DNN Forums

Ask questions about your website to get help learning DNN and help resolve issues.
Prev
Next

what is the value of the current content in robots.txt

Forums > General Discussion
Sort:
You are not authorized to post a reply.





Peter Schotman - 40Fingers

New Around Here



Posts:19
New Around Here




10/13/2020 10:28 AM

    Hi,

    I got a question from a client about the security information the robots.txt file is exposing. It now shows a list of directories. Wouldn't it be better if these directories wouldn't be exposed or shown?

    My client (based on some pen test advise) now considers whitelisting in the robots.txt. I think that does not make sense

    I like to hear your opinions

     

    Currently it contains:

    # Begin robots.txt file
#/-----------------------------------------------\
#| In single portal/domain situations, uncomment the sitmap line and enter domain name
#\-----------------------------------------------/
#Sitemap: http://www.DomainNamehere.com/sitemap.aspx

User-agent: *
Disallow: /*/ctl/		# Googlebot permits *
Disallow: /admin/
Disallow: /App_Browsers/
Disallow: /App_Code/
Disallow: /App_Data/
Disallow: /App_GlobalResources/
Disallow: /bin/
Disallow: /Components/
Disallow: /Config/
Disallow: /contest/
Disallow: /controls/
Disallow: /Documentation/
Disallow: /HttpModules/
Disallow: /Install/
Disallow: /Providers/
Disallow: /Activity-Feed/userId/	# Do not index user profiles

# End of robots.txt file

     






    Michael Tobisch

    Veteran Member



    Posts:1124
    Veteran Member




    10/28/2020 10:35 AM
      Peter,

      robots.txt is originally designed as a blocklist (as the word "blacklist" is not politically correct and racist nowadays), therefore I think you're right. It could block too many "good" robots if you only allow some. And "bad" robots give a sh... about your robots.txt file.

      Happy DNNing!
      Michael

      Michael Tobisch
      DNN★MVP

      dnnWerk Austria
      DNN Connect





      Peter Schotman - 40Fingers

      New Around Here



      Posts:19
      New Around Here




      11/4/2020 8:13 AM
        thanks Michael, maybe I add an issue and a pull request, see what can of worms that opens...
        You are not authorized to post a reply.

        These Forums are dedicated to the discussion of DNN Platform.

        For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

        1. If you have (suspected) security issues, please DO NOT post them in the forums but instead follow the official DNN security policy
        2. No Advertising. This includes the promotion of commercial and non-commercial products or services which are not directly related to DNN.
        3. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
        4. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
        5. No Flaming or Trolling.
        6. No Profanity, Racism, or Prejudice.
        7. Site Moderators have the final word on approving / removing a thread or post or comment.
        8. English language posting only, please.

        Would you like to help us?

        Awesome! Simply post in the forums using the link below and we'll get you started.

        Get Involved