diff --git a/snippets/common/security.conf b/snippets/common/security.conf
index bc162cc..fe9982e 100644
--- a/snippets/common/security.conf
+++ b/snippets/common/security.conf
@@ -11,3 +11,12 @@ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; prelo
 location ~ /\.(?!well-known) {
   deny all;
 }
+
+location = /security.txt {
+  alias "etc/nginx/snippets/files/00-security.txt";
+  expires 15d;
+  add_header Cache-Control "public";
+
+  log_not_found off;
+  access_log off;
+}
diff --git a/snippets/files/00-security.txt b/snippets/files/00-security.txt
new file mode 100644
index 0000000..b9e3269
--- /dev/null
+++ b/snippets/files/00-security.txt
@@ -0,0 +1,7 @@
+Contact: https://contribute.freecodecamp.org/security
+Expires: 2022-12-31T18:30:00.000Z
+Encryption: https://flowcrypt.com/me/freecodecamp
+Encryption: https://flowcrypt.com/pub/freecodecamp?show=pubkey
+Acknowledgments: https://contribute.freecodecamp.org/security-hall-of-fame
+Preferred-Languages: en
+Policy: https://contribute.freecodecamp.org/security