Cloudflare - deploying security.txt
Cloudflare - deploying security.txt
Frank
Thu Jul 30 2020 01:00:00 GMT+0100 (British Summer Time)
1 min read
Deploying security.txt using a cloudflare worker
Security.txt is a proposed standard which allows websites to define security policies. Further information on the standard and a generated is available at https://securitytxt.org/.
Cloudflare serverless workers can be used to server a security.txt file without depending on the hosting provider or CMS to support serving files from the /.well-known directory.
Creating the work
On the cloudflare dashboard, select “Workers and Pages” and click on the ‘Create Worker’ button
Choose a friendly name for the script e.g. security.txt
Click on Deploy then click on edit code
In the editor, put the following code:
let securitytxt = `Contact: mailto:[email protected]
Expires: 2024-07-30T23:00:00.000Z`;
export default {
async fetch(request) {
return new Response(securitytxt);
},
};Then click on save and deploy
Deploying the Worker to a Route
Go to a website/Zone and click on “Workers Routes”
Click on “Add Route”
Add a route to your new worker with the following text:
*domain.com/.well-known/security.txtreplacing domain.com with your domain name