I am in Arkansas, in the United States of America, and am running an installation of Nextcloud v 25.
The Nextcloud website, nextcloud.com, is blocked. I cannot even ping the IP address from my terminal app. The only way to access it is to run a VPN on my laptop, and then either manually download and install updates, access the website, etc.
I contacted my local ISP, and apparently nextcloud.com is blocked for one of various reasons. They get IP addresses to block from managed sources they subscribe to. When they temporarily put me outside their mitigated zone, where I was open to the Internet without protection, I was able to ping your IP address.
My point is this: apparently someone has spoofed your IP address and had bad traffic such that you got blacklisted somewhere as needing to be blocked. I’m sure I’m not the only one to not be able to get to you.
Please investigate, and resolve the blacklisting situation with whichever service has you listed. It will help more people be able to use your software, and keep their installations updated… and, of course, it will help me too.
Hey @LuvMeDew and welcome to the community forum of Nextcloud.
Thanks for letting us know about this problem… I am gonna forward this message to some responsible person(s)
Though it would be nice if you could give us some more hints… like: who is your local ISP, which reason was our URL blacklisted for exactly, which service did they sign to?
Apparently, it is a country-related block they are depending on. The tech support for my ISP sent me this:
The IP address that nextcloud currently resolves to is Ukrainian and that country (UA) is currently blacklisted for all traffic.
AT63 is the blacklisting code.
Unless you just feel like relocating your server to a more country-neutral data center, I guess I, and others with similar ISP situations are out of luck.
Unless you just feel like relocating your server to a more country-neutral data center, I guess I, and others with similar ISP situations are out of luck.
Wow! That’s really messed up, then if it is showing something other than Germany for so many lookups! I guess something really HAS gotten out of whack. If you do an ARIN reverse IP lookup, it correctly shows it being located in Germany.
Well if they subscribe to such a service, I’d complain and ask for a payback. Also if they are paying customers, they have perhaps a direct access to customer service to escalate this faster than if asked by a “random” website.
Why are websites from Ukraine blocked?
edit: just to make sure, Nextcloud is trying to get removed. But it’s probably good to let your ISP know they use a shady service that creates quite some collateral damage.
My ISP contacted me saying they’ve opened a ticket with RioRey, which is apparently a company that specializes in DDoS protection? I would have thought they would have been more on top of things and caught it themselves, but what do I know. Wouldn’t they do reverse IP registry lookups from the owners of the IP address in question the first time it crossed their Internet DDoS appliance, rather than going from old information somewhere? Maybe someone poisoned their information somehow? Whatever the case, I’m glad it is getting fixed so I won’t have to keep opening a VPN just to get to the Nextcloud website.
Maybe you should change your ISP. Interesting that he supposedly looks at the quality of each individual web page. Does he also block P**N? Freedom that Nextcloud also promises looks different.
Yep, and only one IP block in this ASN is Ukrainian. Seems like a lot of collateral damage, even if this IP range would be blocked for legitimate reasons, which i doubt is the case. So the quality of these filter lists is definitely bad.
@LuvMeDew Your ISP should consider changing the vendor of their filter lists, and you should probably consider changing your ISP.
I’ve applied their latest AS/CC file to our DDOS appliances.
I tested, and am posting here without a VPN!
Not sure how long it will take for other ISPs who use RioRey to have this resolved without intervention, but it appears to have been resolved on the backend.
Thanks to all who helped figure out what was going on! Appreciate all the help and the great community, and response!
It is the flag of Ukraine but it is the ip address from nextcloud.com from Finland see my post above. Unfortunately, I do not understand.
Perhaps there really were attacks from nextcloud.com (95.217.53.155) to electroman.biz (69.4.196.98) or another virtual host on this server. AS20436 - Prairie Grove Telephone Co.
Best I understand it, the ISP depends on the DDoS company, RioRey, for having current information on what IP addresses are in GeoIP blocked locations.
RioRey had inaccurate information for the IP address of Nextcloud.com, which caused Nextcloud.com to be blocked by the ISP.
Either RioRey was hacked, which would be ironic, but upsetting, or they had not accurately resolved the geolocation of the Nextcloud IP address, due to not doing an ARIN lookup on the specific information associated with that IP address.
The information you were talking about was just from a quick lookup the ISP guy did using some IP lookup service he was familiar with.
It is interesting, however, that at least two IP lookup services were replying with inaccurate information about the IP address for Nextcloud. Makes me wonder if something bigger is going on than just the one IP address, or if it is just Nextcloud which was affected.
