Hello!
Developer from the Pronouns.Page project here! I know some people may not believe that I actually am a developer, but you can check using multiple factors such as my SSH and PGP signatures on both here and GitLab (where Pronouns.Page source code is at), or by checking our official Github page where I am listed as a member and the domain has been verified (https://github.com/PronounsPage). Either way, the details aren't that important.
I wanna be clear, I am not here to speak on their behalf, but as a fellow "pronouns" website, I like to wander around and look at the others in the space.
I was looking around on the website, and noticed you don't have a security.txt file on there. While it's not essential, it's recently become something used on multiple platforms including Google (https://www.google.com/.well-known/security.txt), Facebook (https://www.facebook.com/.well-known/security.txt), and Github (https://github.com/.well-known/security.txt) just to name a few.
You can find some info at the main website talking about it (https://securitytxt.org/) as well as the RFC Publication (RFC 9116).
Implementation is pretty easy. I noticed when doing a DNS check, you use Cloudflare as your DNS management (as shown in your NS resolution). Cloudflare natively supports handling the availability of the file directly in their dashboard. Their documentation can be found here: https://developers.cloudflare.com/security-center/infrastructure/security-file/
Feel free to disregard this file if you want, I just thought it would be something cool to add so that people can know where to go to contact you if any security vulnerabilities are found.
Either way, thank you for at least looking at this.
Signed,
Benjamin
https://en.pronouns.page/@therealbenpai
https://benshawmean.com/
ben@benshawmean.com
Hello!
Developer from the Pronouns.Page project here! I know some people may not believe that I actually am a developer, but you can check using multiple factors such as my SSH and PGP signatures on both here and GitLab (where Pronouns.Page source code is at), or by checking our official Github page where I am listed as a member and the domain has been verified (https://github.com/PronounsPage). Either way, the details aren't that important.
I wanna be clear, I am not here to speak on their behalf, but as a fellow "pronouns" website, I like to wander around and look at the others in the space.
I was looking around on the website, and noticed you don't have a
security.txtfile on there. While it's not essential, it's recently become something used on multiple platforms including Google (https://www.google.com/.well-known/security.txt), Facebook (https://www.facebook.com/.well-known/security.txt), and Github (https://github.com/.well-known/security.txt) just to name a few.You can find some info at the main website talking about it (https://securitytxt.org/) as well as the RFC Publication (RFC 9116).
Implementation is pretty easy. I noticed when doing a DNS check, you use Cloudflare as your DNS management (as shown in your NS resolution). Cloudflare natively supports handling the availability of the file directly in their dashboard. Their documentation can be found here: https://developers.cloudflare.com/security-center/infrastructure/security-file/
Feel free to disregard this file if you want, I just thought it would be something cool to add so that people can know where to go to contact you if any security vulnerabilities are found.
Either way, thank you for at least looking at this.
Signed,
Benjamin
https://en.pronouns.page/@therealbenpai
https://benshawmean.com/
ben@benshawmean.com