sfw/fix
noindex in X-Robots-Tag critical

noindex detected in 'X-Robots-Tag' http header

The server sends an HTTP header telling Google not to index the page, so it gets dropped from results.

What you see

Page indexing
Why pages aren't indexed
Excluded by 'noindex' tag
  Source: noindex detected in 'X-Robots-Tag' http header

What’s actually happening

Search Console reports the page is excluded by a noindex tag, but you check the HTML source and there is no `<meta name="robots" content="noindex">` anywhere. That's because the directive lives in the HTTP response headers, not the document body, so View Source and most on-page SEO plugins miss it entirely. The page returns 200 and looks completely normal in a browser. Meanwhile Google quietly removes it from the index because a response header outranks anything you put in the markup.

Common causes

  • A leftover staging or pre-launch rule that set X-Robots-Tag: noindex sitewide and was never removed when the site went live
  • An Nginx `add_header X-Robots-Tag "noindex";` or Apache `Header set X-Robots-Tag` line in a config or .htaccess that applies more broadly than intended
  • A CDN or reverse proxy (Cloudflare Workers, Fastly, Vercel) injecting the header at the edge
  • An SEO plugin or CMS setting flipped to noindex for that URL pattern, output as a header rather than a meta tag
  • A security or maintenance plugin that adds noindex headers and forgets to strip them after maintenance mode ends

How to fix it

  1. Confirm the header is actually being sentRun `curl -I https://yoursite.com/the-page` and look for an `X-Robots-Tag: noindex` line. This is the definitive check — if it is there, the HTML meta tags are irrelevant.
  2. Locate the source layerWork outward: check the CMS/SEO-plugin settings first, then the app code, then the web server config (`nginx.conf`, virtual host, `.htaccess`), then the CDN/edge rules. Compare headers with the CDN bypassed to tell whether origin or edge is adding it.
  3. Remove or scope the ruleDelete the blanket directive, or wrap it in a condition so it only matches the paths you genuinely want hidden (e.g., `/staging/`, `/cart/`). Avoid applying X-Robots-Tag at the top-level server block.
  4. Re-test, then request indexingAfter deploying, run `curl -I` again to confirm the header is gone. Then use the URL Inspection tool, click Test Live URL to verify Google sees an indexable page, and submit it for indexing.

Stop it recurring

Add a post-deploy check that curls a known production URL and fails the pipeline if X-Robots-Tag: noindex appears.

Related errors

Submitted URL blocked by robots.txt

high

A URL listed in your sitemap is disallowed in robots.txt, so Googlebot won't crawl or index it.

Page indexed without content

high

Googlebot indexed the URL but rendered no meaningful content, leaving a near-empty page in the index.

Blocked by page removal tool

medium

The page is hidden from results because someone filed a Removals request in Search Console.

Discovered - currently not indexed

medium

Google found the URL but hasn't crawled it yet, so the page can't rank until the crawler gets to it.