I’ve just started putting security.txt files on my various sites. This is a place to list security researchers who have helped keep my sites more secure.
2024
- Thanks to Adrian Tirado Garcia for pointing out that my Exhibition site was allowing public directory listing, including letting everyone see my Capistrano configuration…
- Thanks to Parth Narula for pointing out that I still had the default Apache page configured.
- Thanks to KAVINKUMAR for noticing the lack of iframe origin policy on this WordPress install
- Thanks to AKHIL C.D. for noticing the lack of iframe origin policy on the One Mile Matt site.
- Thanks again to AKHIL C.D. for noticing an open redirection issue.
2023
- Thanks to Gaurang Maheta for scanning the site and making several observations that have helped me lock things down a bit more securely.