Last Revised: October 2, 2021
The robot file.txt that must be in the root folder of the hostname of the installation (even if your WordPress is in a folder), is a file that does not come by default in WordPress, although if you call it the system generates a simple one, and that you should create.
This text file tells search bots (such as GoogleBot, BingBot, YandexBot, Slurp!…) what they should and should not analyze about your site.
What should we block from WordPress in this file? In principle nothing. Nowadays you can get to block many elements through the internal configurations of security plugins, so if you want to have a secure site it is best not to give information in this file.
In this way, the file will have a simple content:
By default WordPress generates a virtual file with the following content:
User-Agent: * Disallow: /wp-admin/ Disallow: /wp-admin/admin-ajax.php
Although this exposes is not serious, taking into account that access to
/wp-admin/ the must previously go through a user access, it is still a very clear clue that this site is built with WordPress.
Seguir con Seguridad para WordPress
- Security Keys
- Cabeceras inconvenientes
- Ocultar la versión de WordPress
- Carpetas por defecto
- Post instalación
- Edición de ficheros
- URL del sitio
- Servidores externos
- Acceso a wp-admin
- Actualizaciones automáticas
- Limpieza de multimedia
- Plantilla por defecto
- Subir ficheros sin filtro
About this document
This document is regulated by the EUPL v1.2 license, published in WP SysAdmin and created by Javier Casares. Please, if you use this content in your website, your presentation or any material you distribute, remember to mention this site or its author, and having to put the material you create under EUPL license.