Question answering-focused e-business and web search engine Ask.com has been publishing server status page by accident. It was suffering a massive technical issue which has caused it to reveal everything people are searching for on its website.
Its Apache server status page was open to the public at ask.com/server-status. That technical issue allowed anyone to see queries and user actions done on the servers.
First spotted by programmer and digital marketer Paul Shapiro. He took the matter to Twitter to notify users about the glitch.
A website's server pages are usually, and traditionally, kept private. What they do, is to help developers and technicians to effortlessly monitor errors, working as an utility tool for them to track and troubleshoot issues on the Apache server.
Ask.com in leaking its internal data, didn't pose a major security threat, at least to some degree.
It didn't take long for Ask.com to lock the page down after Shapiro's news came out.
The trouble happened because all requests all load balanced before they went to the website's search system. The queries that were leaked use HTTP requests, even through Ask.com uses HTTPS by default.
Initially, the IP addresses were thought to be users' IP addresses. But after thorough research, it was concluded that they were the IPs of Ask.com's own servers.