diff --git a/src/model/notification.rs b/src/model/notification.rs
index 8919cb9..0dcf45a 100644
--- a/src/model/notification.rs
+++ b/src/model/notification.rs
@@ -179,6 +179,13 @@ ORDER BY read_at DESC, created_at DESC;
         .await
         .unwrap();
     }
+
+    pub(crate) async fn delete_by_link(db: &sqlx::Pool<Sqlite>, link: &str) {
+        sqlx::query!("DELETE FROM notification WHERE link=?", link)
+            .execute(db)
+            .await
+            .unwrap();
+    }
 }
 
 #[cfg(test)]
diff --git a/src/tera/mod.rs b/src/tera/mod.rs
index 8ef6830..9094c40 100644
--- a/src/tera/mod.rs
+++ b/src/tera/mod.rs
@@ -148,6 +148,26 @@ async fn new_blogpost(
     }
 }
 
+#[derive(FromForm, Debug)]
+struct BlogpostUnpublishedForm<'r> {
+    article_url: &'r str,
+    pw: &'r str,
+}
+
+#[post("/", data = "<blogpost>")]
+async fn blogpost_unpublished(
+    db: &State<SqlitePool>,
+    blogpost: Form<BlogpostUnpublishedForm<'_>>,
+    config: &State<Config>,
+) -> String {
+    if blogpost.pw == &config.wordpress_key {
+        Notification::delete_by_link(&db, blogpost.article_url).await;
+        "ACK".into()
+    } else {
+        "WRONG pw".into()
+    }
+}
+
 #[catch(403)] //forbidden
 fn forbidden_error() -> Flash<Redirect> {
     Flash::error(Redirect::to("/"), "Keine Berechtigung für diese Aktion. Wenn du der Meinung bist, dass du das machen darfst, melde dich bitte bei it@rudernlinz.at.")
@@ -226,6 +246,7 @@ pub fn config(rocket: Rocket<Build>) -> Rocket<Build> {
         .mount("/auth", auth::routes())
         .mount("/wikiauth", routes![wikiauth])
         .mount("/new-blogpost", routes![new_blogpost])
+        .mount("/blogpost-unpublished", routes![blogpost_unpublished])
         .mount("/log", log::routes())
         .mount("/planned", planned::routes())
         .mount("/ergo", ergo::routes())