Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,556,749
Community Members
 
Community Events
184
Community Groups

Attention! Attention! Review info on your public Trello boards!

May 11, 2018

Hi community! 

 

Trello is awesome product, but we need to consider security. 

If you have use the public boards publicly available on Internet you might be exposing more information than intended! See below :)

 Everyone knows the Google indexing so much info from web sites.
In fact, if you write the correct request you can get sensitive information from Trello user boards.

For example:

Also you can find for other domain and interesting phrases.

 

Conclusion:

  1. Please, review info on your boards.
  2. Change passwords any other credentials
  3. Don't put sensitive info on trello boards!
  4. And push Trello support to remove indexed page from Google cache, and other search platforms like Yandex, Yahoo.
  5. If you have the Premier support, let's raise issues about stop indexing and remove from Google cache.


Hope it helps!
I will be happy if you send to other users this info.
In my opinion, so much users from the it world parse info.
Also you can help to prevent use the sensitive data just suggest some static checker on Trello side like Sonar (popup window if find word password), also stop indexing ( I mean review robots.txt).

 

 

 

Thanks
Cheers,
Gonchik Tsymzhitov

Comment
Watch
Like # people like this
3034 views

8 comments

Cassie Mayes
Cassie Mayes
Community Manager
Community Managers are Atlassian Team members who specifically run and moderate Atlassian communities. Feel free to say hello!
May 11, 2018

Hi Gonchik,

When a board is made public, Google is pretty good at getting the content of that board into their index. They're less good about coming back and checking that the board is still public. Once the board is made private, we are reporting the right status to Google (i.e., 404), but they need to be told that this is a permanent state of affairs, not a one-time glitch or programming error.

The request has more weight coming from a non-owner of the site than it does when it comes from the owner. You can help them realize a board is no longer public with the instructions in this article:


http://support.google.com/webmasters/bin/answer.py?hl=en&answer=1663691


Submitting that de-listing request is going to be the best way to remove that listing from Google.

I hope that helps!

Like
Matt Doar
Matt Doar May 11, 2018

I see Trello does warn people about their site being indexed by Google, but maybe the default should be that the robots.txt file tells Google *not* not index the site?

Like
Gonchik Tsymzhitov
Gonchik Tsymzhitov
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
May 11, 2018 • edited

@Matt Doar to my understand public boards should not be indexed. 

I hope these a few steps will be good for next step.

0. Stop indexing any boards, only blog, marketing and documenation can be indexed

1. Therefore the better way is remove from google cached indexed pages. 

2. Also I think nice feature is implement some js script which will check static phrases like ( password, credit card number, emails)

3. And the end sometime shows the good practices for the security https://help.trello.com/article/789-changing-the-visibility-of-a-board-to-public-private-or-team

 

@Cassie Mayes thank you for the answer!

 

Cheers, 

Gonchik Tsymzhitov

Like
Devon Henderson
Devon Henderson
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 11, 2018 • edited

Hi Gonchik!

Public boards are meant to be indexed. Many organizations use them to house public development boards, planning, and more. A public board is meant to be seen by the public, and removing them across all of Trello from Google would severely impact many use cases. 

In the past, Trello has forced public boards containing login information to become private (or team visible). I am unsure if this is a regular thing they do, or if it was only done the one time. 

However, Trello is pretty clear that the boards will be visible in Google when made public. Unfortunately, many organizations don’t have great security practices and run big risks like this. It’s always good to make sure the organizations using Trello take the time to make sure our boards don’t contain sensitive information :) 

But in my opinion, it would do more harm than good to remove Trello public boards from Google’s index. Many groups use and need this feature. Instead, let’s all spread the word so we are responsible for the sensitive information we manage :)

Like
Gonchik Tsymzhitov
Gonchik Tsymzhitov
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
May 18, 2018

Hi! 

 

Looks like not many person wants to clear and conert to the private board with sensitive data. 

And Trello support did not get for me any answer. 

 

 

Cheers,

Gonchik Tsymzhitov

Like
David Douek
David Douek Aug 03, 2018

I do understand the reason why some people need indexing of their public boards, but there are at least as many reasons not to index it. If I want to be able to quickly share a board with 10 people and not add the 10 people to the board and ask them to create account/login, I need to use a public board. But I may not want to have the info indexed for everyone else to see. Why not simply have the option at board creation? It's just about adding a no-index tag to the board which have it enabled...

Like Patrick Taylor likes this
Christian Skjetne
Christian Skjetne Dec 11, 2019

Why not just implement a setting which controls indexing? Typeform does this and it's great solution to the issue

Like Gonchik Tsymzhitov likes this
Stanley Peters
Stanley Peters Nov 27, 2021

I think it is pretty common for google to be indexing pages on its own. You have to disallow google to index that particular page or if you wish all of your pages. My www.outlook.com calendar was visible on google search once, then i had to make it private.

Like

Comment

Log in or Sign up to comment
Gonchik Tsymzhitov

Gonchik Tsymzhitov

Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader

About this author

Solution architect | DevOps

:)

Cyprus, Limassol

170 accepted answers

2,958 total posts

View profile
Trello
Trello
TAGS
AUG Leaders

Atlassian Community Events

See all events