{"id":177365,"date":"2023-06-15T06:39:37","date_gmt":"2023-06-15T06:39:37","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/security-txt-manager\/"},"modified":"2026-06-04T12:04:19","modified_gmt":"2026-06-04T12:04:19","slug":"security-txt-manager","status":"publish","type":"plugin","link":"https:\/\/es-pr.wordpress.org\/plugins\/security-txt-manager\/","author":15614093,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"1.2","stable_tag":"1.2","tested":"7.0","requires":"5.7","requires_php":"7.2","requires_plugins":null,"header_name":"Security.txt Manager","header_author":"HandyPlugins","header_description":"Security.txt Manager for WordPress.","assets_banners_color":"545084","last_updated":"2026-06-04 12:04:19","external_support_url":"","external_repository_url":"","donate_link":"https:\/\/handyplugins.co\/donate\/","header_plugin_uri":"https:\/\/github.com\/HandyPlugins\/security-txt-manager","header_author_uri":"https:\/\/handyplugins.co\/","rating":5,"author_block_rating":0,"active_installs":600,"downloads":7233,"num_ratings":2,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0":{"tag":"1.0","author":"handyplugins","date":"2023-06-15 06:39:22"},"1.0.1":{"tag":"1.0.1","author":"handyplugins","date":"2023-10-27 11:49:21"},"1.0.2":{"tag":"1.0.2","author":"handyplugins","date":"2024-11-07 07:02:39"},"1.0.3":{"tag":"1.0.3","author":"handyplugins","date":"2025-04-12 13:20:44"},"1.1":{"tag":"1.1","author":"handyplugins","date":"2025-11-22 10:43:02"},"1.2":{"tag":"1.2","author":"handyplugins","date":"2026-06-04 12:04:19"}},"upgrade_notice":{"1.2":"<p>Improves security.txt endpoint handling and adds server configuration guidance for Apache and Nginx.<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":0,"5":2},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":2926329,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":2926329,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256},"icon.svg":{"filename":"icon.svg","revision":2926329,"resolution":false,"location":"assets","locale":false}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":2926329,"resolution":"1544x500","location":"assets","locale":"","width":1544,"height":500},"banner-772x250.png":{"filename":"banner-772x250.png","revision":2926329,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{"blueprint.json":{"filename":"blueprint.json","revision":3560891,"resolution":false,"location":"assets","locale":"","contents":"{\"landingPage\":\"\\\/wp-admin\\\/admin.php?page=security-txt-settings\",\"preferredVersions\":{\"php\":\"8.0\",\"wp\":\"latest\"},\"phpExtensionBundles\":[\"kitchen-sink\"],\"features\":{\"networking\":true},\"steps\":[{\"step\":\"installPlugin\",\"options\":{\"activate\":true},\"pluginData\":{\"resource\":\"wordpress.org\\\/plugins\",\"slug\":\"security-txt-manager\"}},{\"step\":\"login\",\"username\":\"admin\",\"password\":\"password\"}]}"}},"all_blocks":[],"tagged_versions":["1.0","1.0.1","1.0.2","1.0.3","1.1","1.2"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":2926329,"resolution":"1","location":"assets","locale":"","width":1342,"height":944}},"screenshots":{"1":"Settings Page"}},"plugin_section":[],"plugin_tags":[221055,149751,600,149750],"plugin_category":[54],"plugin_contributors":[147258,79473],"plugin_business_model":[],"class_list":["post-177365","plugin","type-plugin","status-publish","hentry","plugin_tags-bug-bounty","plugin_tags-responsible-disclosure","plugin_tags-security","plugin_tags-security-txt","plugin_category-security-and-spam-protection","plugin_contributors-handyplugins","plugin_contributors-m_uysl","plugin_committers-handyplugins","plugin_committers-m_uysl"],"banners":{"banner":"https:\/\/ps.w.org\/security-txt-manager\/assets\/banner-772x250.png?rev=2926329","banner_2x":"https:\/\/ps.w.org\/security-txt-manager\/assets\/banner-1544x500.png?rev=2926329","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":"https:\/\/ps.w.org\/security-txt-manager\/assets\/icon.svg?rev=2926329","icon":"https:\/\/ps.w.org\/security-txt-manager\/assets\/icon.svg?rev=2926329","icon_2x":false,"generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/security-txt-manager\/assets\/screenshot-1.png?rev=2926329","caption":"Settings Page"}],"raw_content":"<!--section=description-->\n<p>This powerful yet user-friendly WordPress plugin enables you to create, edit, and manage your \"security.txt\" file directly from the WordPress dashboard. As one of the most critical files on any site, the \"security.txt\" file communicates your security policy and contact information to security researchers.<\/p>\n\n<h3>What is security.txt?<\/h3>\n\n<p>A proposed standard which allows websites to define security policies.<\/p>\n\n<p><a href=\"https:\/\/www.rfc-editor.org\/rfc\/rfc9116\">Read the RFC<\/a><\/p>\n\n<h3>Can I use this with multisite?<\/h3>\n\n<p>Yes! However, if you are using a subfolder installation it will only work for the main site. This is because you can only have one <code>security.txt<\/code> for a given domain or subdomain per the <a href=\"https:\/\/www.rfc-editor.org\/rfc\/rfc9116#section-3.1\">security.txt spec<\/a>.<\/p>\n\n<h3>Technical Notes<\/h3>\n\n<ul>\n<li>Requires PHP 7.2+.<\/li>\n<li>Requires WordPress 5.7+.<\/li>\n<li>Rewrites need to be enabled. Without rewrites, WordPress cannot know to supply <code>\/security.txt<\/code> when requested.<\/li>\n<li>The plugin registers rewrite rules for <code>\/.well-known\/security.txt<\/code> and <code>\/security.txt<\/code>; server-level rules may be needed if your web server handles those paths before WordPress.<\/li>\n<li>Your site URL must not contain a path (e.g. <code>https:\/\/example.com\/site\/<\/code> or path-based multisite installs). <a href=\"https:\/\/www.rfc-editor.org\/rfc\/rfc9116#section-3.1\">Learn more on spec<\/a>.<\/li>\n<\/ul>\n\n<h4>Contributing &amp; Bug Report<\/h4>\n\n<p>Bug reports and pull requests are welcome on <a href=\"https:\/\/github.com\/HandyPlugins\/security-txt-manager\">Github<\/a>.<\/p>\n\n<p><strong>If you like Security.txt Manager, then consider checking out our other projects:<\/strong><\/p>\n\n<ul>\n<li><a href=\"https:\/\/poweredcache.com\/\" rel=\"friend\">Powered Cache<\/a> \u2013 Caching and optimization for WordPress to help improve PageSpeed and Core Web Vitals.<\/li>\n<li><a href=\"https:\/\/handyplugins.co\/magic-login-pro\/\" rel=\"friend\">Magic Login Pro<\/a> \u2013 Easy, secure, and passwordless authentication for WordPress.<\/li>\n<li><a href=\"https:\/\/handyplugins.co\/sessionquota-pro\/\" rel=\"friend\">SessionQuota Pro<\/a> \u2013 Limit concurrent sessions in WordPress.<\/li>\n<li><a href=\"https:\/\/handyplugins.co\/stream-integration-pro\/\" rel=\"friend\">Stream Integration Pro<\/a> \u2013 Upload, sync, restore, and manage WordPress videos with Cloudflare Stream.<\/li>\n<li><a href=\"https:\/\/handyplugins.co\/easy-text-to-speech\/\" rel=\"friend\">Easy Text-to-Speech<\/a> \u2013 Convert written content into high-quality synthesized speech for WordPress.<\/li>\n<li><a href=\"https:\/\/handyplugins.co\/handywriter\/\" rel=\"friend\">Handywriter<\/a> \u2013 AI-powered writing assistant for WordPress.<\/li>\n<li><a href=\"https:\/\/handyplugins.co\/paddlepress-pro\/\" rel=\"friend\">PaddlePress PRO<\/a> \u2013 Paddle plugin for WordPress.<\/li>\n<\/ul>\n\n<!--section=installation-->\n<h4>Manual Installation<\/h4>\n\n<ol>\n<li>Upload the entire <code>\/security-txt-manager<\/code> directory to the <code>\/wp-content\/plugins\/<\/code> directory.<\/li>\n<li>Activate Security.txt Manager through the 'Plugins' menu in WordPress.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"how%20can%20i%20create%20security%20policy%3F\"><h3>How can I create security policy?<\/h3><\/dt>\n<dd><p>You can create it on https:\/\/securitytxt.org\/ website.<\/p><\/dd>\n<dt id=\"can%20i%20use%20this%20with%20multisite%3F\"><h3>Can I use this with multisite?<\/h3><\/dt>\n<dd><p>Yes! But won't work for the child sites on subdirectory setup due to <a href=\"https:\/\/www.rfc-editor.org\/rfc\/rfc9116#section-3.1\">security.txt spec<\/a><\/p><\/dd>\n<dt id=\"do%20i%20have%20to%20upload%20any%20files%3F\"><h3>Do I have to upload any files?<\/h3><\/dt>\n<dd><p>No. The plugin handles \".well-known\/security.txt\" and \"security.txt\" requests for your domain.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.2 (4 June, 2026)<\/h4>\n\n<ul>\n<li>Improved handling for <code>\/.well-known\/security.txt<\/code> and <code>\/security.txt<\/code> requests with WordPress rewrite rules.<\/li>\n<li>Added Apache and Nginx configuration examples to the settings screen for servers that handle security.txt paths before WordPress.<\/li>\n<li>Hardened request URI handling for the security.txt endpoint.<\/li>\n<li>Tested with WP 7.0<\/li>\n<\/ul>\n\n<h4>1.1 (22 November, 2025)<\/h4>\n\n<ul>\n<li>Minor tweaks.<\/li>\n<li>Tested with WP 6.9<\/li>\n<li>Dependency updates.<\/li>\n<\/ul>\n\n<h4>1.0.3 (12 April, 2025)<\/h4>\n\n<ul>\n<li>Tested with WP 6.8<\/li>\n<li>Dependency updates.<\/li>\n<\/ul>\n\n<h4>1.0.2 (19 March, 2024)<\/h4>\n\n<ul>\n<li>Tested with WP 6.5<\/li>\n<li>Dependency updates.<\/li>\n<\/ul>\n\n<h4>1.0.1 (22 July, 2023)<\/h4>\n\n<ul>\n<li>Tested with WP 6.3<\/li>\n<\/ul>\n\n<h4>1.0 (15 June, 2023)<\/h4>\n\n<ul>\n<li>First release<\/li>\n<\/ul>","raw_excerpt":"Create and manage your security.txt from within WordPress. The easiest way to manage security policy.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/es-pr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/177365","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/es-pr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/es-pr.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/es-pr.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=177365"}],"author":[{"embeddable":true,"href":"https:\/\/es-pr.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/handyplugins"}],"wp:attachment":[{"href":"https:\/\/es-pr.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=177365"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/es-pr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=177365"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/es-pr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=177365"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/es-pr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=177365"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/es-pr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=177365"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/es-pr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=177365"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}