nextdns.io addresses added to a blocklist -> internet goes down
Somehow, nextdns.io was added to a blocklist (Energized Ultimate) just now, and the result was basically nothing worked - could not access the web at all. Until I thought to change DNS servers and check my nextdns account logs, and there it was - nextdns.io addresses being blocked because they had somehow been added to a list I have added.
No idea how / why nextdns.io addresses ended up on that blocklist, but shouldn't nextdns mitigate against its own service being blocked by 3rd party lists? This is basically an attack vector isn't it?
24 replies
-
Should also add - I have no idea whether that list still blocks nextdns.io - the workaround was to add nextdns.io to my Allowlist. Which is what feels like nextdns itself should be doing silently anyway to prevent this exact situation?
-
This also seems weird to me - in my.nextdns.io, Energised Ultimate is listed as having 1385 entries. On its own website, it says it has 628,771. How / why is the list being used by nextdns so different?
-
try github.io or anything *.io are blocked, who knows why
-
Thanks for this discovery & workaround. I had problem accessing the internet since lunch (2 hrs ago) on my mobile. attempt to add the https DNS link on my Chrome app Android, it kept asking me for a valid URL address.
-
github.io still being blocked, nextdns says "blocked by Energised Ultimate"
Downloading the current Energized Ultimate list from their website, github.io (no subdomain) isn't listed as far as I can tell.
So is nextdns using an out of date list, or did they pull a non-legit list with a bunch of non-legit entries?
-
Something screwy is still going on at the moment - my log is showing a particular domain was working fine 14 mins ago, but 8 mins ago it shows up as blocked by Energized Ultimate
-
the list got updated and there are new domains being blocked
-
Yes but still doesn't look correct:
github.com/EnergizedProtection/block •
1,402 entries • Updated 13 minutes ago
Compared to
-
My BBC news app draws a blank and several other app also affected.
Removed the Energized Ultimate & Regional Extension from my settings, until it's restored.
Using Lightswitch05 - Ads & Tracking & OISD list for the time being.
-
Glad this happened out of business hours for me, I just unsubscribed from Energized... But took me a while to realize the issue
-
Something seems to be screwy with multiple lists. Nextdns dashboard has AdGuard filters still showing 0 entries and says it was updated 6 hours ago, plus Energized Ultimate has been updated since this all began but seems to be adding new spurious entries, and the entries number quoted on the Nextdns dashboard still doesn't match their own website.
Disabling Energized Ultimate is one thing, but there's weirdness with other lists too.
-
just found out discord doesn't work rn
-
gateway.discord.gg blocked
-
actually it seems like all .gg domains are blocked easy.gg doesn't work
-
Given github.io is still being blocked, it seems like the list (or the version of it being implemented by nextdns, with its weirdly low entries count) is being updated with entire suffixes like *.io, *.gg, *.me, that sort of thing
-
many thanks for posting this solution, I was sure that my internet it's fine while I disable temporally my NedDNS on PC and 3 - Phone's. I'm paying for this service and I expect this very very logical think NOT to happen..... how in the world you could block yourself :))
This is childish thing.... please correct and make sure this will not happen again ! -
Energized has a checking tool here: https://energized.pro/check/
https://energized.pro/check/?domain=github.io -> "github.io domain is not blocked"
And yet in my dashboard it's still being blocked and it says "Blocked by Energized Ultimate"
The issue seems to be Nextdns itself - where is it getting this "Energized Ultimate" list from which is blocking entire suffixes and only has 1402 entries?
-
There are many issues with all lists from Energized. Unfortunately the admin in charge of the lists doesn't seem to care. All issues and reports on Github have no answers.
Solution: working with allow lists or just suppress Energized from your blocking lists. That's what I did because I was getting too mad.
Content aside
-
2
Likes
- 1 yr agoLast active
- 24Replies
- 441Views
-
9
Following