diff --git a/CHANGELOG.md b/CHANGELOG.md
index 51db63e1..7c27baec 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## Unreleased
+### Added
+- Add `/.well-known/security.txt` endpoint, documentation for it and (disabled) file check on container startup which
+ will crash the container intentionally if the file is missing. Check will be enabled with the release of version
+ 0.2.0, see also #225. Closes issue #131.
### Changed
- Constants are changed to contain type declarations, closes #211.
- Remove timeout from PHP-tasks, closes #220. CI timeouts still apply.
diff --git a/docker/supervisord/docker-entrypoint.sh b/docker/supervisord/docker-entrypoint.sh
index 1a19de53..d10e0fd7 100644
--- a/docker/supervisord/docker-entrypoint.sh
+++ b/docker/supervisord/docker-entrypoint.sh
@@ -2,6 +2,13 @@
set -e
+#todo: enable intentional container crash with the release of version 0.2.0
+#if [ ! -f /well-known-security.txt ]; then
+# echo "Error: Unable to start Ember Nexus API due to missing security.txt file at path /well-known-security.txt ."
+# echo "See https://ember-nexus.github.io/api/ for details."
+# exit 1
+#fi
+
mkdir -p /var/www/html/var/logs
touch /var/www/html/var/logs/log.log
diff --git a/docs/_sidebar.md b/docs/_sidebar.md
index 80a4a973..64774df8 100755
--- a/docs/_sidebar.md
+++ b/docs/_sidebar.md
@@ -51,6 +51,7 @@
- [POST` /search -` Search](/api-endpoints/search/post-search)
- **System Endpoints**
- [GET` /instance-configuration -` Get Instance Configuration](/api-endpoints/system/get-instance-configuration)
+ - [GET` /.well-known/security.txt -` Get Well Known security.txt](/api-endpoints/system/get-well-known-security-txt)
- **Error Endpoints**
- [GET` /error/400/bad-content`](/api-endpoints/error/get-400-bad-content)
- [GET` /error/400/forbidden-property`](/api-endpoints/error/get-400-forbidden-property)
diff --git a/docs/api-endpoints/system/get-well-known-security-txt.md b/docs/api-endpoints/system/get-well-known-security-txt.md
new file mode 100644
index 00000000..006fa3c4
--- /dev/null
+++ b/docs/api-endpoints/system/get-well-known-security-txt.md
@@ -0,0 +1,93 @@
+# GET` /.well-known/security.txt -` Get Well Known security.txt
+
+
+
+
+Returns the configured security.txt file.
+
+See [https://securitytxt.org/](https://securitytxt.org/) for details regarding this file standard.
+
+## Request Example
+
+```bash
+curl https://api.localhost/.well-known/security.txt
+```
+
+
+
+### **🟢 Success 200**
+
+Response Headers
+
+[Response Body](./get-well-known-security-txt/200-response-header.txt ':include :type=code')
+
+Response Body
+
+[Response Body](./get-well-known-security-txt/200-response-body.txt ':include :type=code')
+
+
+
+
+
+## Internal Workflow
+
+The server returns the configured file directly.
+
+
+
+
+
+
diff --git a/docs/api-endpoints/system/get-well-known-security-txt/200-response-body.txt b/docs/api-endpoints/system/get-well-known-security-txt/200-response-body.txt
new file mode 100644
index 00000000..87497fc1
--- /dev/null
+++ b/docs/api-endpoints/system/get-well-known-security-txt/200-response-body.txt
@@ -0,0 +1,2 @@
+Contact: https://ember-nexus.dev/contact
+Expires: 2026-01-01T00:00:00.000Z
diff --git a/docs/api-endpoints/system/get-well-known-security-txt/200-response-header.txt b/docs/api-endpoints/system/get-well-known-security-txt/200-response-header.txt
new file mode 100644
index 00000000..c788caf9
--- /dev/null
+++ b/docs/api-endpoints/system/get-well-known-security-txt/200-response-header.txt
@@ -0,0 +1,10 @@
+Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method
+Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, PATCH, DELETE, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK
+Access-Control-Allow-Origin: *
+Allow: GET, HEAD, POST, OPTIONS, PUT, PATCH, DELETE, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK
+Cache-Control: no-cache, private
+Content-Type: text/plain; charset=utf-8
+Date: Fri, 22 Dec 2023 23:05:08 GMT
+Server: Unit
+Transfer-Encoding: chunked
+X-Powered-By: Ember-Nexus-API
\ No newline at end of file
diff --git a/src/Controller/System/GetWellKnownSecurityTxtController.php b/src/Controller/System/GetWellKnownSecurityTxtController.php
new file mode 100644
index 00000000..8a0322f1
--- /dev/null
+++ b/src/Controller/System/GetWellKnownSecurityTxtController.php
@@ -0,0 +1,34 @@
+client404NotFoundExceptionFactory->createFromTemplate();
+ }
+ $wellKnownSecurityTxtContent = \Safe\file_get_contents(self::PATH_TO_WELL_KNOWN_SECURITY_TXT);
+
+ return new TextResponse($wellKnownSecurityTxtContent);
+ }
+}
diff --git a/tests/ExampleGenerationCommand/docker-compose.yml b/tests/ExampleGenerationCommand/docker-compose.yml
index 8ad23b51..5552e327 100644
--- a/tests/ExampleGenerationCommand/docker-compose.yml
+++ b/tests/ExampleGenerationCommand/docker-compose.yml
@@ -7,6 +7,7 @@ services:
- "80"
volumes:
- ../../:/var/www/html
+ - ./well-known-security.txt:/well-known-security.txt
ember-nexus-neo4j:
container_name: ember-nexus-neo4j
diff --git a/tests/ExampleGenerationCommand/well-known-security.txt b/tests/ExampleGenerationCommand/well-known-security.txt
new file mode 100644
index 00000000..87497fc1
--- /dev/null
+++ b/tests/ExampleGenerationCommand/well-known-security.txt
@@ -0,0 +1,2 @@
+Contact: https://ember-nexus.dev/contact
+Expires: 2026-01-01T00:00:00.000Z
diff --git a/tests/ExampleGenerationController/System/GetWellKnownSecurityTxtTest.php b/tests/ExampleGenerationController/System/GetWellKnownSecurityTxtTest.php
new file mode 100644
index 00000000..b5882f73
--- /dev/null
+++ b/tests/ExampleGenerationController/System/GetWellKnownSecurityTxtTest.php
@@ -0,0 +1,31 @@
+runGetRequest('/.well-known/security.txt', null);
+ $documentationHeadersPath = 'docs/api-endpoints/system/get-well-known-security-txt/200-response-header.txt';
+ $documentationBodyPath = 'docs/api-endpoints/system/get-well-known-security-txt/200-response-body.txt';
+ $this->assertHeadersInDocumentationAreIdenticalToHeadersFromRequest(
+ self::PATH_TO_ROOT,
+ $documentationHeadersPath,
+ $response
+ );
+ $this->assertBodyInDocumentationIsIdenticalToBodyFromRequest(
+ self::PATH_TO_ROOT,
+ $documentationBodyPath,
+ $response,
+ false,
+ [
+ 'Expires',
+ ]
+ );
+ }
+}
diff --git a/tests/ExampleGenerationController/docker-compose.yml b/tests/ExampleGenerationController/docker-compose.yml
index 8ad23b51..5552e327 100644
--- a/tests/ExampleGenerationController/docker-compose.yml
+++ b/tests/ExampleGenerationController/docker-compose.yml
@@ -7,6 +7,7 @@ services:
- "80"
volumes:
- ../../:/var/www/html
+ - ./well-known-security.txt:/well-known-security.txt
ember-nexus-neo4j:
container_name: ember-nexus-neo4j
diff --git a/tests/ExampleGenerationController/well-known-security.txt b/tests/ExampleGenerationController/well-known-security.txt
new file mode 100644
index 00000000..87497fc1
--- /dev/null
+++ b/tests/ExampleGenerationController/well-known-security.txt
@@ -0,0 +1,2 @@
+Contact: https://ember-nexus.dev/contact
+Expires: 2026-01-01T00:00:00.000Z
diff --git a/tests/FeatureTests/Endpoint/System/GetWellKnownSecurityTxtTest.php b/tests/FeatureTests/Endpoint/System/GetWellKnownSecurityTxtTest.php
new file mode 100644
index 00000000..8c346b34
--- /dev/null
+++ b/tests/FeatureTests/Endpoint/System/GetWellKnownSecurityTxtTest.php
@@ -0,0 +1,14 @@
+runGetRequest('/.well-known/security.txt', null);
+ $this->assertIsTextResponse($response, 200);
+ }
+}
diff --git a/tests/FeatureTests/docker-compose-neo4j-5.1.yml b/tests/FeatureTests/docker-compose-neo4j-5.1.yml
index 4af5d134..9f28f9a4 100644
--- a/tests/FeatureTests/docker-compose-neo4j-5.1.yml
+++ b/tests/FeatureTests/docker-compose-neo4j-5.1.yml
@@ -7,6 +7,7 @@ services:
- "80"
volumes:
- ../../:/var/www/html
+ - ./well-known-security.txt:/well-known-security.txt
ember-nexus-neo4j:
container_name: ember-nexus-neo4j
diff --git a/tests/FeatureTests/docker-compose-neo4j-5.12.yml b/tests/FeatureTests/docker-compose-neo4j-5.12.yml
index 5145b01d..2af5985b 100644
--- a/tests/FeatureTests/docker-compose-neo4j-5.12.yml
+++ b/tests/FeatureTests/docker-compose-neo4j-5.12.yml
@@ -7,6 +7,7 @@ services:
- "80"
volumes:
- ../../:/var/www/html
+ - ./well-known-security.txt:/well-known-security.txt
ember-nexus-neo4j:
container_name: ember-nexus-neo4j
diff --git a/tests/FeatureTests/docker-compose-neo4j-5.13.yml b/tests/FeatureTests/docker-compose-neo4j-5.13.yml
index 603e0c0d..c45f4ce0 100644
--- a/tests/FeatureTests/docker-compose-neo4j-5.13.yml
+++ b/tests/FeatureTests/docker-compose-neo4j-5.13.yml
@@ -7,6 +7,7 @@ services:
- "80"
volumes:
- ../../:/var/www/html
+ - ./well-known-security.txt:/well-known-security.txt
ember-nexus-neo4j:
container_name: ember-nexus-neo4j
diff --git a/tests/FeatureTests/well-known-security.txt b/tests/FeatureTests/well-known-security.txt
new file mode 100644
index 00000000..87497fc1
--- /dev/null
+++ b/tests/FeatureTests/well-known-security.txt
@@ -0,0 +1,2 @@
+Contact: https://ember-nexus.dev/contact
+Expires: 2026-01-01T00:00:00.000Z