Ability to place a security.txt file - Mendix Forum

Ability to place a security.txt file


It would be great if there is a way to properly place a security.txt for your mendix application.


In short: security.txt is a simple text file used to share your contact details in case someone finds a security issue on your website. More info: https://securitytxt.org/


This is especially important in some countries because it can be required for goverment websites.



Problem: no way to manually put a security.txt the .well-known webfolder.

Possible solution: If you place a security.txt file in your Mendix /resources folder it should be automatically placed in the correct webfolder (.well-known) on deployment


1 answers

We are working for a Dutch gov customer as well and were looking for a solution to this issue and so found this Idea. I wanted to comment that it is possible to do this manual as well. 


- go to App Directory

- create in ./theme/web folder a new /.well-known/ folder and add your security.txt file there

- commit your change in modeler, deploy new package to environment

- on Mendix Cloud under Environments go to Network tab. Change the access restriction for the folder. Set under Path based access restriction - the folder to be allowed to be accessed


Tested this to work on Mx Cloud with Mx8.