Your adblocker could be facing a potentially big traffic problem

EasyList has been hit with a burst of highly unusual traffic that is proving an issue for the community-run project. 

A post from AdGuard, an ad blocker that utilizes its own filter list, claimed that as EasyList is used by 99.9% of all ad blockers, most users of such tools  will be affected too. 

A filter list is a comprehensive list of popup ads, trackers and the like that ad blockers utilize to determine what to block and what to filter through. EasyList’s variant is a simple text file hosted on its domain which the ad blocker grabs periodically for updates. However, it is purportedly taking over five minutes to download, due to a 10-20 fold increase in daily traffic that began earlier this month. 

Hit again

In its post, AdGuard stated it had faced the same issue last year, and hypothesised that it stems from certain browsing apps on Android devices in India. An apparent design flaw in these apps meant that they were attempting to access AdGuard’s filter list every time they started up (a more frequent occurrence on Android devices), even when running in the background. 

AdGuard’s solution was to block the traffic coming from these browsers, but they claim that they still issue over 100TB worth of access denied pages per month. 

No support for EasyList

AdGuard claims that EasyList’s problem is worse, however, as unlike AdGuard, it is unable to get any support from its hosting site, CloudFlare, to block these requests. AdGuard believes this is due to the fact that it does not have an Enterprise account, the highest subscription tier available for the service. 

When EasyList contacted CloudFlare support, its email reply stated the increased traffic had triggered its distributed denial-of-service (DDoS) mitigation, CloudFlare’s safety protocol which the company claims intelligently filters high volumes of traffic and breaks it down into manageable pieces to prevent denial-of-service.

The email also stated EasyList was actually violating its Terms of Service (ToS), as the company does not allow requests for text files. The firm suggested that EasyList would have to move the file to another subdomain to make it available for its users. 

The upshot is that EasyList is being throttled and no adblocker can get access to its filter list directly. AdGuard believes that the only option would be for EasyList to change its domain name, as the broken browser apps will continue to trigger a DDoS as long as the original easylist.to is still used. However, it cautions that this is not an easy process and would have a knock-on effect on the expected thousands of open source projects that currently use EasyList.

Way forward

AdGuard states that all filter lists are hosted on its own domain, so users should not be affected. 

Users of other software may be fine too, since they may have already switched to using a mirror domain from which to access EasyList. AdGuard warns, however, that the faulty browsers may eventually start pulling from these as well and repeat the problem all over again.

Previously, AdGuard did try to contact the developers of one of the errant browsers to make them aware of the issue, but claimed that the issue actually got worse after doing so – noting that there may be more faulty browsers out there.