securitytext.org/","archived":true,"fork":false,"pushed_at":"2019-01-07T18:55:57.000Z","size":1574,"stargazers_count":4,"open_issues_count":2,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-12-16T19:44:48.304Z","etag":null,"topics":["beta","php","php7","php70","php71","php72","security","security-txt","wordpress","wordpress-plugin","wordpress49","wordpress5"],"latest_commit_sha":null,"homepage":"https://wordpress.org/plugins/wp-security-txt/","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/austinheap.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"security.txt","support":null}},"created_at":"2017-11-21T00:44:34.000Z","updated_at":"2023-01-28T09:42:51.000Z","dependencies_parsed_at":"2022-11-02T11:15:40.952Z","dependency_job_id":null,"html_url":"https://github.com/austinheap/wordpress-security-txt","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/austinheap%2Fwordpress-security-txt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/austinheap%2Fwordpress-security-txt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/austinheap%2Fwordpress-security-txt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/austinheap%2Fwordpress-security-txt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/austinheap","download_url":"https://codeload.github.com/austinheap/wordpress-security-txt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235204448,"owners_count":18952326,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["beta","php","php7","php70","php71","php72","security","security-txt","wordpress","wordpress-plugin","wordpress49","wordpress5"],"created_at":"2024-09-24T20:04:10.702Z","updated_at":"2025-10-03T23:32:23.080Z","avatar_url":"https://github.com/austinheap.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# WordPress 4.9+ `security.txt` Plugin\n\n![wordpress-security-txt banner for the WordPress Plugin Directory](assets/banner-1544x500.png?raw=true)\n\n[![License](https://img.shields.io/packagist/l/austinheap/wordpress-security-txt.svg)](https://github.com/austinheap/laravel-security-txt/blob/master/LICENSE.md)\n[![Current Release](https://img.shields.io/github/release/austinheap/wordpress-security-txt.svg)](https://github.com/austinheap/wordpress-security-txt/releases)\n[![Total Downloads](https://img.shields.io/wordpress/plugin/dt/wp-security-txt.svg)](https://wordpress.org/plugins/wp-security-txt/)\n[![Build Status](https://travis-ci.org/austinheap/wordpress-security-txt.svg?branch=master)](https://travis-ci.org/austinheap/wordpress-security-txt)\n[![Dependency Status](https://gemnasium.com/badges/github.com/austinheap/wordpress-security-txt.svg)](https://gemnasium.com/github.com/austinheap/wordpress-security-txt)\n[![Scrutinizer CI](https://scrutinizer-ci.com/g/austinheap/wordpress-security-txt/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/austinheap/wordpress-security-txt/?branch=master)\n[![StyleCI](https://styleci.io/repos/111479243/shield?branch=master)](https://styleci.io/repos/111479243)\n[![Maintainability](https://api.codeclimate.com/v1/badges/0de909dca20d2670d774/maintainability)](https://codeclimate.com/github/austinheap/wordpress-security-txt/maintainability)\n[![Test Coverage](https://api.codeclimate.com/v1/badges/0de909dca20d2670d774/test_coverage)](https://codeclimate.com/github/austinheap/wordpress-security-txt/test_coverage)\n[![SensioLabs](https://insight.sensiolabs.com/projects/5d9ed5a0-dbd0-45be-a92c-6d827483e742/mini.png)](https://insight.sensiolabs.com/projects/5d9ed5a0-dbd0-45be-a92c-6d827483e742)\n\n## A plugin for serving `security.txt` in WordPress 4.9+, based on configuration settings.\n\n***NOTE: This plugin requires PHP 7+. It will not function with PHP5.***\n\nThe purpose of this project is to create a set-it-and-forget-it plugin that can be\ninstalled without much effort to get a WordPress site compliant with the current\n[`security.txt`](https://securitytxt.org/) spec. It is therefore highly opinionated\nbut built for configuration. It will automatically configure itself but you are\nencouraged to visit the plugin settings page after activating it.\n\n[`security.txt`](https://github.com/securitytxt) is a [draft](https://tools.ietf.org/html/draft-foudil-securitytxt-00)\n\"standard\" which allows websites to define security policies. This \"standard\"\nsets clear guidelines for security researchers on how to report security issues,\nand allows bug bounty programs to define a scope. Security.txt is the equivalent\nof `robots.txt`, but for security issues.\n\nThere is [documentation for `wordpress-security-txt` online](https://austinheap.github.io/wordpress-security-txt/),\nthe source of which is in the [`docs/`](https://github.com/austinheap/wordpress-security-txt/tree/master/docs)\ndirectory. The most logical place to start are the [docs for the `WordPress_Security_Txt` class](https://austinheap.github.io/wordpress-security-txt/packages/WordPress.Security.Txt.html).\n\n## Installation\n\n### Step 1: Download a release\n\nNavigate over to the releases page and download the latest release.\n\n### Step 2: Upload the plugin to WordPress\n\nIn the admin section of your WordPress installation, navigate to 'Plugins' and click 'Add New Plugin'.\nYou will then be select the release you downloaded and upload it. It should be a zip file. After\nit has installed click 'Active' next to the plugin name.\n\n### Step 3: Configure your `security.txt` for WordPress (Optional)\n\nThe plugin will autoconfigure itself using settings from your Wordpress installation. You are encouarge\nthough to naviate over to the `security.txt` options page to customize your declarations and the plugin.\nThis is located under the 'Settings' admin menu, or if you have the menu bar option enabled it will also\nbe accessible via the top of your admin dashboard.\n\n### Step 4: Profit! \n\nYour `security.txt` file should now be available at [http://your-awesome-wordpress-site.com/.well-known/security.txt](#)!\n\nIf you have added your public GPG encryption key, it'll also be available at [http://your-awesome-wordpress-site.com/.well-known/gpg.txt](#).\n\n## Translations\n\nThe `security.txt` for WordPress plugin includes translations for the following 17 languages:\n\n* Arabic ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-ar_AR.po))\n* Bengali ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-bn_BN.po))\n* Catalan ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-ca_ES.po))\n* Chinese (Simplified) ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-zh_CN.po))\n* Chinese (Traditional) ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-zh_TW.po))\n* English ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-en_EN.po))\n* English (AU) ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-en_AU.po))\n* English (US) ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-en_US.po))\n* French ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-fr_FR.po))\n* German ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-de_DE.po))\n* Hindi ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-hi_IN.po))\n* Italian ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-it_IT.po))\n* Portuguese ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-pt_PT.po))\n* Portuguese (BR) ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-pt_BR.po))\n* Romanian ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-ro_RO.po))\n* Russian ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-ru_RU.po))\n* Spanish ([PO file](https://github.com/austinheap/wordpress-security-txt-translations/blob/master/wordpress-security-txt-es_ES.po))\n\nIf you would like to contribute a new languge or you spotted in error in one of the\ntranslation files, please feel free to contribute directly to the\n[public `wordpress-security-txt` POEditor project](https://poeditor.com/join/project/utTvBn327C). Once\naccepted additions/modifications are automagically built by POEditor to PO/MO files and\npublished to the [wordpress-security-txt-translation](https://github.com/austinheap/wordpress-security-txt-translations)\nrepository.\n\nThe translations repository is included in builds submitted to the WordPress plugin directory.\nUsers with the [GitHub Updater Plugin](https://github.com/afragen/github-updater) don't\nhave to wait for builds to the WordPress plugin directory -- they can get updated translations\nas soon as they're published to the repository by POEditor.\n\n## References\n\n- [A Method for Web Security Policies (draft-foudil-securitytxt-00)](https://tools.ietf.org/html/draft-foudil-securitytxt-00)\n- [php-security-txt](https://github.com/austinheap/php-security-txt)\n\n## Credits\n\nThis is a fork of [DevinVinson/WordPress-Plugin-Boilerplate](https://github.com/DevinVinson/WordPress-Plugin-Boilerplate),\nwhich was based on earlier work.\n\n- [DevinVinson/WordPress-Plugin-Boilerplate Contributors](https://github.com/DevinVinson/WordPress-Plugin-Boilerplate/graphs/contributors)\n\n## License\n\nThe MIT License (MIT). Please see [License File](LICENSE.md) for more information.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faustinheap%2Fwordpress-security-txt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faustinheap%2Fwordpress-security-txt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faustinheap%2Fwordpress-security-txt/lists"}