Beyond the basic robots.txt setup, this specifically means disallowing sensitive paths, admin directories, configuration file locations, and similar application-specific paths that should never be crawled or indexed, reducing the chance search engines accidentally surface something sensitive.
While robots.txt is not a genuine security control on its own (a determined attacker can simply ignore it), it does prevent accidental indexing of sensitive paths by legitimate search engines, closing an easy, low-effort information disclosure gap.
Sensitive paths are disallowed in robots.txt, understood as a supplement to, not a replacement for, real access control.
The Security Ring turns this into a real, permanent mission — mark it complete once you have genuinely done it.
Open this mission in H.I.V.E. →