• About Us
  • Services
  • Case Studies
  • Blog
  • Contact Us
  • Google Indexing FTP Address URL’s – Is This a Security Risk?

    While searching Google earlier today I was very surprised to notice that one of the listings returned in the top 10 was an FTP site!

    Digging a little deeper and I found that there are actually millions of ftp://ftp.domain.com addresses indexed in Google, all of which appear to have read access permissions granted to the folder structure. I admit that I know very little about hacking but surely having this information available is a potential security risk to webmasters?

    I assume Google have always indexed FTP URL’s, just without ranking them very well in most cases so I haven’t noticed these appearing before. But seeing that they don’t index file extensions such as .exe or even .0 because these are considered as a risk to users, I would have expected the FTP addresses to be blocked too – this time as a security risk to web servers and hosting packages instead.

    These FTP files have obviously been indexed because the URL has been linked to, normally as a document download from within the main site. The URL’s are certainly useful to the website users (which is why Google probably has an argument for indexing these), but webmasters should really be hosting this on an http:// address and I wouldn’t have expected Google to index these URL’s so that they are open to view for anyone searching.

    I’d be interested in hearing any other thoughts about this. I expect this is something many people may already be aware of, it might also explain how some people do link building on .edu domains! ;)


    One Response to “Google Indexing FTP Address URL’s – Is This a Security Risk?”

    1. Jordan Levy says:

      Time to switch to only SFTP from an exact ip address and update your .htacces file.

    Leave a Reply