Home » Blog » Website Management » What is a Sitemap, and How it May Put Your Website at Risk

What is a Sitemap, and How it May Put Your Website at Risk

by | Nov 5, 2018 | Website Management

Recently, we’ve covered how Google works. That article was dedicated to revealing how the search engines are working, and what is, if any, the connection between them and our brains. We figured that the search engines are more of sorting engines, showing only the relevant information through billions of possible pages. These pages were previously crawled and stored, thus the engine is not searching simultaneously with you. Yet, it looks through the stored files, trying to find those that are relevant to your search.

Much like a librarian will look among all the stored and ordered books to find the one that you told him you need.

Not like the librarian, Google is able to look through the table of contents of each and every “book”, which helps the user to look not only at “books” that he has heard of already.

While the librarians know the book title and are able to find its number in the lists of the library, they are not obligated to be familiar with the content of the book. This means that if you are looking for a book that explains how sharks are hunted, you’ll have to check every book about sharks.

But whether you’ll find the information you need in the first or the last book depends more on luck than on anything else.

On the other hand, Google is a librarian that has read a larger or smaller part of every book that his library possesses. The search engines are librarians that are also unable to turn the book to the next page, so they jump from chapter to chapter using the table of contents.

On the web the books are websites and the table of contents is called a sitemap.

 

What is a Sitemap

 

The utility of the sitemap should be clear by now. Still, it is important for every webmaster to truly understand it if they want their website to be visible to the search engines.

Simply put, the sitemap is navigation for the search engines, represented as a list of pages of a specific website.

According to Wikipedia, “there are three primary kinds of sitemaps”

Sitemaps are used during the planning of a Website by its designers, human-visible listings, typically hierarchical, of the pages on a site, and structured listings intended for web crawlers such as search engines. Where the latter is the one we are interested in. Specifically, the one that Google introduced, also known as XML Sitemap.

In the sense that we are concerned with, the simplest possible answer to the question of what is a sitemap is the following:

A sitemap is an XML file. It consists of website navigation, represented as a list of pages. In this file, the webmaster is providing the Search Engine with information about pages, media, and other files on his website and how they are related between each other. The XML sitemap file helps search engines to more properly read a website. Thus, they are able to rank it to more relevant queries.

Google is claiming that, if your site’s pages are properly linked, their web crawlers can usually discover most of your site. Yet, they are advising the webmaster to create and upload a sitemap, because that “can improve the crawling of your website”.

 

How to Create Sitemap

Now that we figured creating a Sitemap is a must for every webmaster that wants his contents to be visible to people in the search engines, it is only fair to cover the topic of how to create one.

If you are using WordPress to create your website/s, I highly recommend you to do the following:

If you decide to use Yoast SEO, which will surely make your life easier, you’ll have the opportunity for the plugin to create a sitemap for you.

Doing so is a process of just 6 steps.

  1. Log in to your WordPress website.
  2. Click on ‘SEO’
  3. Click on ‘General’.
  4. Click on the ‘Features’ tab.
  5. Toggle the ‘XML Sitemaps’ switch.
  6. Click ‘Save Changes’

 

How a Sitemap Might Put Your WordPress Website at Risk

Although the sitemap is apparently a key part of your website performance it may put your website at risk.

This is a widely neglected fact. I don’t know whether webmasters are missing it due to ignorance or they know, but still are not engaged enough to take care of their sitemap.

When speaking about internet security I will never get tired of repeating the fact that you are obligated to yourself, your website, and your audience to use a strong password so that your website won’t be taken over and thus, your audience’s data won’t be compromised.

In most, if not all, CMS’s author archive page is being indexed in the search engines, and it is presented in the sitemap.

Which, as you probably guessed, is dangerous. If anyone is able to see your username, they’ll be more likely to guess your password (through a brute-force attack, or otherwise).

Thus, it will be best if you remove your author’s page from the sitemap and that way to protect your website in one more way.

If you have Yoast SEO installed, to remove your username’s archive page from the sitemap, you should follow these steps:

  1. Log in to your WordPress website.
  2. Click on ‘Users’
  3. Find the user you want to remove from the sitemap.
  4. Hover it with your mouse, and click ‘Edit’.
  5. Scroll to the bottom of the page, where the Yoast Settings are located.
  6. Find the ‘Do not allow search engines to show this author’s archives in search results.’, and check that option.

 

Conclusion

Your website’s security is the most important thing you need to take care of. Not “when you are famous enough to worry about such things”, not “tomorrow”.

Your website’s security should be important from day one. And while for someone to use your sitemap to find your username and thus to be able to attack your website more precisely is not the most possible scenario, it is possible.

Removing your (and all of your users’) name from the sitemap shouldn’t be the first, and certainly, it can’t be the only measure you take to prevent your website from being taken over. Still, it is a measure that will make you feel more secure. Even if you do that, no one is able to promise that an attack won’t be successful. Therefore:

  • Use a secure and reliable hosting
  • Use strong password/s
  • Install security plugins
  • Hide your username archives from the sitemaps, so they won’t be publicly available

And learn more on how to make WordPress Secure

Create great content, and stay safe!

i

Relevant tags:

Create your free hosting account today

Connect

Latest posts:

WordPress Popup Plugin: 5 Best Choices for Your Site

Having the right popup plugin on your WordPress website can drastically increase visitors’ engagement, and number of subscribers, and can even increase the number of paying customers. However, in order to get the most out of the feature, you should find a popup plugin...

9 Best WordPress Forum Plugins

If you are focusing on creating an online forum with WordPress and searching for the best options for your online community, this is the article for you. We have filtered out the best WordPress plugins for any situation, so you don’t have to. In the following...

10 Best WordPress Email Plugins

Searching for the best emailing solutions for your WordPress website and online business? Look no further than this selection of plugins with great functionality and handy features. Each of these suggestions can become a great fit for your email marketing strategy,...

10 Best WordPress Search Plugins

Although WordPress provides a default search function that you can easily use on your website, there are numerous plugins that do the job simply better – more precise, faster, and with more options for custom search inquiries. In the next paragraphs, you will read...

8 Best WordPress CRM Plugins

Depending on your needs, the right WordPress CRM plugin can improve your sales processes, help for more effective customer retention, and improve your marketing strategy. In the following paragraphs, you will read about 8 WordPress plugins that help your team and...



Create a website for free!


Free forever