View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions App Store blocked
Log in to Ask a Question

App Store blocked

Hi guys,

So I’m running a vpn server on my linode and it seems the iOS App Store no longer works.

I tried creating a new linode with new it but it’s the same.

Anyone have the same issue? I’m wondering if all linode ranges are now blocked?

42 Replies

More info, it seems if you open this url directly it shows 2 links. Using linode as a vpn it shows service unavailable.

https://search.itunes.apple.com/

I observed the same issue since a few weeks, it can also be observed from the shell:

$ curl search.itunes.apple.com
Service Unavailable

My linode is running in the Frankfurt data center.

I wonder if it’s only linode ips or apple doing it for all data center iOS as and when they identify them.

Anyway I handled it by proxy into those domains through a different server. Not ideal tho!

Same problem from Fremont. Makes no sense to me why Apple would block Linode like this.

After asking around it seems to be due to bots and abuse where scripts query the App Store directly bypassing the API. Usually it’s to fake installs and reviews etc etc.

Apparently Apple got a lot more aggressive recently. This is all unconfirmed really as Apple are always secretive about this stuff.

Anyway we routed certain domains through other networks to get around it, but it’s still an ongoing pain.

Forgot to mention, it’s not only linode, it’s a lot of VPN endpoints and IP ranges which seem to belong to quick turn around server providers like VPS providers.

Personally, the solution to this problem can only be negotiated with apple by the Linode officials, but now Linode officials think that this issue is not within their service, which makes me very uncomfortable.

I have precisely the same problem. iOS App Store, as well as search in Podcast are all down, however, I can still upgrade apps/podcasts. It seems that it's just the search function that's being blocked by Apple.

So far I've noticed that these 2 websites that blocked my Fremont server (there could be more):

search.itunes.apple.com (iOS app store)
camelcamelcamel.com (amazon price tracking)

I tried Wireguard, OpenVPN, shadowsocks, v2ray, all the same. 

$ curl search.itunes.apple.com
Service Unavailable

$ curl camelcamelcamel.com
curl: (7) Failed to connect to camelcamelcamel.com port 80: Connection refused

In contrast:

$ curl google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>

am suffering from the same issue , i run IOS VPN server in linode and now all access to apple app store is blocked .

please share if any one managed to overcome this issue .

I have same issue with VPN on my linode (hosted in Newark, NJ). I can't open App Store when it is on

Linode Staff

Hi everyone, I wanted to give an update here:
Yes, we are aware of connectivity issues with Apple's App Store, and we're working to resolve this. I don't have anything I can share about a timeline, nor am I aware of a current workaround for Linode customers. When we have more info, we'll be sure to update this thread.

Any updates with resolving this issue? Still having this issue with Linodes in Newark and Atlanta.

The same issue. My server locates in Tokyo. Could someone tell me how to solve it or recommend other web-server providers?

Need an urgent update to this or moving over to the dark side (digital ocean).

@watrick

Hi,

Would you be able to share the list of companies blocking you (that you know of)?
I'm experiencing issues with the entire Google ecosystem (using my Linode as a VPN), search, mail, playstore, etc

Thank you

For us it’s mainly the App Store. But it sounds like your IP is blacklisted - maybe from a previous user of the IP.

Clone your linode to a new one to get a new IP and check.

Linode Staff

Hi everyone,

I just wanted to jump in here and thank you all for your patience. We know you've been waiting for some time, and we really appreciate you sticking with us. We're still investigating the connectivity issues with Apple's App Store, and while we don't have a timeline to share, we wanted you to know this is still on our radar.

Linode, are you serious? It’s been 7 months!!! It does NOT take 7 months to investigate this.

It sounds to me like some of your customers have been running bots or scripts that Apple don’t like and your entire IP ranges have been banned.

If that is indeed the case then you probably haven’t been able to convince them that you’re dealing with that to get unbanned. In any case you are the ONLY provider with this issue.

Almost out of patience here, it’s beginning to affect the bottom line.

Linode Staff

We hear you and we understand the frustration this has caused. As noted, this issue is likely because of abuse on our platform, which we handle as quickly as possible. Our Trust & Safety team has reached out to Apple and Google multiple times over the last few months to little affect. We’ve got some new contacts to whom we can escalate this, and we’re hopeful they’ll help us resolve this.

We appreciate the feedback – keep it coming. The instant we have a resolution for this, we'll be sure to update this thread.

still having the problem with all of my 3 linodes.

Is it possible to solve the problem?

I'd like to update that as of Jul 1, 2020, the issue is still there.

@jackley Please do escalate this issue with Apple.

Thank you.

Linode Staff

@ashong and @yunik We believed the issue was resolved. So, thanks for letting us know you are still experiencing an issue with this. I've made our Trust and Safety team aware of your recent issues.

Let us know if you have any additional questions or feedback to share.

Hi @rdaniels, I still see the issue (Frankfurt data center), CentOS8, with a "curl https://search.itunes.apple.com/", I still get "Service Unavailable".

The same curl from my Mac shows the itunesConnect calls that are the expected result.

F

Hi, the issue is still there. Please solve it.

@rdaniels the problem is still there, it's not solved yet.

I have an IPv6 /56 from Linode, routed to my Linode, with a /64 from this routed around our LAN from our Linode, and have the same problem. We have iPhones on the network which pick up a v6 address via SLAAC and route advertisement, and can't get updates from, or do searches on the Apple Store.

Hosts on the LAN also have RFC-1918 v4 addresses assigend via DHCP, masqueraded behind a dynamically assigned public address from Spectrum. I did a bit of jiggery-pokery on the network router (Linux) and so I can turn on and off IPv6 routing with a web script and everything falls back to v4 - and voila! The Apple Store is once again available!

I thought the problem might be something like a MTU issue, but this didn't compute, so it's at least good to hear that it's not MY problem.

Is this working for anyone?

How about on ipv4 only or ipv6 only?

Search.itunes.apple.com and other apple domains seem to be unblocked but their entire CDN edge is blocked still - the following fails.

curl https://api-edge.apps.apple.com

For god sakes didn't you test this?! Given how long it's taken to find someone at apple who takes you seriously it would have been prudent to make sure it's working while you had them responding.

@jackley and @rdaniels, could you please escalate this issue and have it fixed?

As OP said, other Apple subdomain(s) is(are) still blocked.

When I open App Store on iPhone, I'm very much blocked everywhere other than under the "Search" tab.

Also, I'm not getting any iOS updates unless I disconnect my Linode VPN server.

On my linode server:

$ curl https://api-edge.apps.apple.com
Service Unavailable

Thanks.

This is really annoying now. I’m proxying *.Apple.com using dns or https proxy to another host with a different provider. But in the end what’s the point, why not just switch to the other provider completely.

Still nothing?

I’ll wait 48 hours for a substantial answer after which we will start migrating our 140 Linodes to another provider.

Linode Staff

No substantive changes in this issue, unfortunately. We've recently heard from a contact at Apple who gave us some insight and new directions to pursue.

If you're a registered Apple Developer, our contact recommend that you reach out to Apple Developer Support and report that Linode's IPs are blocked (our ASN is 63949).

Just a follow-up question – I get inconsistent results when I attempt to curl certain URLs on or off my Linode's VPN. For example, I get this result no matter what:

~> curl api-edge.apps.apple.com
<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>
An error occurred while processing your request.<p>
Reference&#32;&#35;97&#46;6d321cb8&#46;1612380572&#46;e10688d
</BODY></HTML>

Likewise, I can also access this URL (and curl it) on or off the VPN:

~> curl search.itunes.apple.com
<html>
<body>
<p><a href="/WebObjects/MZAdmin.woa/">DJ</a>
<p><a href="/WebObjects/iTunesConnect.woa/">iTC</a>

Can someone attempt these and let me know what happens?

I understand how frustrating this is. We'll continue working on this.

This is what I get from my Linode in Fremont, CA:

stevewi@dave:~$ curl search.itunes.apple.com
<html>
<body>
<p><a href="/WebObjects/MZAdmin.woa/">DJ</a>
<p><a href="/WebObjects/iTunesConnect.woa/">iTC</a>
stevewi@dave:~$ curl api-edge.apps.apple.com
Service Unavailable

stevewi@dave:~$

I added the two LFs at the end for clarity.

-- sw

This works on my linodes with https, without it returns 302.

curl https://search.itunes.apple.com

This returns Service Unavailable on Linodes. From my own network it hangs.

curl api-edge.apps.apple.com

You should be trying:

curl https://api-edge.apps.apple.com

Which returns Service Unavailable on Linodes, but a html page with not found on a normal network.

....
    <h3>Not Found</h3>
    <p>The requested page could not be found.</p>
....

So it looks like a policy on the Akamai cdn setup by Apple.

https://community.akamai.com/customers/s/article/Why-is-Akamai-blocking-me?language=en_US

It’s possible it’s a reputation problem with linode and Apple have a reputation policy. It would be strange if they targeted linode directly.

@jackley have you contacted Akamai to check your ‘reputation’ with them and try to address that?

Ok so I ran the reputation tool from that site and it timed out for linode. It works fine on my own home network.

Seems like Akamai are blocking linode. I opened a ticket with more info. Let’s see what happens

So as of today (Feb. 23, 2021) I can access the Apple App Store through my linode wireguard vpn! This was still not working just a few days ago. Great work whoever got this sorted out! Thank you! This was the only mild annoyance I have encountered with your service. Now I give you a full five stars and 100% in customer satisfaction.

Yay! We (myself and Linode) sent emails to Akamai regarding the issue. I also sent an email to someone I know at Apple.

Neither side told me they had fixed it, so either linode did something or it’s a typical Apple response, fix but don’t acknowledge!

Ran tests across all regions and nodes and this is finally working!

Thank you.
It finally works with most of Apple services, but the verification service is still not working unfortunately.

Which verification service?

It is solved. Now all services work as expected.

Thank you.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct