# Security Policy for FunToHard.online # RFC 9116 compliant security.txt file Contact: mailto:funtohard@gmail.com Contact: mailto:security@funtohard.online Contact: https://funtohard.online/report Expires: 2025-12-31T23:59:59.000Z Encryption: https://funtohard.online/.well-known/pgp-key.txt Acknowledgments: https://funtohard.online/security-acknowledgments Preferred-Languages: en Canonical: https://funtohard.online/.well-known/security.txt Policy: https://funtohard.online/security-policy # Scope # This security policy applies to: # - https://funtohard.online # - https://www.funtohard.online # - https://games.funtohard.online # - All associated APIs and services # Reporting Guidelines # We take security seriously. If you discover a security vulnerability, # please report it responsibly through one of the contact methods above. # # Please include: # - A clear description of the vulnerability # - Steps to reproduce the issue # - Potential impact assessment # - Your contact information for follow-up # # We commit to: # - Acknowledging receipt within 24 hours # - Providing regular updates on our progress # - Crediting researchers (with permission) # - Not pursuing legal action for good faith security research # Bug Bounty # While we don't currently offer monetary rewards, we do provide: # - Public acknowledgment on our security page # - Direct communication with our development team # - Contribution recognition in our changelog # Out of Scope # The following are considered out of scope: # - Social engineering attacks # - Physical attacks # - Denial of service attacks # - Spam or rate limiting bypass # - Issues in third-party services we don't control # - Self-XSS that requires user interaction # Safe Harbor # We consider security research conducted under this policy to be: # - Authorized concerning the Computer Fraud and Abuse Act # - Authorized concerning relevant anti-hacking laws # - Exempt from the Digital Millennium Copyright Act (DMCA) # - Protected activity under relevant whistleblower laws # Thank you for helping keep FunToHard secure!