Hiya
We've received an email telling us our subscription is expiring. But i'm unclear how we go about renewing it.
We currently receive email notifications for vulnerabilities submitted for our domain (we signed up to these back when the site was still called xssposed).
Can you confirm you are effectively ending the old model completely and going forwards the only way to get email notifications of vulnerabilities posted on your site is via our security.txt file? And we have to post a link to a specific open bug bounty account (that itself has to be linked to a twitter account due to your sign in model) in that security.txt. We are working on a direct notification procedure for security.txt and wouldn't be able to link this to a specific 3rd party platform. We would still be interested in email notifications if that is possible - but you don't seem to offer alternative routes for verification. If not - fair enough - I guess we will part company.
Many thanks for your help with this and for the previous notifications,
Advice on notifications
Re: Advice on notifications
We discontinued support old notification model. Security.txt it's fast and easy method to confirm website ownership, all you need it's just add one string to your security.txt file. You can delete this string after verification.AS_BBC wrote: ↑Wed May 16, 2018 4:06 pmHiya
We've received an email telling us our subscription is expiring. But i'm unclear how we go about renewing it.
We currently receive email notifications for vulnerabilities submitted for our domain (we signed up to these back when the site was still called xssposed).
Can you confirm you are effectively ending the old model completely and going forwards the only way to get email notifications of vulnerabilities posted on your site is via our security.txt file? And we have to post a link to a specific open bug bounty account (that itself has to be linked to a twitter account due to your sign in model) in that security.txt. We are working on a direct notification procedure for security.txt and wouldn't be able to link this to a specific 3rd party platform. We would still be interested in email notifications if that is possible - but you don't seem to offer alternative routes for verification. If not - fair enough - I guess we will part company.
Many thanks for your help with this and for the previous notifications,
Who is online
Users browsing this forum: No registered users and 2 guests