Paper Lantern for cPanel accounts is being retired this year. Find out more »
cPanel & WHM Version 102 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Create a public security.txt page so cPanel's security@cpanel.net email address is easier to find

cPRex shared this idea 11 days ago
Needs Review

Many companies provide a security.txt page at domain.com/.well-known/security.txt that provides information on who to contact in the event a security issue is found. While cPanel does provide the "security@cpanel.net" email address, that is not well known to all users.

Providing a page at cpanel.net/.well-known/security.txt would make this information public and accessible.

You can see an example of this at https://www.google.com/.well-known/security.txt, which currently has the following details:

Contact: https://g.co/vulnz
Contact: mailto:security@google.com
Encryption: https://services.google.com/corporate/publickey.txt
Acknowledgements: https://bughunters.google.com/
Policy: https://g.co/vrp
Hiring: https://g.co/SecurityPrivacyEngJobs

Leave a Comment
 
Attach a file