Does WordPress create a robots.txt automatically?

Yes. WordPress generates a virtual robots.txt that blocks /wp-admin/ and allows /wp-admin/admin-ajax.php. However, this virtual file disappears if you place a physical robots.txt file in your root directory. The virtual version is minimal — most sites benefit from a more detailed configuration.

How do I edit robots.txt in Yoast SEO?

In WordPress admin, go to Yoast SEO then Tools then File editor. You will see your robots.txt content (or the option to create the file). Edit the rules and save. Yoast creates a physical robots.txt file on your server. If File editor is not visible, your hosting may block file editing — use FTP instead.

How do I edit robots.txt in Rank Math?

In WordPress admin, go to Rank Math then General Settings then Edit robots.txt. Toggle the option to enable custom robots.txt editing. Add your rules and save. Rank Math stores the robots.txt rules in the database and serves them dynamically.

Should I block /wp-content/ in robots.txt?

Absolutely not. The /wp-content/ directory contains your CSS, JavaScript, images, and uploaded media. Blocking it prevents search engines from rendering your pages correctly, which destroys your search rankings. This is one of the most common and damaging WordPress robots.txt mistakes.

What about blocking /wp-includes/?

You can safely block /wp-includes/ as it contains core WordPress files that search engines do not need to index. However, if your theme or plugins load public-facing assets from wp-includes (some do), test first. The safest approach: block /wp-includes/ but monitor Search Console for crawl errors.

Do I need robots.txt if I use Yoast or Rank Math?

Both plugins handle noindex tags for individual pages, but robots.txt serves a different purpose — it controls crawl behavior at the directory level and saves crawl budget. SEO plugins and robots.txt complement each other. Use both.

Should I block /feed/ in robots.txt?

Generally no. RSS feeds help with content discovery and syndication. Some SEO guides recommend blocking /feed/ to prevent duplicate content, but this is outdated advice. Google handles feeds correctly. Only block /feed/ if you have a specific reason, like preventing scrapers from using your feed.

How does WooCommerce affect robots.txt?

WooCommerce adds cart, checkout, and account pages that should not be crawled — they contain session-specific or private data. Add Disallow rules for /cart/, /checkout/, /my-account/, and any other WooCommerce pages that are not meant for public search results.

Best Robots.txt for WordPress — Setup Guide (2026)

Last updated: April 20267 min readSEO Tools

WordPress generates a basic robots.txt automatically, but it is too minimal for most sites. Here is the recommended configuration, how to edit it with any setup, and the specific rules WooCommerce stores need.

The Recommended WordPress Robots.txt

This configuration works for the majority of WordPress sites — blogs, business sites, portfolios, and small e-commerce:

User-agent: *
Disallow: /wp-admin/
Allow: /wp-admin/admin-ajax.php
Disallow: /wp-includes/
Disallow: /cgi-bin/
Disallow: /trackback/
Disallow: /xmlrpc.php
Disallow: /?s=
Disallow: /search/
Disallow: /*?replytocom=
Disallow: /tag/*/page/
Disallow: /category/*/page/

Sitemap: https://yoursite.com/sitemap_index.xml

What Each Rule Does

Rule	Purpose	Why It Matters
Disallow: /wp-admin/	Blocks the WordPress admin dashboard	Crawlers should not index login screens and admin pages
Allow: /wp-admin/admin-ajax.php	Allows AJAX requests used by themes and plugins	Many front-end features break if this is blocked — forms, search, dynamic content
Disallow: /wp-includes/	Blocks WordPress core files	Core PHP files are not useful for search engines to index
Disallow: /cgi-bin/	Blocks server scripts directory	Standard security practice — no user-facing content here
Disallow: /trackback/	Blocks trackback URLs	Trackbacks are outdated and a spam vector — no reason to crawl them
Disallow: /xmlrpc.php	Blocks XML-RPC endpoint	Used for pingbacks and remote access — also a common attack target
Disallow: /?s=	Blocks search result pages	Internal search results are thin content — let Google index your real pages instead
Disallow: /*?replytocom=	Blocks comment reply URLs	Prevents duplicate content from threaded comment links
Disallow: /tag/*/page/	Blocks paginated tag archives	Saves crawl budget — page 2, 3, 4 of tag archives add little value
Disallow: /category/*/page/	Blocks paginated category archives	Same as tags — paginated archives waste crawl budget
Sitemap: ...	Points crawlers to your sitemap	Essential — tells crawlers exactly where to find all your content

Three Ways to Edit Robots.txt in WordPress

Option 1: Yoast SEO

Go to Yoast SEO → Tools → File editor
If no robots.txt exists, click "Create robots.txt file"
Paste your rules and click Save
Visit yoursite.com/robots.txt to verify

Note: if the File editor tab is missing, your hosting provider may have disabled file editing. Use FTP instead.

Option 2: Rank Math

Go to Rank Math → General Settings → Edit robots.txt
Toggle the edit option on
Paste your rules and save
Rank Math serves the file dynamically from the database

Option 3: FTP / File Manager

Connect to your server via FTP (FileZilla, Cyberduck) or your host's File Manager
Navigate to the root WordPress directory (where wp-config.php lives)
Create or edit robots.txt — a plain text file, no special encoding
Upload and verify at yoursite.com/robots.txt

WooCommerce Additions

If you run WooCommerce, add these rules to block pages that contain session-specific or private data:

# WooCommerce specific
Disallow: /cart/
Disallow: /checkout/
Disallow: /my-account/
Disallow: /wishlist/
Disallow: /*?add-to-cart=*
Disallow: /*?orderby=*
Disallow: /*?filter_*

These rules block cart pages, checkout flows, account dashboards, and product filter URLs from being crawled. Product pages and category pages remain fully accessible to search engines.

Common WordPress Robots.txt Mistakes

Mistake	Why It Is Harmful	Fix
Blocking /wp-content/	Prevents Google from loading CSS, JS, and images — your pages render as broken	Remove the Disallow: /wp-content/ rule entirely
No Sitemap directive	Crawlers rely on the Sitemap line to discover content efficiently	Add Sitemap: https://yoursite.com/sitemap_index.xml
Blocking /feed/	Prevents RSS syndication and content discovery	Remove unless you have a specific reason to block feeds
Blocking entire /wp-content/uploads/	Your images disappear from Google Image Search	Never block uploads — your media lives here
Using Disallow to hide pages from search	Disallow prevents crawling but not indexing — pages can still appear in search results	Use noindex meta tag (via Yoast or Rank Math) to remove pages from search results
Not testing after changes	A single typo can block your entire site	Always visit yoursite.com/robots.txt after editing and check Google Search Console

SEO Tools for WordPress Sites

Robots.txt Generator — build the rules, then paste into your WordPress file editor
Meta Tag Generator — create noindex tags for pages that need to be hidden from search results
Open Graph Checker — verify your WordPress social sharing metadata is correct
Question Finder — discover search questions your WordPress content should answer
Headline Analyzer — score your post titles before publishing
Keyword Density Checker — analyze keyword usage across your WordPress posts
Readability Scorer — ensure your content hits the right reading level

Generate the right robots.txt for your WordPress site — paste it in and go.

Open Robots.txt Generator

Best Robots.txt for WordPress — Setup Guide (2026)

The Recommended WordPress Robots.txt

What Each Rule Does

Three Ways to Edit Robots.txt in WordPress

Option 1: Yoast SEO

Option 2: Rank Math

Option 3: FTP / File Manager

WooCommerce Additions

Common WordPress Robots.txt Mistakes

SEO Tools for WordPress Sites

Related Posts

Robots.txt Complete Guide

Block AI Bots

What Is Robots.txt?

10 Robots.txt Patterns