@ways2web opened this Issue on October 29th 2014

or an possibility to add own meta tags

@tsteur commented on October 29th 2014 Member

Maybe makes sense to set this by default anyway?

If not, maybe rather allow plugins to define meta tags and implement it as a plugin and publish it on the marketplace

@mattab commented on November 3rd 2014 Member

by default anonymous user has no access, so it should block search engines from finding the content
I don't think we want it in core as it's good to index the login pages of Piwik (for example they link to piwik.org)

+1 for doing it in a plugin

@tsteur commented on November 4th 2014 Member

So why closing this issue when we could build a plugin? I still think this is actually very useful for users.

@mattab commented on November 4th 2014 Member

@tsteur good point thanks for pointing out!

@ryrun commented on June 3rd 2015

Hi, this issue should be re-evaluated. See my post here: #8036 Its about preveting for googling for piwik installations.

@mattab commented on June 8th 2015 Member

Increasing priority.

Proposed steps:

  • show <meta name="robots" content="noindex,nofollow"> on Installation pages, Updater pages, Reporting UI pages, Admin pages, and others if any
  • show <meta name="robots" content="index,follow"> on the Login form.
@hpvd commented on October 28th 2015

just wanted comment on mattabs comment above:
"it's good to index the login pages of Piwik (for example they link to piwik.org)"

of course from seo point of view (backlinks) I could understand that.

From security point of view an easy to find login page is not that great.
One could e.g. easily do the following thing - FULLY AUTOMATED:
1) search for login page
2) start brute force attack
3) when you are successful: look for ecommerce
4) extract /download everything
5) make a database of ecommerce data
6) sell it to everyone (competitors)

on other systems their is a great effort to hide login page with the following:

  • of course for every visitor: noindex, no follow, no archive
  • have a possibility to easily change login url within the backend

so I would strongly vote for noindex, no follow, no archive also for login page

@AramVK commented on May 21st 2018

I wonder why it still has index,follow on the login page. Every update I have to change it. If I don't, the page will end up high in the search result for our company name. This is obviously not something anyone wants. The meta tag is for controlling search engines; why would a search engine needs to display a login page for admins?

@schneidr commented on September 26th 2018

I fully agree with AramVK, I don't want the stats page show up between my top search results. My workaround for now:

I created a general file norobots.txt outside of the document root:

User-agent: *
Disallow: /

Then I added to the VirtualHost in Apache:

Alias /robots.txt /path/to/norobots.txt

Voila, the site is ignored by search engines and I don't have to change anything after an update.

@wishsimply commented on November 21st 2018

This was also my solution until I recently got a warning from google search console
'Indexed, though blocked by robots.txt'

Related 'learn more' link will lead to
which says that

'robots.txt is not the correct mechanism to avoid being indexed.'

After that I looked bit more and found
https://forum.matomo.org/t/exclude-piwik-from-being-indexed-by-search-engines/363/8 ,which will instruct modifying file '/plugins/Login/templates/login.twig'


<meta name="robots" content="index,follow">

<meta name="robots" content="noindex,nofollow">

Hopefully it works, but naturally it goes broken again after next update..

@AramVK commented on November 21st 2018

Yes you need to be careful with robots.txt and Disallow /, if you don't place it at the right path, it will block your whole website.

After yesterdays update I had to update the login.twig file once again, it's still part of the routine :relieved:

@wishsimply commented on November 21st 2018

yes, although (just for sure) that was not my case. I was only blocking /piwik directory, but google had found it anyway.

I commented also the other related issue and asked if this could be included to the project.

I guess that one checkbox in the settings would not be too much asked.

This Issue was closed on June 8th 2015
Powered by GitHub Issue Mirror