Dear Bricks Devs,
I have noticed that it is currently not possible to password-protect the standard WordPress sitemap.xml file using the password template in Bricks.
This feature would be very helpful, as password-protecting a website prevents Google from crawling and indexing it. I typically use password protection on every new/fresh site I build when it’s live on a makeshift subdomain or placeholder domain. This ensures that the development site isn’t indexed by Google or other search engines before the live site is ready.
Unfortunately, Bricks password protection doesn’t seem to extend to the sitemap.xml file, leaving it vulnerable to indexing by Google and other search engines.
Additionally, I wanted to inquire whether it would be possible to hide the website title and subtitel while password protection is active, so we could already optimize it for SEO while preventing both visitors and bots from seeing it.
Thank you for your attention to this matter.
Best regards,
Patrick
bricks builder pass protection works for the wordpress templates and pages…etc
sitemap.xml is a file and usualy coming from seo plugins as a ghost file generated dynamicly with the specific .xml request
only way to block that or block the similar requests would be creating htaccess level password protection
because when you think about it is not just sitemap.xml there are lots of similar files exist for other uses or other plugins or requests this never ends with sitemap.xml only
if you need absolute password protection check these plugins Plugins categorized as htpasswd | WordPress.org
BTW, WordPress has a sitemap natively—so it’s not just a ghost file created by an SEO plugin. I can’t think of many, if any, ‘similar files’ that have such an impact on SEO and the site itself.
I thought that it’s possible to block all access to all content under the given domain, as other plugins seem to handle this without any issues.
I just thought the Bricks team would like to make this feature usable for real-life scenarios, such as blocking Google bots and others while the site is in development (when the live site is developed on a live server).
To don´t mess up SEO scores before going live with the website I always use the ‘Password Protected’ plugin (Password Protected – Password Protect your WordPress Site, Pages, & WooCommerce Products – Restrict Content, Protect WooCommerce Category and more – WordPress plugin | WordPress.org), which sets a password for the entire site, including the sitemap.xml. This is a common method to password-protect a website during development (e.g., on a subdomain), so Google doesn’t accidentally crawl your page and screws up your score - especially if it’s not yet on the final URL. → Google accidently crawling your page can cause some serious SEO issues - especially if the site is on a dev-sub-domain.
I thought this feature was intended for such use cases, as I can hardly think of a reason someone would want to block access to a website while the sitemap.xml is still crawlable. There might be a few people who want to password-protect their personal site but don’t mind that Google gives the website a poor listing index—e.g., for people on a ‘burner domain.’ But for those on a domain they want to rank well in Google later on, this might not be the right feature.
If this feature would block access to sitemap.xml aswell this feature would be in use on EVERY website build of mine - right now I unfortunatly need to use a plugin for my usecase which renders this Bricks feature obsolete - very unfortunate tbh.