The MU forums have moved to WordPress.org

WordPress MU Forums » How-To and Troubleshooting

If security then why robots.txt (3 posts)

  1. trecords1
    Member
    Posted 14 years ago #

    Hi,
    I have problem with security, also i am confused. There is ability to change the blogs.dir and wp-content folder names for security reason as no one could enter there. But at the same time we use robots.txt which block or allows to access bots to this directory as the users also can easily determine our hidden folder names. My robots.txt for all sites:

    User-agent: *
Disallow:
Disallow: /wp-admin
Disallow: /wp-includes
Disallow: /wp-login.php
Disallow: /foldername/plugins
Disallow: /foldername/cache
Disallow: /foldername/themes
Disallow: /trackback
Disallow: /comments
Disallow: */trackback
Disallow: */comments
Disallow: /*?*
Disallow: /*?
Allow: /foldename/blogsdirname/1/files/*

Sitemap: http://vsayt.com/sitemap.xml

    Foldername = wp-content
    blogsdirname = blogs.dir

    What is our gain from these? Do we need to change folder names or just remove the folder names from robots.txt?

  2. basszje
    Member
    Posted 14 years ago #

    I figure that's just to keep the nice bots from indexing needless stuff about Wordpress. Any malicious script will determine that it's a wordpress installation within an instant and everybody knows the structure of wordpress, so no surprises there.

    The best way to stay secure it to keep updating and be weary of plugins from unknown sources and audit what plugins do to your installation.

  3. trecords1
    Member
    Posted 14 years ago #

    hmm, good recommendation, i will keep robots.txt . Seems it doesn`t matter to change wp-content/blogs.dir for security reason, that is for only make some modification for own site.

    Thanks :)

About this Topic

  • Started 14 years ago by trecords1
  • Latest reply from trecords1