A good WordPress robots.txt file is mostly about restraint. The safest setup is usually short, readable, and focused on preventing crawl waste without blocking important front-end assets.
User-agent: * Disallow: /wp-admin/ Allow: /wp-admin/admin-ajax.php Sitemap: https://example.com/sitemap_index.xml
For many WordPress sites, that is enough. It keeps bots away from the admin area while preserving the AJAX endpoint that themes and plugins sometimes need on public pages.
One of the biggest WordPress SEO mistakes is over-blocking directories just because they look technical. Search engines may need assets from those locations to render and evaluate your pages.
/wp-content/.If you use Yoast SEO, Rank Math, or another SEO plugin, the sitemap is often /sitemap_index.xml. Add that exact URL to the file so Google can discover it quickly.
If you are not sure which sitemap URL your site uses, open the sitemap manually in the browser before publishing the robots.txt file.
If a WordPress page should stay out of search results entirely, robots.txt is usually not the best tool. Use a noindex rule through your SEO plugin or send an X-Robots-Tag header instead.
Robots.txt is for crawl guidance. Noindex is for search result visibility.
The generator has a WordPress preset that starts with the common admin rule, keeps admin-ajax.php allowed, and lets you add your sitemap or extra disallow paths without writing the syntax by hand.