Exploit Allowed Anybody To Remove Any Website From Google

Brad Chacos

China's been catching a lot of grief lately for ruthlessly culling scores of websites from the Internet , but as it turns out, Google may have been unintentionally doing it's part, too. Yesterday, James Breckenridge, the director of operations at UK Web Media, reported an exploit in Google's Webmaster Tools that allowed anybody to remove any website from Google's search results. And, as everybody knows, if you're not on Google, you might as well not even be on the Internet.

Search Engine Land reported on the flaw yesterday. The exploit was a simple one, too; all you had to do was log into Google Webmaster Tools and point your browser at the following address:

  • https://www.google.com/webmasters/tools/removals-request?hl=en&siteUrl=http://{YOUR_URL}/&urlt={URL_TO_BLOCK}

Google responded to the situation immediately, removing the ability for users to delete URLs as soon as they heard of the issue. Within seven hours, the URL removal function was back up, sans the rogue removal exploit. But what about worried web owners who may have had their sites scrubbed off the search giant's radar?

"The URL removal feature kept detailed records, so we're currently reprocessing earlier removal requests to ensure their validity," Google told Computerworld . "Our initial examination has shown only a limited impact."

Around the web