I have a content management system i have created that stores minutes, agendas and stuff that is not for the general public.

Each user MUST login to access this information.

All information is stored in another folder whose name is not know to anyone but me as the content of the file is included in the page using the include() function tio protect the random folder names i use.

What i want to be sure of is that none of the search engines or spider site can access these file that are private.

From my understanding no page will be spidered unless it is linked in someway from the index page or pages linked from a page that is linked in the index page!

true?

I have performed the following action to test this using a site file grabber program and it shows the files i do not want seen, the program i used is expres webpictures, this shows in the logs that the files are being seen but when i used frontpage to get files from the domain name i supplied it only got the index.htm page and thats all? even though the other files used for example the upload.php and login.php files were not seen. i have my not for public files in a folder called lets say 'private' how can i stop the spiders and other programs from from seeing inside this folder? i thought having a password system would have been enough, but it seems it is not!

thanks for your advice on this.

thanks for this, but how do i protect documents and other files within a certain folder from being indexed by a crawler?

the files are always changing and i thought setting the folder permission would have been enough but this stops my script from accessing it as well!

as suggested above, robots.txt should help. try http://www.dwfaq.com/Tutorials/Miscellaneous/robot_txt.asp, or use google to find sample files