Supabase shares lessons from three real regional network blocks in the UAE, Yemen, and India between September 2025 and March 2026. In each case, a single abusive project on the platform triggered ISP or government-directed blocks affecting all tenants. The UAE block lasted 18 days after a streaming rights violation; Yemen's 8-day transport-layer block was resolved when a customer physically visited the ISP; India's 8-day block under Section 69A was lifted after direct engagement with MeitY. Key takeaways: customer relationships proved decisive in all three resolutions, Cloudflare cannot intervene in government-directed blocks, and VPNs remained effective throughout. Recommendations for infrastructure providers include proactively building regulator relationships, improving abuse response pipelines, and expanding workaround capabilities like proxy domains and custom domain support.
Table of contents
Mitigating blocks with the Public Suffix List #Why do countries and ISPs block domains? #Three recent examples of regional network blocks #Workarounds we provided #What these incidents have in common #What steps can infrastructure providers take? #A note to our users in affected regions #Sort: