Question 8443 is indexed in google

[Bogdan1]

Hi,

Is it a bug or it's on purpose that admin panel( :8443) allows crawlers to index itself?

There is no robots tag or file..

 

[Brujo]

Well I think this is not a bug it is up to you..

so if you like to avoid this place the robots.txt in /usr/local/psa/admin/htdocs or /opt/psa/admin/htdocs the path depends on the OS you use

 

[Sergio Manzi]

Well I think this is not a bug it is up to you..

I beg to (partially) disagree: the admin panel is provided by Plesk "as is" and we (users) are not supposed to patch it in any way (unless directed by Plesk Support to do so, maybe), so I think it is Plesk responsibility to protect those pages with adequate robot.txt and/or "meta" tags (which I don't see in the admin panel pages...)

I have anyway a couple of questions for @Bogdan1:

• is your a theoretical case, or you have hard evidence of the indexing of the admin panel having happened?
  
  
• what pages have you seen indexed? I hardly can think of anything more than the login page as all other pages should be inaccessible to crawlers as they are (expected to be) password protected
  
  
• I cannot think of any other reason for the indexing of those pages on port 8443 having happened beside the existence of a "normal" (ports 80 or 443) web page of yours having links to them. If that's the case (and I don't think this is a good idea...), it is your responsibility (or at least a "best practice") to protect those links with rel="nofollow" attributes

 

[OverWolf]

I think that the index is create (and active) for the port 80 or 443 of the server. So, like write Brujo, the location is depended by OS that Bogdan1 use.
Anyway, I think that this isn't so good, so it's a good practice to use robot or any other method to block this access to the root directory of server

 

[Sergio Manzi]

I think that the index is create (and active) for the port 80 or 443 of the server.

Ouch! Missed that as I use my own template for default domain pages and of course I didn't make the mistake to put a link to the admin panel on those...

P.S.: Then it is sole Plesk responsibility to fix this!

 

[MarkM]

Don't see the big deal...

Yes, Google will index both login_up.php and get_password.php on port 8443.

Compare it to Wordpress - you know when you see a Wordpress site, you can access 90% of them by going to wp-admin....

 

[Sergio Manzi]

Don't see the big deal...

I agree, but nonetheless I think this should be fixed because:

• It requires a very minor intervention in Plesk code
  
• I don't see anything breaking backward compatibility in doing that
• there is no sense in having the admin panel login page indexed
• once indexed it would be (marginally...) difficult to get the admin page out of Google and the likes

Compare it to Wordpress ...

don't get me started on that!!

Cheers!

 

[MarkM]

... don't get me started on that!!

Oh hey Sergio, have you ever heard of Wordpress? what's your opinion on it....

 

[Sergio Manzi]

Oh hey Sergio, have you ever heard of Wordpress? what's your opinion on it....

Wordpress? nope... all my sites are developed with FrontPage...

 

[MarkM]

Wordpress? nope... all my sites are developed with FrontPage...

Using FrontPage extensions right?

 

[IgorG]

Guys, please stop offtopic here. Thanks.

 

[AYamshanov]

Hi,
JFYI: Anyway, the issue was fixed since Plesk Onyx 17.9 Preview 9 (Change Log for Plesk Obsidian)

[...]
The Plesk login pages (https://<...>:8443) are no longer indexed by crawlers.
[...]

 

[Sergio Manzi]

Great, thank-you!

Then, maybe, there is still hope to see this fixed...