I’ve just started putting security.txt files on my various sites. This is a place to list security researchers who have helped keep my sites more secure.
2024
- Thanks to Adrian Tirado Garcia for pointing out that my Exhibition site was allowing public directory listing, including letting everyone see my Capistrano configuration…
- Thanks to Parth Narula for pointing out that I still had the default Apache page configured.
2023
- Thanks to Gaurang Maheta for scanning the site and making several observations that have helped me lock things down a bit more securely.