What happened
A couple of weeks ago EasyList maintainers saw a huge spike in traffic. The overall traffic quickly snowballed from a couple of terabytes per day to 10-20 times that amount. The source of that dramatic surge, it turned out, were Android devices from India. This whole situation rang a bell with us, because last year we had to
grapple with the very same problem. Last November, our bandwidth usage shot up through the roof for no good reason. After investigating the issue, we found out that two apps with ad-blocking functionality were abusing our servers.
What happened to us bears a striking resemblance to what is now crippling EasyList:
- There’s an open source Android browser (now seemingly abandoned) that implements ad-blocking functionality.
- This browser is forked by a couple of other browsers that are very popular in India.
- The problem is that this browser has a very serious flaw. It tries to download filters updates on every startup, and on Android it may happen lots of times per day. It can even happen when the browser is running in the background.
When we encountered a similar problem last year, we found a simple solution: block the undesired traffic from these apps. Even so, we continue to serve about 100TB of “Access Denied” pages monthly!
EasyList is hosted on Github and proxied with CloudFlare. Unfortunately, CloudFlare does not allow non-enterprise users use that much traffic, and now all requests to the EasyList file are getting throttled.
EasyList tried to reach out to CloudFlare support, but the latter said they could not help. Moreover, serving EasyList actually may violate the CloudFlare ToS.
