security.txt in bulk

[robert199311]

Hi all,

I would like to add a security.txt to the .well-known folders of all domains on my server. The contents of security.txt should all be the same. Does anybody know a way to do so without the need to do it manually?

kind regards,

Robert

 

[Richard G]

I'm not sure, you have to check owner afterwards, but probably you can just add it to the default directory.
This way it's place automatically when an account is created.

With the default directadmin I mean for admin:
/home/admin/domains/default
and for reseller:
/home/reseller/domains/default

create the .well-known directory in there with the security.txt in it.

Then create a new test domain. If the directory and file is made with the correct owner (being the user) then it works.

For existing domains you would still have to do it manually, but maybe that can be done with a perl command or something.

 

[robert199311]

Hi Richard,
Thank you, that's a great tip to start with! I was actually looking for existing domains but I'm not that good in creating scripts like that. Was hoping someone here maybe has a script on the shelf :-D

 

[Ohm J]

This is just idea. (Non-testing, Non-correct syntax)
Using nginx location

/etc/nginx/nginx-include.conf

location ^/.well-known/security.txt  {
    try_files $uri $uri/ /path/to/security.txt;
    break;
  }

 

[Indominus]

For anyone else (apache), you can add it in custom 'webapps.list'.

I've placed the file in /var/www/html/.well-known

[root@web02 custom]# pwd
/usr/local/directadmin/custombuild/custom
[root@web02 custom]# cat webapps.list
.well-known/pki-validation=.well-known/pki-validation
.well-known/security.txt=.well-known/security.txt
webmail=roundcube

Don't forget:
./build update
./build rewrite_confs