From 198150217a42faebbe8b5623da795b8a6162d965 Mon Sep 17 00:00:00 2001
From: Mrugesh Mohapatra <1884376+raisedadead@users.noreply.github.com>
Date: Tue, 21 Dec 2021 22:11:53 +0530
Subject: [PATCH] docs: update guidelines for reporting security issues
 (#44541)

---
 HoF.md                          |  7 -------
 README.md                       |  4 ++--
 docs/security-hall-of-fame.md   | 12 ++++++++++++
 SECURITY.md => docs/security.md |  4 +++-
 4 files changed, 17 insertions(+), 10 deletions(-)
 delete mode 100644 HoF.md
 create mode 100644 docs/security-hall-of-fame.md
 rename SECURITY.md => docs/security.md (67%)

diff --git a/HoF.md b/HoF.md
deleted file mode 100644
index 58fd53e66a..0000000000
--- a/HoF.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# Responsible Disclosure
-
-We appreciate any responsible disclosure of vulnerabilities that might impact the integrity of our platforms and users. While we do not offer any bounties or swags at the moment, we are grateful to these awesome people for helping us keep the platform safe for everyone:
-
-- Mehul Mohan from [codedamn](https://codedamn.com) ([@mehulmpt](https://twitter.com/mehulmpt)) - [Vulnerability Fix](https://github.com/freeCodeCamp/freeCodeCamp/blob/bb5a9e815313f1f7c91338e171bfe5acb8f3e346/client/src/components/Flash/index.js)
-- Peter Samir https://www.linkedin.com/in/peter-samir/
-  > ### Thank you for your contributions :pray:
diff --git a/README.md b/README.md
index 3d23520f23..64fe347224 100644
--- a/README.md
+++ b/README.md
@@ -168,7 +168,7 @@ If you're confident it's a new bug and have confirmed that someone else is facin
 
 If you think you have found a vulnerability, _please report responsibly_. Don't create GitHub issues for security issues. Instead, please send an email to `security@freecodecamp.org` and we'll look into it immediately.
 
-We appreciate any responsible disclosure of vulnerabilities that might impact the integrity of our platforms and users. While we do not offer any bounties or swags at the moment, we'll be happy to list your name in our [Hall of Fame](HoF.md) for security researchers.
+We appreciate any responsible disclosure of vulnerabilities that might impact the integrity of our platforms and users. While we do not offer any bounties or swags at the moment, we'll be happy to list your name in our [Hall of Fame](https://contribute.freecodecamp.org/#/security-hall-of-fame) for security researchers.
 
 ### Contributing
 
@@ -178,7 +178,7 @@ The freeCodeCamp.org community is possible thanks to thousands of kind volunteer
 
 ### Platform, Build, and Deployment Status
 
-The general platform status for all our applications is available at [`status.freecodecamp.org`](https://status.freecodecamp.org). The build and deployment status for the code is available in [our DevOps Guide](/docs/devops.md).
+The general platform status for all our applications is available at [`status.freecodecamp.org`](https://status.freecodecamp.org). The build and deployment status for the code is available in [our DevOps Guide](https://contribute.freecodecamp.org/#/devops).
 
 ### License
 
diff --git a/docs/security-hall-of-fame.md b/docs/security-hall-of-fame.md
new file mode 100644
index 0000000000..3c01879296
--- /dev/null
+++ b/docs/security-hall-of-fame.md
@@ -0,0 +1,12 @@
+# Responsible Disclosure - Hall of Fame
+
+We appreciate any responsible disclosure of vulnerabilities that might impact the integrity of our platforms and users.
+
+While we do not offer any bounties or swags at the moment, we are grateful to these awesome people for helping us keep the platform safe for everyone:
+
+- Mehul Mohan from [codedamn](https://codedamn.com) ([@mehulmpt](https://twitter.com/mehulmpt)) - [Vulnerability Fix](https://github.com/freeCodeCamp/freeCodeCamp/blob/bb5a9e815313f1f7c91338e171bfe5acb8f3e346/client/src/components/Flash/index.js)
+- Peter Samir https://www.linkedin.com/in/peter-samir/
+
+  > ### Thank you for your contributions :pray:
+
+If you are interested in contributing to the security of our platform, please read our [security policy outlined here](https://contribute.freecodecamp.org/#/security).
diff --git a/SECURITY.md b/docs/security.md
similarity index 67%
rename from SECURITY.md
rename to docs/security.md
index 9aef5db8b4..9de918c49c 100644
--- a/SECURITY.md
+++ b/docs/security.md
@@ -14,6 +14,8 @@ This document outlines our security policy for the codebase, and how to report v
 
 If you think you have found a vulnerability, _please report responsibly_. Don't create GitHub issues for security issues. Instead, please send an email to `security@freecodecamp.org` and we'll look into it immediately.
 
-We appreciate any responsible disclosure of vulnerabilities that might impact the integrity of our platforms and users. While we do not offer any bounties or swags at the moment, we'll be happy to list your name in our [Hall of Fame](HoF.md) list.
+We appreciate any responsible disclosure of vulnerabilities that might impact the integrity of our platforms and users.
+
+While we do not offer any bounties or swags at the moment, we'll be happy to list your name in our [Hall of Fame](https://contribute.freecodecamp.org/#/security-hall-of-fame) list, provided the reports are not low-effort for example: using tools & online utilities to report SFP configurations, or SSL Server tests, etc. We consider those in the category of ["beg bounties"](https://www.troyhunt.com/beg-bounties/).
 
 Ensure that you are using the **latest**, **stable** and **updated** version of the Operating System and Web Browser available to you on your machine.