security.txt is a draft Internet standard, proposed way back in September 2017. It is a simple text file in my root directory that contains my contact information.
The idea behind it is that it allows experts to easily contact me if a security issue is discovered on my site. It is required of all U.S. government websites by the Cybersecurity and Infrastructure Security Agency (CISA) in a binding directive that is – as far as I can tell – universally ignored, even by the CISA.
And … to me it seems silly and pointless. Why not just make my contact page accessible on my main menu? Then anyone can very easily contact me for any reason – security or otherwise.
But … there is always the possibility that I’m wrong. Maybe there is some really important reason to have a security.txt file that I don’t get and for some unfathomable reason no one has disclosed. So, https://wppov.com/security.txt.
