0

We have a website that contains encrypted user information in the URL. For example:

www.mysite.com/default.aspx?xs=ew0KICA

Our client reported Bing.com is coming up with that full URL (including the encrypted user information) and is allowing data to be viewed without logging in. How can I prevent Bing (or any search engine) from returning the URL with the user information?

Also, please note that I did not design this site so I'd ask you to avoid comments such as "you shouldn't pass user information that way." It's not how I would have done it, but I need to fix it with minimal time allocated to me to do so. I just need some help figuring out why Bing did this and how to stop it. Thanks!

boilers222
  • 1,901
  • 7
  • 33
  • 71
  • 2
    `you shouldn't pass user information that way` is the **correct** answer. You **need** authentication. `robots.txt` can stop a little bit of this, but is nowhere near enough. – SLaks Jul 06 '17 at 15:15
  • Thanks for mentioning robots.txt. I looked into it and we're going to try it. – boilers222 Jul 10 '17 at 12:21

0 Answers0