The annoying thing is not the false positives: these things happen, and mostly it's not all that urgent to resolve immediately. The annoying thing is a total lack of obvious appeals process to resolve a false positive. At least the OP's example is on GitHub and thus can easily be issued.
It took almost 4 months to get through to someone who would accept my problem wasn't forgetting my password.
In the end, I was pointed to their third provider and told "sort it out yourself, not our problem". Thankfully that other company had a reasonable-ish appeals process...
...obviously I got relisted in their db a few times but things seem to have calmed down now.
Instead of designing our systems as though they all face the hostile public Internet like Google, why not instead police all of the public Internet as though it's our internal network? That way we don't need to adopt any actual security practices. What could go wrong?
As you saw, basically everything, all the time.
I actually moved energy supplier a few months ago. I had a good quote from a new supplier, and when I tried to sign in to see how close the quote from my old supplier was their site wouldn't load in my browser, tried again a day later, no joy. OK cool, bye then.
Surprisingly, Amazon does not block customers they put on this list.
Fortunately, since I build multi-lingual web sites, I was able to get an exemption from the security department.
(No, I don't use Google Translate to translate web sites. The company has three internal and two external professional translators for that. But sometimes when I'm copying-and-pasting between versions, I like a little reassurance that what I'm pasting is what I think it is.)
Currently however, providers are bound by EU mandates to treat every packet the same (roughly speaking).
I hope it stays that way.
[1] - https://www.techradar.com/uk/news/ofcom-to-review-uks-net-ne...
Give them some time to react. My wife complained to me she could not visit a website (I run Pi-Hole on our network, and our mobile devices get routed to it even on external networks). I looked through the logs, figured the offending rule, contacted the maintainer, and they fixed it within a few hours.
The issue has been up for one hour thus far.
False-positives, things that are good defaults but advanced users should be able to bypass, or just plain unfortunately necessary workarounds are certainly all issues though. I think user available fallbacks can be useful sometimes for that reason. Like at a site using 802.1x auth, set it up so users can append "-noblock" to their login and then it'll change them into a different VLAN which can just point at a different DNS (or alternately Unbound supports views for split-brain DNS).
In either case, blocklistproject interprets spam ad vendors as damage and routes around them.
A relatively common corporate practice, honestly. It's a shame more people aren't aware of it.
https://webcache.googleusercontent.com/search?q=cache:HWH6z4...
Perhaps they have fixed it in the past 3 weeks, maybe they haven't.
From yesterday, so not fixed -
https://webcache.googleusercontent.com/search?q=cache:rMUgla...
Also love the way it's signed, the persons online profile is "I'm Black Hat SEO Expert" if anyone wants to write any Green policy I guess contact them?
Having been on their side it can sometimes be very difficult to mitigate without manual approval. This is not automated - it's done by humans and they adjust their patterns against any automatic mitigation attempts.
Not if the site polices user-generated content.
It's fraud not spam, you never got to watch the fight after paying - https://ici.radio-canada.ca/recit-numerique/2140/adcenter-hy...
And 6 weeks ago it might have been ISIS spam or a link to a exe or phishing.
> and any site that accepts user-generated content is susceptible to it
This site doesn't have user-generated content/events/calendar, it's employee generated.
So maybe that only has been an issue for 3 weeks (which is bad enough), but all things considered, it’s possible it’s been like this for years.
No outrage to see here, please move along
