前言介紹
- 這款 WordPress 外掛「wp-security-txt」是 2017-11-21 上架。
- 目前有 80 個安裝啟用數。
- 上一次更新是 2017-11-22,距離現在已有 2722 天。超過一年沒更新,安裝要確認版本是否可用。以及後續維護問題!
- 外掛最低要求 WordPress 4.9 以上版本才可以安裝。
- 外掛要求網站主機運作至少需要 PHP 版本 7.0 以上。
- 有 1 人給過評分。
- 還沒有人在論壇上發問,可能目前使用數不多,還沒有什麼大問題。
外掛協作開發者
外掛標籤
netsec | infosec | security | security.txt | responsible disclosure |
內容簡介
這個專案的目的是創建一個設置後即可忘記的外掛程式,可以輕鬆安裝,讓 WordPress 網站符合當前的 security.txt 規範。因此它具有高度的主觀性,但是可透過設定進行配置。它會自動進行配置,但建議您在啟用之後訪問外掛程式設定頁面。
security.txt 是一個草案的“標準”,允許網站定義安全策略。這個“標準”為安全研究人員提供了有關如何報告安全問題的明確指南,並允許漏洞獎勵計劃定義範圍。security.txt 相當於 robots.txt,但針對的是安全問題。
如果您需要配置幫助,外掛程式中內置了幫助頁面。對於開發人員,有線上文檔 WordPress Security Txt 的文檔可供參考,其源代碼位於 docs/ 目錄中。最合適的開始位置是 WordPress_Security_Txt 類的文檔。
翻譯:
翻譯
security.txt for WordPress 外掛程式包括以下 17 種語言的翻譯:
阿拉伯語 (PO 檔案)
孟加拉語 (PO 檔案)
加泰羅尼亞語 (PO 檔案)
中文 (簡體) (PO 檔案)
中文 (繁體) (PO 檔案)
英語 (PO 檔案)
英語 (澳大利亞) (PO 檔案)
英語 (美國) (PO 檔案)
法語 (PO 檔案)
德語 (PO 檔案)
印地語 (PO 檔案)
意大利語 (PO 檔案)
葡萄牙語 (
原文外掛簡介
The purpose of this project is to create a set-it-and-forget-it plugin that can be installed without much effort to get a WordPress site compliant with the current security.txt spec. It is therefore highly opinionated but built for configuration. It will automatically configure itself but you are encouraged to visit the plugin settings page after activating it.
security.txt is a draft “standard” which allows websites to define security policies. This “standard” sets clear guidelines for security researchers on how to report security issues, and allows bug bounty programs to define a scope. Security.txt is the equivalent of robots.txt, but for security issues.
There is a help page built into the plugin if you need help configuring it. For developers, there is documentation for wordpress-security-txt online, the source of which is in the docs/ directory. The most logical place to start are the docs for the WordPress_Security_Txt class.
Translations
The security.txt for WordPress plugin includes translations for the following 17 languages:
Arabic (PO file)
Bengali (PO file)
Catalan (PO file)
Chinese (Simplified) (PO file)
Chinese (Traditional) (PO file)
English (PO file)
English (AU) (PO file)
English (US) (PO file)
French (PO file)
German (PO file)
Hindi (PO file)
Italian (PO file)
Portuguese (PO file)
Portuguese (BR) (PO file)
Romanian (PO file)
Russian (PO file)
Spanish (PO file)
If you would like to contribute a new languge or you spotted in error in one of the translation files, please feel free to contribute directly to the public wordpress-security-txt POEditor project. Once accepted additions/modifications are automagically built by POEditor to PO/MO files and published to the wordpress-security-txt-translation repository.
The translations repository is included in builds submitted to the WordPress plugin directory. Users with the GitHub Updater Plugin don’t have to wait for builds to the WordPress plugin directory — they can get updated translations as soon as they’re published to the repository by POEditor.
Anonymous Statistics (Opt-in)
This plugin has an option — that is disabled by default and can only be enabled by explicilty opt-ing in on the security.txt Settings page — to collect anonymous statistics to help better understand how this plugin is used and how people are implementing their security.txt documents. The goal of collecting this data is to aid in research and design of the specification, the PHP library, the plugin itself, and to help us create a better experience for all users.
For example, one function of anonymous statistics is to send your security.txt document to our servers. This allows us to track what percent of users are implementing the specification according to the draft RFC, and how it might differ from the explicit definitions submitted to the Internet Engineering Task Force (IETF).
We respect your privacy and are happy to clarify on any aspect of the statistics collection and analysis. More importantly, you can verify this in the code for yourself on GitHub.
We do not track any personally-identifiable information and we are committed to protecting your privacy. With regards to performance, the tracking is implemented in such a way so as to not impact of your WordPress site at all.
Badges
All the badges!
各版本下載點
- 方法一:點下方版本號的連結下載 ZIP 檔案後,登入網站後台左側選單「外掛」的「安裝外掛」,然後選擇上方的「上傳外掛」,把下載回去的 ZIP 外掛打包檔案上傳上去安裝與啟用。
- 方法二:透過「安裝外掛」的畫面右方搜尋功能,搜尋外掛名稱「wp-security-txt」來進行安裝。
(建議使用方法二,確保安裝的版本符合當前運作的 WordPress 環境。
延伸相關外掛(你可能也想知道)
Security.txt Manager 》這個強大而使用者友善的 WordPress 外掛可以讓你直接從 WordPress 儀表板中創建、編輯和管理「security.txt」文件。作為任何站點中最重要的文件之一,「secur...。
Generate Security.txt 》總結:, - ,
- Security.txt是一個開放標準(RFC 9116),允許道德駭客和安全研究人員在他們發現您網站上的漏洞時聯繫您...。