Closed lgrn closed 4 years ago
lgrn
commented
4 years ago There was a change done recently, could this be caused by something like this being removed?
"excludeTopFQDNs": true,
"excludeTopRootDomains": true,Commit: https://github.com/nextdns/metadata/commit/3e33dcd5c4213ba30865210f84ec501300d89dda @romaincointepas
LagSeeN
commented
4 years ago same google block by threat-intelligence-feeds
Veldkornet
commented
4 years ago Same here, also for play.google.com
dazzah87
commented
4 years ago I've checked both google.com and play.google.com and don't seem to have any issues. I don't know if you use the official app but maybe try disabling and enabling it again, similar on your mobile device.
lgrn
commented
4 years ago @lyrad87 the issue should already be resolved, I got a response from @romaincointepas via Intercom about 40 min ago.
dazzah87
commented
4 years ago Great, then I guess this issue can be closed. =)
lgrn
commented
4 years ago I thought I'd leave it open for @romaincointepas to close with some kind of summary of what happened.
romaincointepas
commented
4 years ago Sorry about this guys, we fixed it immediately.
Long story short, whitelisting highly queried domains (top 1M alexa or similar) is far from an ideal approach, even if (too) many are doing it. We worked on moving away from this toward a much smarter approach and a small bug found its way through.
We've added safeguards that test for critical domains like www.google.com so this doesn't happen again.
I just noticed that google.com is being blocked for me. Inspecting the "logs" tab on my.nextdns.io shows that the lookup was blocked by "threat-intelligence-feeds". Without knowing much of how this works, I'm guessing one of the lists here include it and the whitelist needs to be expanded perhaps? https://github.com/nextdns/metadata/blob/3e33dcd5c4213ba30865210f84ec501300d89dda/security/threat-intelligence-feeds.json