||edgesuite.net blocked "play.itunes.apple.com.edgesuite.net"

Question

||edgesuite.net blocked "play.itunes.apple.com.edgesuite.net"

Closed this issue 5 years ago · 7 comments

Environment: AdGuard Home

Blocked by CNAME or IP in response
CNAME: play-cdn.itunes-apple.com.akadns.net. (ttl=2323)
CNAME: play.itunes.apple.com.edgesuite.net. (ttl=2323)
CNAME: a1806.dscb.akamai.net. (ttl=192)
AAAA: 2600:1406:3::b81c:bcc2 (ttl=8)
AAAA: 2600:1406:3::b81c:bcc3 (ttl=8)

hezhijie0327 commented 5 years ago

😊

👍1

Alex-302 commented 5 years ago

Thanks

Answer 1 · 2020-02-07T07:40:45.000Z

"edgesuite.net" is a CDN provider. Many companies use it, such as Apple, Steam, letsencrypt.org, etc. If you use the rule like the one "||edgesuite.net" which existed in current rule list, it may occurred many connectivity issues. It not only blocked "edgesuite.net", but also blocked all the sub-domains. I really hope that the issue could be fixed as quick as possible, thanks very much.

// Solutions:

Delete or change it as followed
@@||edgesuite.net^
Block its sub-domain instead of block its main-domain. For example:
||ads.edgesuite.net^

// Known issues:
ax.itunes.apple.com
init.ess.apple.com
init-p01md.apple.com
isrg.trustid.ocsp.identrust.com
steamcdn-a.akamaihd.net
ocsp.int-x3.letsencrypt.org

Answer 2 · 2020-02-07T09:18:08.000Z

Some ad company use it (e.g. YieldManager), but the blocking rules are start from my filters named ThaiParanoidBlock may transfered here because this focused to block Thai ads and trackings.

I have no idea if any known good companies are use that EdgeSuite CDN, but for me, rarely to see who use that but mostly it's used as abusive way, can you prove more evidences?

Answer 3 · 2020-02-07T09:44:05.000Z

play.itunes.apple.com.edgesuite.net --> Apple Music (Music Play / Download)
officecdn.microsoft.com.edgesuite.net --> Microsoft Office (Download / Update)
steamcdn-a.akamaihd.net.edgesuite.net --> Steam (Game Download)
ocsp.int-x3.letsencrypt.org.edgesuite.net --> Let's Encrypt (SSL/TLS Certificate)

I don’t think it ’s wise to block all of them. If YieldManager uses it as an advertising service, it should add rules for it instead of blocking both normal and abnormal. For example:
||ad.yieldmanager.com^
or may be it use EdgeSuite CDN (Possible)
||ad.yieldmanager.com.edgesuite.net^

Answer 4 · 2020-02-07T10:15:59.000Z

Yep. Better block specific sub-domains.

Answer 5 · 2020-02-07T12:13:37.000Z

Whitelist entirely isn't a good idea, and this filter mainly aim to apply in uBlockOrigin or NanoAdBlocker, use with other tools may not recommended.

Instead of whitelisting, maybe just remove out from this blocking list but let another filter lists handle it?