Main Content

robots.txt - a clue to hidden pages?

Archive - Originally posted on "The Horse's Mouth" - 2007-01-13 08:23:35 - Graham Ellis

The robots.txt file is designed to provide spiders and crawlers with a list of places they should NOT go - it's described as the "robot exclusion standard" file and its intent is to allow the webmaster to segregate his site into indexable and non-indexable.

But because it lists directorys to be excluded, robots.txt is often an excellent source of links people don't want to be found. I have numerous examples that I've seen (and will NOT reproduce here!) where directories that are not for public consumption are listed. And - in theory - I'm perfectly at liberty to read the site's robots.txt with a regular browser then step through the places that robots are excluded manually to see what's there.

If you want to protect areas of your site from prying eyes / accidental discovery, do NOT rely on robots.txt - use a passwording system or some other form of authentication.

Our robots.txt file - which I'll happily reproduce here - lists URLs that I don't mind people finding - I just don't want them indexed. So even if they're looking with malicious intent - which I doubt - they won't "get" anywhere.

#
# robots.txt file for www.wellho.net and www.wellho.co.uk
#
# we encourage robots to visit and index almost ALL documents
# but not any executable scripts.
#
User-agent: *
Disallow: /cgi-bin/
Disallow: /net/unique.html

So all robots are allowed anywhere EXCEPT to cgi scripts, which we don't want indexed. On our site, all such scripts change their reports regularly and depending on the information entered, and so it would be misleading to encourage indexers to list them.

The /net/unique.html page is sortof-internal. It's generated by one of our site scripts and lists words that occur only once on the rest of the site. Purpose? to help us find spelling mistakes! I don't mind anyone seeing the page - and indeed I've just provide you with a link to it in this article - but people REALLY won't want to land there when they do a search!