Well I wasn't aware of it anyway, but then I'm not the most tech-savvie person there ever was. Here is the hack: I had my robots.txt locked in, had my site deindexed from the search engines, etc. But a good samaritan told me he had access to all my downloads simply by going to http://www.mywebsite.com then going through the alphabet. http://www.mywebsite.com/a http://www.mywebsite.com/b and so on. ****What browsers do is fill the rest of the URL just from the first letter after the slash. So if you have a download page on http://www.mywebsite.com/myproduct, they only have to enter: http://www.mywebsite.com/m then their browser will auto-fill it to http://www.mywebsite.com/myproduct, and people can access your inner pages. Try it on your websites now to check if this is happening to you. It's such a simple hack you might miss it. If this is boringly obvious to some of you, then have yourselves a clever cake, but I hope that helps some of the more technical caveman types on here. It was quite a surprise to me.