Russell Coker, an experienced sysadmin and Linux developer, had just such an experience recently when one of his servers, running his domain www.coker.com.au, could not get a certificate issued by Letsencrypt renewed.
The error message that he got was that two domains that he had set up — mail.gw90.de and listen.gw90.de — had been deemed unsafe by Google.
Russell wrote up the issue on his blog, pointing out that neither of these domains had any content, and he had set them up using Apache to get SSL certificates that he could use for other purposes.
|
But the two sites in question had nothing in the base directory for documents until recently when he put in a single file to say, "This site is empty".
Russell wrote: "It’s theoretically possible that someone could have exploited a RCE bug in Apache to make it serve up content that isn’t in the DocumentRoot, but that seems unlikely (why waste an Apache 0day on one of the less important of my personal sites?).
"It is possible that the virtual machine in question was compromised (a VM on that server has been compromised before but it seems unlikely that they would host bad things on those websites if they did."
What made the incident stand out even more was that a few hours after he had blogged about the issue and copied a tweet to Google, he received a message via Twitter, from one Frank Petrilli, telling him that it had been "raised internally" and fixed.
When asked where he was from, Petrilli replied that he was from Google but not from the team that handles such issues. "As I'm sure you understand, false positives do happen, especially at scale. The team is tuning what caused your site to be flagged so it won't happen to others, so that we can make it work better for everyone," he wrote.
Russell's conclusion? "People who lack the ability to write a good blog post in English, the confidence to tweet Google about it, or maybe the social capital to have their tweets taken seriously will have more problems running servers."
In other words, exactly how one who is not technically competent gets such an issue fixed is open to question.