Master is blocking regular Amazon access.

[Extremity]

Due to the blocking of fls-na.amazon.com, Amazon is completely inaccessible.

I'm not sure what's going on, over the last hour several lists (including yours) have been updated and are blocking various core Amazon domains.

[welcome[bot]]

Hello! Thank you for opening your first issue in this repo. It’s people like you who make these host files better!

[Extremity]

Just to be informative: To get amazon.com and the Amazon app working, I had to force-whitelist both the fls-na domain that's on your list, and d3ag4hukkh62yn.cloudfront.net which is on a firebog list.

[hagezi]

@Extremity

d3ag4hukkh62yn.cloudfront.net is the CNAME of amazon.com but cannot find this domain on this list. It comes from another list, as you said, this domain should definitely be unblocked. I also think it is causing your problem.

fls-*.amazon.* should not be a problem, it is tracking and blocking it will only leave the browsing history in the app empty. If blocking fls caused such a problem, more people would have "raised their hands" by now.

fls = Forrester Log Service - market analytics company

https://docs.aws.amazon.com/workspaces/latest/adminguide/workspaces-port-requirements.html

Blocking the following Amazon trackers, with the exception of c.amazon-adsystem.com, should not lead to any significant functional restrictions: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/hosts/native.amazon.txt Unblocking c.amazon-adsystem.com is necessary for some sites to play videos, e.g. CNN.

Gerd

[Extremity]

Not sure why it was an issue, then. The query log on each attempt to load Amazon stated the FLS domain (and the other, from the other list) were the only blocked requests. Unblocking either or did nothing, only when both were whitelisted would it load.

If this is just limited to me then you can close this, but even now if I remove the whitelist for FLS both the .com and app refuse to load with the only blocked entry in the query log being the fls domain.

If you care, I'm happy to provide logs or whatever. I trailed the logs while testing access to confirm it was these entries, and as I said before it loads fine as soon as they're whitelisted. Disable the whitelist, and it immediately stops loading.

I get that it makes no sense, believe me. That's why I'm posting here, because I can't make sense of it.

[hagezi]

@Extremity Strange, on which platform does the Amazon app not work? Which AdBlocker/DNS are you using?

[Extremity]

This was on an Android phone and a Windows 10 PC (same network; Amazon loaded fine when on phone+cellular).

Network is running a Pi4B running PiHole with your list and a few from firebog. When testing I removed all other lists and reset to ensure it wasn't some weird entry somewhere else; connection to Amazon app and .com would still fail, with PiHole error log showing a blacklisted/blocked connection to the FLS subdomain.

DNS is local (unbound). Cloudflare is fallback, but only if my unbound node is totally offline or not responding (like, it's not just a second DNS entry to cloudflare, that would defeat the purpose). I did manually change DNS to 1.1.1.1 and 8.8.8.8 before posting - no change.

Sorry for the delayed reply. It's been working because I've left the whitelist entries, so I forgot to check this.

[ChipSkylark37]

Also experiencing the same with the amazon iOS App not working and showing "try again" when opened.

For me,whitelisting specific xxx.cloudfront.net domains seem to fix it for a short time but eventually blocks again.

I am temporarily turning off the master hosts file to test if this resolves it.

I am also getting similar logs of blocks as indicated in above posts.

What would be helpful to post to try and rectify.

[Extremity]

At this point I'm wondering if they're rolling out methods of disabling (or heavily disincentivizing) this type of ad/track blocking and it's not impacting everybody yet because, as Amazon likes to do, they're testing it with only specific groups/devices/whatever for now. I know the consensus so far is probably "this shouldn't be happening and you're probably an idiot doing something wrong" but with extensive testing it still absolutely does not work with those blocks in place, and works immediately with them whitelisted.

[frin]

I couldn't sync Kindle content on iOS app because of this fls-na rule.

[Extremity]

Any updates on this? I get the feeling this is kind of being brushed off as "must be user error" so I don't know what else I can do.

[StevenBlack]

@Extremity this isn't being "brushed off". There's actually nothing actionable here.

Somebody tell me which domains need to be assessed, and we'll evaluate that. But there's nothing.

[amorenojr]

I am currently blocking "fls-na.amazon.com" with no issues. I am trying to find the right combination of Amazon servers to block for the ads that recently started on Amazon Prime streaming service.