Title: Generate Security.txt
Author: Vereniging van Registrars
Published: <strong>August 16, 2024</strong>
Last modified: June 29, 2026

---

Search plugins

![](https://ps.w.org/generate-security-txt/assets/icon.svg?rev=3137589)

# Generate Security.txt

 By [Vereniging van Registrars](https://profiles.wordpress.org/verenigingvanregistrars/)

[Download](https://downloads.wordpress.org/plugin/generate-security-txt.1.0.14.zip)

 * [Details](https://scn.wordpress.org/plugins/generate-security-txt/#description)
 * [Reviews](https://scn.wordpress.org/plugins/generate-security-txt/#reviews)
 *  [Installation](https://scn.wordpress.org/plugins/generate-security-txt/#installation)
 * [Development](https://scn.wordpress.org/plugins/generate-security-txt/#developers)

 [Support](https://wordpress.org/support/plugin/generate-security-txt/)

## Description

Security.txt is an open standard (RFC 9116) that allows ethical hackers and security
researchers to contact you when they have found a vulnerability on your website.

The principle is simple and effective: contact information is put into a txt file
and placed in a fixed location in your website’s directory structure (well-known
folder). In this way, contact can easily be made.

This plugin helps you to create and place the security.txt file without any knowledge
of the open standard. This makes you easily accessible in case something is wrong
with your website.

This plugin is completely free to use and does not include any advertisements or
paid version.

## Screenshots

[⌊/assets/screenshot-1.png⌉⌊/assets/screenshot-1.png⌉[

/assets/screenshot-1.png

[⌊/assets/screenshot-2.png⌉⌊/assets/screenshot-2.png⌉[

/assets/screenshot-2.png

## Installation

 1. Upload `generate-security-txt` folder to the `/wp-content/plugins/` directory
 2. Activate the plugin through the ‘Plugins’ menu in WordPress
 3. Go the Tools > Generate Security.txt
 4. Find out of you have any critical requirements that you miss through the plugin
    admin interface like HTTPS or the PHP-extension ‘gnupg’.
 5. Generate your keys and security.txt

## FAQ

### What if I don’t have the PHP-extension ‘gnupg’

You will not be able to generate keys and sign your security.txt. This isn’t a full
requirement as per securitytxt.org, but an internet.nl validation will not green-
light the file.

We recommend contacting your webhostingprovider and ask them how to enable this 
extension.

### What if I don’t have HTTPS

Your security.txt file will not be valid without URIs starting with ‘https://’. 
It’s critical as per securitytxt.org standards

## Reviews

![](https://secure.gravatar.com/avatar/4b09b28c8718b371b6a8128ab4e84da3f619b1230f0555c8d6a64536e0cb826b?
s=60&d=retro&r=g)

### 󠀁[Works quick and easy](https://wordpress.org/support/topic/works-quick-and-easy-2/)󠁿

 [Brian](https://profiles.wordpress.org/geusmedia/) November 3, 2025

Almost a one-button-done solution.

 [ Read all 1 review ](https://wordpress.org/support/plugin/generate-security-txt/reviews/)

## Contributors & Developers

“Generate Security.txt” is open source software. The following people have contributed
to this plugin.

Contributors

 *   [ Vereniging van Registrars ](https://profiles.wordpress.org/verenigingvanregistrars/)

“Generate Security.txt” has been translated into 1 locale. Thank you to [the translators](https://translate.wordpress.org/projects/wp-plugins/generate-security-txt/contributors)
for their contributions.

[Translate “Generate Security.txt” into your language.](https://translate.wordpress.org/projects/wp-plugins/generate-security-txt)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/generate-security-txt/),
check out the [SVN repository](https://plugins.svn.wordpress.org/generate-security-txt/),
or subscribe to the [development log](https://plugins.trac.wordpress.org/log/generate-security-txt/)
by [RSS](https://plugins.trac.wordpress.org/log/generate-security-txt/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 1.0.14

Security fix: removed direct AJAX access to internal generation actions and added
authorization checks to endpoints and mutating workers.

#### 1.0.13

Security fix: removed direct AJAX access to internal generation actions and added
authorization checks to status callbacks.
 Bugfix: expired security.txt reminders
now use expired wording instead of future-expiry wording. Updated dependencies

#### 1.0.12

Capability filter added
 Nonce checks added Pubkey store changed to .well-known 
directory Archive.org request only for public websites

#### 1.0.11

New 1 month reminder email feature
 Bugfix with for wrong canonical and security
check when installation base url is not domain root Updated dependencies

#### 1.0.10

Updated dependencies

#### 1.0.9

Updated dependencies

#### 1.0.8

Updated internet.nl conform
 New log feature New file has verification feature

#### 1.0.6

Normalize end of line characters

#### 1.0

 * Initial release version

## Meta

 *  Version **1.0.14**
 *  Last updated **1 week ago**
 *  Active installations **500+**
 *  WordPress version ** 6.3 or higher **
 *  Tested up to **7.0.1**
 *  Languages
 * [Dutch](https://nl.wordpress.org/plugins/generate-security-txt/) and [English (US)](https://wordpress.org/plugins/generate-security-txt/).
 *  [Translate into your language](https://translate.wordpress.org/projects/wp-plugins/generate-security-txt)
 * Tags
 * [responsible disclosure](https://scn.wordpress.org/plugins/tags/responsible-disclosure/)
   [security](https://scn.wordpress.org/plugins/tags/security/)[security.txt](https://scn.wordpress.org/plugins/tags/security-txt/)
 *  [Advanced View](https://scn.wordpress.org/plugins/generate-security-txt/advanced/)

## Ratings

 5 out of 5 stars.

 *  [  1 5-star review     ](https://wordpress.org/support/plugin/generate-security-txt/reviews/?filter=5)
 *  [  0 4-star reviews     ](https://wordpress.org/support/plugin/generate-security-txt/reviews/?filter=4)
 *  [  0 3-star reviews     ](https://wordpress.org/support/plugin/generate-security-txt/reviews/?filter=3)
 *  [  0 2-star reviews     ](https://wordpress.org/support/plugin/generate-security-txt/reviews/?filter=2)
 *  [  0 1-star reviews     ](https://wordpress.org/support/plugin/generate-security-txt/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/generate-security-txt/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/generate-security-txt/reviews/)

## Contributors

 *   [ Vereniging van Registrars ](https://profiles.wordpress.org/verenigingvanregistrars/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/generate-security-txt/)