7

Energized Ultimate lists blocking NextDNS

Energized Ultimate blocking nextdns.io

26 replies

null
    • NextDNs
    • 1 yr ago
    • Official response
    • Reported - view

    Energized have been having major issues with their blocklists. From what we know:

    - they started blocking tons of legitimate domains (amazon.in, github.io, tailscale.io ... and nextdns.io). See https://github.com/EnergizedProtection/block/issues/973

    - their blocklists are currently empty, not sure if that was the quickest way to fix the mess or simply another issue. See https://block.energized.pro/spark/formats/domains.txt

    - their website is currently a blank page. See https://energized.pro

    - their latest commit emptied the README.md file from their official repo. See https://github.com/EnergizedProtection/block/commit/8bc981b5b1e813ab07ea80cbb08e4b42643d9b6e

    At NextDNS we have a policy to not alter third-party blocklists, we use them as-is so you know you get an unaltered and unopinionated version of the actual blocklist. We also do not silently allow anything (that includes nextdns.io).

      • Chris.6
      • 1 yr ago
      • Reported - view

      NextDNS Energized lists were always badly maintained, please consider adding a better alternative, like the Hagezi lists.

      • yokoffing
      • 1 yr ago
      • Reported - view
      • mstgrv
      • 1 yr ago
      • Reported - view

      NextDNS 

      • lunamoth
      • 1 yr ago
      • Reported - view

      NextDNS The problem seems to keep happening. How about completely removing that filter from NextDNS?

      • in_addr_arpa
      • 1 yr ago
      • Reported - view

      lunamoth Just disable it yourself from your own blocklists, but otherwise let people make their own decisions as to which lists to employ or not.

      • aqua_airplane
      • 1 yr ago
      • Reported - view

        smh

    • Emanuel
    • 1 yr ago
    • Reported - view

    yup, https://github.com/EnergizedProtection/block/issues/972

    I've whitelisted "nextdns.io" to prevent things like this in the future.

    • Calvin_Hobbes
    • 1 yr ago
    • Reported - view

    Yikes! Had to add nextdns.Io to allow list, which is probably good practice because I couldn’t get to the logs or allowlist without first disabling NextDNS

      • bithip
      • 1 yr ago
      • Reported - view

      Calvin Hobbes Came to report the same bug , my browser dns lookups were getting blocked too. Was using nextdns.io _brave/ settings/secure dns/custom.

      Thanks for suggesting the allow list solution.

    • Seojoon_You
    • 1 yr ago
    • Reported - view

    had to add it to allowlist

    • Seojoon_You
    • 1 yr ago
    • Reported - view

    1385 entries

      • Emanuel
      • 1 yr ago
      • Reported - view

      Seojoon You that's weird, I wonder why so few? Some even have 0 entries!

      This makes me wonder is it really Energized Ultimate that's blocking nextdns.io or is it NextDNS's fetched list that does it. Maybe it fetched it wrong, or processed it wrongly.

      because, either E.U. fixed it already, or they never had nextdns.io in their blocked list

      • Seojoon_You
      • 1 yr ago
      • Reported - view

      Emanuel 

      https://block.energized.pro/ultimate/formats/domains.txt

      I can't find it here so I don't think it is the energized ultimate blocking it but it could be a problem with NextDNS

      • Emanuel
      • 1 yr ago
      • Reported - view

      Seojoon You you're right they're using the domains.txt one, which has 628834 entries, and indeed it's not there, but if it says 1385 entries... who knows what processing they've done to it, maybe that's what causes it to block *.io ? because github.io doesn't work either, or anything *.io ?

    • BitterSweet
    • 1 yr ago
    • Reported - view

    Addresses that I had Whitelisted are getting push to block list including all NextDNS addresses. Took me a while to get back access to my dashboard. I had to install the iOS app to gain back access. Really thought I was hacked for a bit. 

    • VasilisChu
    • 1 yr ago
    • Reported - view

    From what i tested every regional TLD is blocked with a wild card (.se, .io, .de, .co.uk, ,gr etc)

    also seeing .me, .co, .gg and .xyz

    Effected energizer blocklists seem to be Basic and Ultimate

    I do believe nextdns is fetching these lists wrong somehow, there dont seem to be any commits to the energizer repo that adds these either

    • mstgrv
    • 1 yr ago
    • Reported - view

    It definitely seems to be a NextDNS issue:

    • Energized's own site says the Ultimate list has way more entries (626404) than the one listed in NextDNS's dashboard says (1402 at the moment)
    • Energized have a checking tool here. At the moment NextDNS is blocking github.io (for example) and saying it's blocked by Energized Ultimate, but when you check on the tool, it says the list does not block it.

    Wherever NextDNS is pulling that list from, it's not the actual Energized Ultimate they've published

    • Kalev_G
    • 1 yr ago
    • Reported - view

    Came here for this, having severe issues related to Energized myself. NEXTDNS has been having issues for some time and I wake up to find Google, Microsoft, Amazon and Wyze ALL disabled via multiple Energized extensions. I've had em on with no issues until this morning. Today, I wake up and my devices were reading "no internet" but I can only modify my DNS settings when connected... so it was a huge hassle to say the least. Looks like my security cameras also didn't capture/upload for that time. Good thing I have a local backup. 

     

    A week ago, my college website, that is "my.asu.edu" was blocked under the porn filter. Wondering how you have a DNS block an EDU domain for "Porn" catagory LMAO but the issues are only getting worse. I wish I could refund my year subscription at this point since the idea was to increase uptime and now I'm fixing NEXTDNS more than using it. I wish I could get my money back and have bought Eero secure. I tried specifically seeking out another DNS service instead of using the Amazon based one, but given these repeat issues I'm feeling like I should've stuck with what came with my device. 

      • Calvin_Hobbes
      • 1 yr ago
      • Reported - view

      Kalev G you shouldn’t need to be connected to change your local dns settings.   I too had to change mine in order to remove the Energizer blocklists, but there was no need to be connected to anything.  

      • Hey
      • 1 yr ago
      • Reported - view

      Kalev G I've already explained on another thread but NextDNS are using AI for Pron/Adult sites in order to make their protection proactive instead of reactive. This does result in a few FPs as you mentioned as some Adult sites share characteristics with legitimate sites, a Harvard domain was blocked from the CNAME, as that domain was belonging to a website design site that was hosting the fronted of the said Harvard domain.

      As website design/hosters can be shared by verity of different subjects, it's not too unexpected and I'm pretty sure they're fixing it per report but it's only natural for AI to have some flaws as it needs to be deployed in the real world for smaller issues like those to be fixed.

      The official NextDNS account already explained but, they don't modify or change the filters/lists, so it's hard to blame them when Energized maintainers mess something up that in return hurts your experience, if they modified or changed Blocklists, it would create a whole new level of issues as maintainers would need to fix things for both their main lists and their modified siblings. So I completely agree with their stance and as the user, it isn't your fault but it's not their fault either as you choose Energized and they simply applied the filter of your choice.

      I've been using NextDNS for years now and have my family on it as well, for a year and a half now, I've never had a single hitch or issue, I use lite filters like OISD to ensure there are the least amount of FPs and haven't had a single complaint personally or from my parents, my smaller sibling, and my sister in Uni, so a wide variety of users.

      NextDNS is a tool, you're the one to set it up and it just reacts on your preferences, the only minor issue is as you've pointed out Porn started blocking a few things and there were new threads for it, but I'd say it's more than worth it dealing with a few hitched to have fully AI based completely proactive protection against possibly all categories someday, at least I hope so.

      • Hey
      • 1 yr ago
      • Reported - view

      Kalev G I also wanted to recommend you two things, first of all, using a more comfortable filter would definitely help with the maintenance aspect of things, OISD/1HostLite are great filters that have very little false positives.

      But even OISD had an issue with blocking an Akamai CDN domain that was used as the backend for most Apple services, I didn't personally feel this though as I don't use any Apple services nor devices.

      So you can't expect perfection, but NextDNS gives you the option to change and modify things to your liking if you have any issues.

      On Chrome/Firefox/Brave and other Chromium/Mozilla based browsers, you can change the settings of your DNS, so if anything similar to this were to happen, you can temporarily change to a third party DNS to whitelist any domains that might be causing issues like the case with Energized blocking NextDNS.

      I've also looked at the service you've mentioned and it seems like it's being discontinued from what I've seen on Google with the Verge covering it.

      I also wouldn't even recommend services without the ability to whitelist things yourself unless it's extremely well maintained as with NextDNS you can whitelist things, otherwise the issue is only resolved by reporting it and waiting for the service owners to see and fix it, this process is likely to annoy you more than simply whitelist the site on NextDNS until it's fully fixed by Maintainers/NextDNS for FPs on their AI.

      • aqua_airplane
      • 1 yr ago
      • Reported - view

       word

    • Agi_Ga
    • 1 yr ago
    • Reported - view

    I would ditch those Energized Lists and go for this lists:

    https://github.com/hagezi/dns-blocklists

    • BitterSweet
    • 1 yr ago
    • Reported - view

    The problem is back again. Yahoo mail, Reddit and other sites are blocked.

Content aside

  • Status Solved
  • 7 Likes
  • 1 yr agoLast active
  • 26Replies
  • 2357Views
  • 17 Following