While these settings are okay, a robots.txt file can tip a hacker off to files that they might find interesting and would otherwise not know about. It is much safer to edit the PHP files themselves to include a robots meta tag instead. Use your HTML editor to search all files in your osCommerce install in source mode for "" (quotes just delimit what you are looking for and should not be included in the actual search). Immediately under this tag add one of the following two tags: If the file in question is located in the admin directory it should not get indexed at all so you will want to add the meta tag to prevent any robot access to the file as follows: For files in your main catalog that you don't want indexed (such as the ones listed below in the sample robots.txt file) you will still want the robot to continue indexing the remainder of the site so you would use: Frankly I'm a bit surprised that the osCommerce development team didn't include such tags when they originally wrote the application. You might want to keep the robots.txt file with just the command to disallow the Google Image Bot as listed at the bottom of this file since that wouldn't give away any important information. # Sample robots.txt file (make sure the filename is ALL LOWERCASE on Linux/Unix systems) # This file should go in your web site's ROOT directory # The root directory is where your site's main /index.html file would be found # It is usually found in /yourhomedir/public_html/ or /yourhomedir/httpdocs # Where "yourhomedir" is your user account's name # # We invite you to also check out our popular contribution: Simple Template System (STS) # It lets you layout or change your OSC look-and-feel by modifying a single HTML file # http://www.oscommerce.com/community/contributions,1524 or SimpleTemplateSystem.com # Enjoy! - Brian Gallagher @ DiamondSea.com # This says to apply these settings to ALL search engine spiders/crawlers User-agent: * # These settings will keep spiders from indexing your unwanted pages # This assumes that your OSC install is in your web site's ROOT directory # ie: http://www.yoursite.com/index.php <- Use if this brings up your OSC main page Disallow: /admin Disallow: /account.php Disallow: /advanced_search.php Disallow: /checkout_shipping.php Disallow: /create_account.php Disallow: /login.php Disallow: /login.php Disallow: /password_forgotten.php Disallow: /popup_image.php Disallow: /shopping_cart.php # These settings will keep spiders from indexing your unwanted pages # This assumes that your OSC install is in your web site's ROOT directory # ie: http://www.yoursite.com/catalog/index.php <- Use if this brings up your OSC main page Disallow: /admin Disallow: /account.php Disallow: /advanced_search.php Disallow: /checkout_shipping.php Disallow: /create_account.php Disallow: /login.php Disallow: /login.php Disallow: /password_forgotten.php Disallow: /popup_image.php Disallow: /shopping_cart.php # Feel free to add any other pages on your site that you don't want to be indexed by # the search engines. # PLEASE NOTE: Any pages that you list here should be secured by other means if you # don't want people to be able to view them, as some malicious users will look at a # robots.txt file to try to find "hidden" or "secret" areas of web sites to find # confidential information. # Just Uncomment a line or add new ones as you see fit. # Disallow: /private # Disallow: /hidden # IF YOU DO NOT WISH TO HAVE THE GOOGLE IMAGE BOT SCAN YOUR DOMAIN FOR IMAGES # THEN YOU CAN INCLUDE THE FOLLOWING IN YOUR ROBOTS FILE. # I FOUND THAT MY BANDWIDTH USAGE DROPPED BY A MASSIVE AMOUNT AFTER I GOT RID # OF THE GOOGLE IMAGE BOT. ALL I HAD WAS IMAGE HUNTERS STEALING PRODUCT SHOTS # AND NOT EVEN BROWSING THE SITE. User-agent: BotRightHere Disallow: / User-agent: Webzip Disallow: / User-agent: larbin Disallow: / User-agent: b2w/0.1 Disallow: / User-agent: Copernic Disallow: / User-agent: psbot Disallow: / User-agent: Python-urllib Disallow: / User-agent: NetMechanic Disallow: / User-agent: URL_Spider_Pro Disallow: / User-agent: CherryPicker Disallow: / User-agent: EmailCollector Disallow: / User-agent: EmailSiphon Disallow: / User-agent: WebBandit Disallow: / User-agent: EmailWolf Disallow: / User-agent: ExtractorPro Disallow: / User-agent: CopyRightCheck Disallow: / User-agent: Crescent Disallow: / User-agent: SiteSnagger Disallow: / User-agent: ProWebWalker Disallow: / User-agent: CheeseBot Disallow: / User-agent: LNSpiderguy Disallow: / User-agent: Alexibot Disallow: / User-agent: Teleport Disallow: / User-agent: TeleportPro Disallow: / User-agent: MIIxpc Disallow: / User-agent: Telesoft Disallow: / User-agent: Website Quester Disallow: / User-agent: WebZip Disallow: / User-agent: moget/2.1 Disallow: / User-agent: WebZip/4.0 Disallow: / User-agent: WebStripper Disallow: / User-agent: WebSauger Disallow: / User-agent: WebCopier Disallow: / User-agent: NetAnts Disallow: / User-agent: Mister PiX Disallow: / User-agent: WebAuto Disallow: / User-agent: TheNomad Disallow: / User-agent: WWW-Collector-E Disallow: / User-agent: RMA Disallow: / User-agent: libWeb/clsHTTP Disallow: / User-agent: asterias Disallow: / User-agent: httplib Disallow: / User-agent: turingos Disallow: / User-agent: spanner Disallow: / User-agent: InfoNaviRobot Disallow: / User-agent: Harvest/1.5 Disallow: / User-agent: Bullseye/1.0 Disallow: / User-agent: Mozilla/4.0 (compatible; BullsEye; Windows 95) Disallow: / User-agent: Crescent Internet ToolPak HTTP OLE Control v.1.0 Disallow: / User-agent: CherryPickerSE/1.0 Disallow: / User-agent: CherryPickerElite/1.0 Disallow: / User-agent: WebBandit/3.50 Disallow: / User-agent: NICErsPRO Disallow: / User-agent: Microsoft URL Control - 5.01.4511 Disallow: / User-agent: DittoSpyder Disallow: / User-agent: Foobot Disallow: / User-agent: SpankBot Disallow: / User-agent: BotALot Disallow: / User-agent: lwp-trivial/1.34 Disallow: / User-agent: lwp-trivial Disallow: / User-agent: BunnySlippers Disallow: / User-agent: Microsoft URL Control - 6.00.8169 Disallow: / User-agent: URLy Warning Disallow: / User-agent: Wget/1.6 Disallow: / User-agent: Wget/1.5.3 Disallow: / User-agent: Wget Disallow: / User-agent: LinkWalker Disallow: / User-agent: cosmos Disallow: / User-agent: moget Disallow: / User-agent: hloader Disallow: / User-agent: humanlinks Disallow: / User-agent: LinkextractorPro Disallow: / User-agent: Offline Explorer Disallow: / User-agent: Mata Hari Disallow: / User-agent: LexiBot Disallow: / User-agent: Web Image Collector Disallow: / User-agent: The Intraformant Disallow: / User-agent: True_Robot/1.0 Disallow: / User-agent: True_Robot Disallow: / User-agent: BlowFish/1.0 Disallow: / User-agent: JennyBot Disallow: / User-agent: MIIxpc/4.2 Disallow: / User-agent: BuiltBotTough Disallow: / User-agent: ProPowerBot/2.14 Disallow: / User-agent: BackDoorBot/1.0 Disallow: / User-agent: toCrawl/UrlDispatcher Disallow: / User-agent: suzuran Disallow: / User-agent: TightTwatBot Disallow: / User-agent: VCI WebViewer VCI WebViewer Win32 Disallow: / User-agent: VCI Disallow: / User-agent: Szukacz/1.4 Disallow: / User-agent: Openfind data gatherer Disallow: / User-agent: Openfind Disallow: / User-agent: Xenu's Link Sleuth 1.1c Disallow: / User-agent: Xenu's Disallow: / User-agent: Zeus Disallow: / User-agent: RepoMonkey Bait & Tackle/v1.01 Disallow: / User-agent: RepoMonkey Disallow: / User-agent: Microsoft URL Control Disallow: / User-agent: Openbot Disallow: / User-agent: URL Control Disallow: / User-agent: Zeus Link Scout Disallow: / User-agent: Zeus 32297 Webster Pro V2.9 Win32 Disallow: / User-agent: Webster Pro Disallow: / User-agent: EroCrawler Disallow: / User-agent: LinkScan/8.1a Unix Disallow: / User-agent: Keyword Density/0.9 Disallow: / User-agent: Kenjin Spider Disallow: / User-agent: Iron33/1.0.2 Disallow: / User-agent: Bookmark search tool Disallow: / User-agent: GetRight/4.2 Disallow: / User-agent: FairAd Client Disallow: / User-agent: Gaisbot Disallow: / User-agent: Aqua_Products Disallow: / User-agent: Radiation Retriever 1.1 Disallow: / User-agent: Flaming AttackBot Disallow: / User-agent: 94.247.2.46 Disallow: / User-agent: 208.36.144.7 Disallow: /