Skip to main content
SecScannerSecScanner
Security ChecksFree ToolsPricingBlog
Get Started
Sign InGet Started
All Security Checks
ContentLow PriorityFree

Security.txt (RFC 9116)

Security.txt is a standard file that tells security researchers how to report vulnerabilities responsibly.

Why It Matters

Without clear reporting instructions, researchers might disclose vulnerabilities publicly or give up trying to report them. Security.txt makes responsible disclosure easier.

How We Check

We check for /.well-known/security.txt with required fields (Contact, Expires) and recommended fields (Encryption, Acknowledgments).

How to Fix

Create /.well-known/security.txt with Contact (email or URL), Expires date, and optionally Encryption key and Policy URL. Sign it with PGP if possible.

Related Security Checks

Content

Robots.txt Security Audit

Check Your Website Now

Run a free security scan to check for Security.txt (RFC 9116) issues and 58+ other security vulnerabilities.

Scan Your Website Free

Product

  • Security Checks
  • Free Tools
  • SSL Checker
  • Vulnerability Scanner
  • Email Security
  • Pricing
  • Compliance
  • Security Reports

Popular Checks

  • CSP Check
  • HSTS Check
  • TLS Version Check
  • SSL Expiry Check
  • SPF/DKIM/DMARC Check
  • Cookie Security Check
  • JS Vulnerability Scan
  • OCSP Stapling Check

Resources

  • Blog
  • Glossary
  • Contact

Legal

  • Terms of Use
  • Privacy Policy
  • Refund Policy
  • Cookie Policy

© 2025-2026 SecScanner. All rights reserved.