New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Site IP address has been blacklisted #3445
Comments
We are looking into this right now. Until we resolve the issue, you can use the v2 endpoint ( |
Thanks. The v2 URL is working for some packages, but others are trying to redirect back to api.nuget.org. |
Can you clarify what you mean by "trying to redirect back to api.nuget.org"? Every package available on v3 (https://api.nuget.org) should be available on v2 as well. You can guarantee that it only hits v2 by disabling the v3 endpoint. Instructions on how to do so are available in the links above as well. |
Apologies for the confusion above. As you mentioned, the v2 URL does redirect to v3. We are actively investigating the issue and will post updates on the investigation to our Twitter handle at http://www.twitter.com/nuget as we learn more. |
Can you please also post status here as well? I can't get to Twitter at work. Thank you. |
Has there been an update on this...? Is the IP address a valid nugget address? 93.184.215.200 The IP 93.184.215.200 was flagged by DHS as having involved in election security compromises so it is being blocked. I will do more digging here. If you have any contacts at nugget.org, try to confirm whether it is the correct IP for api.nuget.org. I don’t want to have a compromised DNS send us to a malicious IP. |
My company and I are also facing this as the previous commenter has stated. This is slowly halting our development. Plus, can't use twitter at work. |
@wlafrance , @dangmike , we're aware of the issue and are working with our CDN provider to address this. Unfortunately, there is no workaround I can suggest. Thank you for your patience! |
We would like to sincerely apologize for this issue, and wanted to let you know that we have managed to get our CDN service provider to re-map our IP address. You should not be seeing any more issues, but if you do, please do let us know. |
As part of our security review, looks like the issue was resolved by changing the IP address of the target systems. Do you have more information from ISP/CDN as to why this was necessary? Specifically because the indicator was publish as part of a very high profile and publicized security threat. Any detailed information would be appreciative as this is a serious matter for our company. |
I'll have to get with my cyber security department on Monday and see if they can/will provide me with any detailed information about it. At present, all I can tell you is that the IP address in question was flagged by Homeland Security as having participated in a Russian attack against US interests during the last presidential election. |
On January 3, 2017, our CDN provider inadvertently changed one of our IP addresses to one that was identified on the blacklist. We worked with our CDN provider to have our original IP address reinstated. This issue is now resolved. |
I work for a subcontractor for the US DOE and the IP address for https://api.nuget.org (93.184.215.200) has been blacklisted for supposedly participating in a Russian cyber security attack. As such, I can no longer access the site or pull down packages. Since I have no way of making the DOE budge on this issue, is there any mirror or alternate IP address that I can use to access the site?
The text was updated successfully, but these errors were encountered: