feat: add /robots.txt blocking sensitive paths from crawlers

Disallows: /api/, /health, /metrics, /ws/, /avatar/, /blob/, /media/, /static/, /assets/
2026-04-25 23:49:50 +08:00 · 2026-04-25 23:49:50 +08:00 · da9e96f6dd
commit da9e96f6dd
parent 10836730ed
3 changed files with 22 additions and 0 deletions
--- a/apps/app/src/main.rs
+++ b/apps/app/src/main.rs
@ -13,6 +13,7 @@ use observability::{
 use sea_orm::ConnectionTrait;
 use service::AppService;
 use session::config::{PersistentSession, SessionLifecycle, TtlExtensionPolicy};
+use api::robots;
 use session::storage::RedisClusterSessionStore;
 use session::SessionMiddleware;
 use std::task::{Context, Poll};
@ -218,6 +219,7 @@ async fn main() -> anyhow::Result<()> {
            .app_data(web::Data::new(cache.clone()))
            .app_data(http_snapshot_data.clone())
            .app_data(prometheus_handle_data.clone())
+            .route("/robots.txt", web::get().to(robots::robots))
            .route("/health", web::get().to(health_check))
            .route("/metrics", web::get().to(prometheus_handler))
            .configure(api::route::init_routes)
--- a/libs/api/robots.rs
+++ b/libs/api/robots.rs
@ -0,0 +1,20 @@
+use actix_web::HttpResponse;
+
+/// Serves robots.txt, blocking all sensitive paths from crawlers.
+pub async fn robots() -> HttpResponse {
+    HttpResponse::Ok()
+        .content_type("text/plain; charset=utf-8")
+        .body(
+            r#"User-agent: *
+Disallow: /api/
+Disallow: /health
+Disallow: /metrics
+Disallow: /ws/
+Disallow: /avatar/
+Disallow: /blob/
+Disallow: /media/
+Disallow: /static/
+Disallow: /assets/
+"#,
+        )
+}
--- a/libs/api/sidemap.rs
+++ b/libs/api/sidemap.rs