Fixed: Remove Any Site From Google (even if you don’t control it)

by James on July 19, 2011

UPDATE: It would seem Google is looking into this right now, which is great. The sole reason I posted this was to get the issue patched, I couldn’t find a method of contacting Google or reporting this directly and maybe naively thought this would generate the most gravitas.

UPDATE 2: This was fixed within 7 hours of reporting the problem. Great work by the team at Google to get it fixed and all the URL’s removed in this way should now be back in the index.

This is my first post so I thought I should make it a good one, I hope you enjoy reading it as much as I have writing it.

Yesterday I was busy removing thousands of URL’s from within Googles Webmaster Tools, it was pretty time consuming as there were so many, there had to be an easier way? I settled on quickly making myself a chrome extension that adds a link next to a result in a Google search, deep linked into webmaster tools. With that installed I was busy clicking away removing the URL’s in record time.

Then I made a little mistake and accidentally removed a URL of a website I have no relation to?!? I was stunned it could be that easy. Surely there was no way Google would actually remove the page, right?

I decided to dig a little deeper and do a few tests to see how powerful this could potentially be and how wrong was I! These are the tests I performed, some of which I do not have screenshots for as I really didn’t think it would actually work.

The Tests

  1. Remove a website I control (not in my webmaster tools account) on 18/07/2011 – Gone!
  2. Remove a URL on one of the world’s largest websites (the accident) on 18/07/2011 – Gone!
  3. Remove a friends blog (blank and with permission) on 18/07/2011 – Gone!

NB: On none of the tests were the pages blocked by robots or returned a 404 response (apparently a prerequisite for removal)

How To Do It (please don’t and hopefully Google will patch it soon)

Disclaimer: If you are going to test this please make sure you have permission from the site owner, otherwise although it is a loophole I am pretty sure it is illegal.

The process is actually very simple and just requires some minor modifications to a URL, followed by a form submission. Edit the following URL:{YOUR_URL}/&urlt={URL_TO_BLOCK}

Replace in the URL above:

  • {YOUR_URL} = A URL you control within Webmaster Tools
  • {URL_TO_BLOCK} = The URL of the site you want to block:
    • You can request removal of the following:
      • Site – Provide top level domain (E.g.
      • Section – Provide URL of the folder (E.g.
      • Page – Provide URL of the page (E.g.

If you request the modified URL in your browser (make sure you are logged in to your Google account) you should see:

I didn’t actually remove the News Of The World by the way, News International have done quite a good job of that themselves. If you do actually¬† click the Submit Request button, you should see the following:

It then gets inserted as a Pending request in the site owners Webmaster Tools account. If the request is not cancelled it usually leads to the removal of the site from Google’s index which is why I think this is probably the biggest vulnerability in Google today and why I am highlighting it here. I can’t believe I am the only person to figure this out and there are a number of things that could be happening right now if this information is already in the wrong hands.

Thankfully, there is a time delay from when the request is made to when it is actually processed. The only reason I am happy to highlight this here whilst it is still possible, is because it should be so easy for them to fix (and should have never been possible in the first place).

I have tried to forward this on to Google in the hope that they fix it, but if anyone can pass it to the correct person that would be great. If someone from Google could email me, I also want to let you know the URL of the site I accidentally removed so you can remove the removal request for that URL.

{ 50 comments… read them below or add one }

Leave a Comment

Next post: