內容簡介
這個專案的目的是創建一個設置後即可忘記的外掛程式,可以輕鬆安裝,讓 WordPress 網站符合當前的 security.txt 規範。因此它具有高度的主觀性,但是可透過設定進行配置。它會自動進行配置,但建議您在啟用之後訪問外掛程式設定頁面。
security.txt 是一個草案的“標準”,允許網站定義安全策略。這個“標準”為安全研究人員提供了有關如何報告安全問題的明確指南,並允許漏洞獎勵計劃定義範圍。security.txt 相當於 robots.txt,但針對的是安全問題。
如果您需要配置幫助,外掛程式中內置了幫助頁面。對於開發人員,有線上文檔 WordPress Security Txt 的文檔可供參考,其源代碼位於 docs/ 目錄中。最合適的開始位置是 WordPress_Security_Txt 類的文檔。
翻譯:
翻譯
security.txt for WordPress 外掛程式包括以下 17 種語言的翻譯:
阿拉伯語 (PO 檔案)
孟加拉語 (PO 檔案)
加泰羅尼亞語 (PO 檔案)
中文 (簡體) (PO 檔案)
中文 (繁體) (PO 檔案)
英語 (PO 檔案)
英語 (澳大利亞) (PO 檔案)
英語 (美國) (PO 檔案)
法語 (PO 檔案)
德語 (PO 檔案)
印地語 (PO 檔案)
意大利語 (PO 檔案)
葡萄牙語 (
外掛標籤
開發者團隊
原文外掛簡介
The purpose of this project is to create a set-it-and-forget-it plugin that can be installed without much effort to get a WordPress site compliant with the current security.txt spec. It is therefore highly opinionated but built for configuration. It will automatically configure itself but you are encouraged to visit the plugin settings page after activating it.
security.txt is a draft “standard” which allows websites to define security policies. This “standard” sets clear guidelines for security researchers on how to report security issues, and allows bug bounty programs to define a scope. Security.txt is the equivalent of robots.txt, but for security issues.
There is a help page built into the plugin if you need help configuring it. For developers, there is documentation for wordpress-security-txt online, the source of which is in the docs/ directory. The most logical place to start are the docs for the WordPress_Security_Txt class.
Translations
The security.txt for WordPress plugin includes translations for the following 17 languages:
Arabic (PO file)
Bengali (PO file)
Catalan (PO file)
Chinese (Simplified) (PO file)
Chinese (Traditional) (PO file)
English (PO file)
English (AU) (PO file)
English (US) (PO file)
French (PO file)
German (PO file)
Hindi (PO file)
Italian (PO file)
Portuguese (PO file)
Portuguese (BR) (PO file)
Romanian (PO file)
Russian (PO file)
Spanish (PO file)
If you would like to contribute a new languge or you spotted in error in one of the translation files, please feel free to contribute directly to the public wordpress-security-txt POEditor project. Once accepted additions/modifications are automagically built by POEditor to PO/MO files and published to the wordpress-security-txt-translation repository.
The translations repository is included in builds submitted to the WordPress plugin directory. Users with the GitHub Updater Plugin don’t have to wait for builds to the WordPress plugin directory — they can get updated translations as soon as they’re published to the repository by POEditor.
Anonymous Statistics (Opt-in)
This plugin has an option — that is disabled by default and can only be enabled by explicilty opt-ing in on the security.txt Settings page — to collect anonymous statistics to help better understand how this plugin is used and how people are implementing their security.txt documents. The goal of collecting this data is to aid in research and design of the specification, the PHP library, the plugin itself, and to help us create a better experience for all users.
For example, one function of anonymous statistics is to send your security.txt document to our servers. This allows us to track what percent of users are implementing the specification according to the draft RFC, and how it might differ from the explicit definitions submitted to the Internet Engineering Task Force (IETF).
We respect your privacy and are happy to clarify on any aspect of the statistics collection and analysis. More importantly, you can verify this in the code for yourself on GitHub.
We do not track any personally-identifiable information and we are committed to protecting your privacy. With regards to performance, the tracking is implemented in such a way so as to not impact of your WordPress site at all.
Badges
All the badges!
