From f655936b9df3585bf76c1ee4201dbd17c6556036 Mon Sep 17 00:00:00 2001
From: Robin Ward <robin.ward@gmail.com>
Date: Sun, 4 Feb 2018 13:24:36 -0500
Subject: [PATCH] SECURITY: Prevent robots from indexing more routes

These routes could contain sensitive material and should never be
indexed for content.
---
 app/views/robots_txt/index.erb | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/app/views/robots_txt/index.erb b/app/views/robots_txt/index.erb
index e4c6a446bc4..0b6c8922fea 100644
--- a/app/views/robots_txt/index.erb
+++ b/app/views/robots_txt/index.erb
@@ -16,5 +16,14 @@ Disallow: /search
 Disallow: /search/
 Disallow: /tags
 Disallow: /tags/
+Disallow: /email/
+Disallow: /session
+Disallow: /session/
+Disallow: /admin
+Disallow: /admin/
+Disallow: /user-api-key
+Disallow: /user-api-key/
+Disallow: /*?api_key*
+Disallow: /*?*api_key*
 
 <%= server_plugin_outlet "robots_txt_index" %>