Set up your security.txt file

To manage your security.txt ↗ file via the Cloudflare dashboard:

Log in to the Cloudflare dashboard ↗, select your account and domain.
Go to Security > Settings > Enable Security.txt.

From here, you can create and manage your security.txt file to provide the security research team with a standardized way to report vulnerabilities.

Fill in the following information:

(Required) Contact: You can enter one of the following to contact you about security issues:
- An email address: The email address must start with mailto:.
- A phone number: The phone number must start with tel:.
- A URL link: The URL link must start with https://.
Select Add more to add multiple contacts.
(Required) Expires at: Enter the expiration date and time of the security.txt file.
Encryption: A link to a key which security researchers can use to communicate with you.
Acknowledgements: A link to your acknowledgements page.
Canonical: Links to your security.txt file.
Hiring: A link to your security-related job openings.
Policy: A link to a policy describing what security researchers should do when searching for or reporting security issues.
Preferred languages: A list of language codes that your security team speaks.

Once you have entered the necessary information, select Save.

To edit your security.txt file, select Security > Settings > Edit Security.txt.

To download your security.txt file, select Security > Settings > Download Security.txt.

To delete your security.txt file, select Security > Settings > Delete Security.txt.

Cloudflare Dashboard Discord Community Learning Center Support Portal