Make the internet a little safer, you want to help us out?
We at LinQhost take security very serious. But we also know we are humans and sometimes mistakes are made. If you ever find a serious security issue with one of our systems, please report them back to us. We are eager to learn from our mistakes and think whitehats are really cool! As an appreciation we will award you with a place in our eternal hall of fame!
You can report security issues to email@example.com. In order to get awarded in our bounty program we have some “rules-of-the-game” to follow.
- No data has been tampered (removed, changed etc) or been downloaded
- Keep the system in the same state as it was
- You have to be the first person to report the issue
- No service-disruption
- The affected system is an internal system and not a website from a Linqhost customer
- Serious security issue means: get local access (without credentials received from us), SQL injections, private information disclosure and other issues which can seriously affect our services
- (partial)missing security headers are excluded
- DDOS are excluded and make us extremely sad
- DNS records are excluded such as SPF or DKIM
- Automatic system scans are not accepted
- Details and some proof. Our goal is to fix stuff ASAP!
- We will NOT take legal actions against you as long as the above rules are followed
Hall of fame
Sumit Jain reported minor WordPress issue.
Some minor issues specific with our shared HPW servers (Reported by Josse Zwols)
www.linqhost.nl was vulnerable for clickjacking and a XSS problem in our past My LinQhost (Reported by Manikandan Rajakumar)