The Textpattern Development Team can be contacted directly via email@example.com, whereby a member of our team will respond in due course. However, if your message is security-related, please adhere to the security reports information detailed below.
General email rules
Please refrain from using our email address to ask general questions about Textpattern CMS or to ask for support—rather, please make use of the extensive Textpattern documentation and the Textpattern support forum. Support enquiries will be ignored when sent to our contact or security email addresses. Thank you for your understanding and interest in Textpattern!
Enquiries relating to sponsored guest posts on our blog will be ignored. We do not participate in website backlink or link exchange campaigns, so please don't ask. We are not looking for website developers, mobile app developers, search engine marketing, search engine optimisaton or content audits. Repeat offenders will have their emails marked as spam, which will affect your email deliverability overall, so don't waste your time.
We take security very seriously! If you wish to report a Textpattern security issue please ensure that you’ve taken care of the following security precautions:
- Take steps to ensure any vulnerability or issue is not due to a third party script, malfunctioning server, or insufficient security precautions taken by you or your server admin (e.g. weak passwords).
- Report any and all security vulnerabilities to us first. Do not publicly disclose information about potential security bugs. It’s unhelpful, and can be damaging. We follow the RFPolicy 2.0, and expect you to in return.
- Allow us a reasonable amount of time to assess and address the issue before sharing details with others or otherwise making details public.
- Provide details as to the nature of the vulnerability, and examples of the steps to replicate it.
- We are a free, open source project run by volunteers. We do not offer monetary rewards or provide ‘bug bounties’ for discovering and/or reporting security issues. All security reports should be considered free of charge and voluntary on your part, though we do endeavour to credit researchers for bringing issues to our attention. Thank you for your understanding.
Please report vulnerabilities directly to firstname.lastname@example.org, where they will be dealt with by the development team.