We have three domain names with pretty close to duplicate content (Magento sites). Let's call them production.com, development.com and staging.com.
I have robots no-index on development.com and staging.com. I also have htpasswds enabled. A Google search of these domains shows that they haven't been indexed. However, I'm starting to get phishing warnings from Chrome when I log in to the back end of the software.
I need to stop this as soon as possible. If the warnings spread to the front end we're looking at pretty serious ramifications.
What is the best course of action?
Through robots.txt make sure google finds disallow and will not spider servers that are not production server.
Also elaborate on what warnings are being raised.