security.txt is an accepted standard for website security information that allows security researchers to report security vulnerabilities easily.

For more information please check https://en.wikipedia.org/wiki/Security.txt.

It has been introduced to Tiki in https://gitlab.com/tikiwiki/tiki/-/merge_requests/7832.

security.txt file requires .well-known folder to be available at the root of your project directory.

To create security.txt file in Tiki, use the console command below. Different options are explained in detail in the merge request.

php console.php security:generate --admin-contact="tel:+1 800-555-0100" --expires=365 --encryption="https://example.com/pgp/my-key.gpg" --signature-path="~/.gnupg/key.asc"