Implemented security.txt, but Security Insights still report non-implementation

Application Security
1

What is the name of the domain?

What is the error number?

n/a

What is the error message?

n/a

What is the issue you’re encountering

Implemented security.txt, but Security Insights still report non-implementation.

What steps have you taken to resolve the issue?

Enabled the built-in Cloudflare Security.txt option, generated a proper security.txt file including PGP keys, placed in /.well-known/

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full

What are the steps to reproduce the issue?

n/a

Screenshot of the error

Screenshot 2025-06-23 at 9.09.05 PM.png
Screenshot 2025-06-23 at 9.09.05 PM.png2246×200 29.5 KB

2

Anyone?

3

The scan in the screenshot was performed March 24th. Did you implement the change before or after that date?

4

Thanks for the reply!

I implemented it after, but have run several new scans and for some reason it doesn’t include that line item:

Screenshot 2025-06-25 at 3.52.46 PM
Screenshot 2025-06-25 at 3.52.46 PM2194×570 70.6 KB

5

There were other items which, when I resolved them, a new scan removed them from the list which was my expectation here.

6

While we’re here, the other 2 items about DMARC and SPF are telling me to use the “DNS EMail Security Wizard” but after literal hours searching, I can’t find how to get to/use that.

7

Still waiting on some answers/help with this, thank you! :slightly_smiling_face:

8

BUMP…Anyone?

9

Topic closes in 5 days, still need help…

11

One day left before this automatically closes; I thought this forum is how we’re supposed to get help since Cloudflare themselves offer no support??? :melting_face:

12

This topic was automatically closed after 15 days. New replies are no longer allowed.