Reference note about archive.today and Cloudflare DNS.

archive-dns-issue.md

Problem

If you use Cloudflare's DNS (1.1.1.1), then the popular web archive archive.today (and the related sites archive.ph, archive.is, archive.li, archive.vn, archive.md, and archive.fo) will either fail to resolve, or show an infinite CAPTCHA loop. If it does resolve when you're on Cloudflare's DNS, you may have the domain locally cached.

Solution

Fix this problem by:

• Configuring dnsmasq on your local DNS server to use an alternate DNS server for archive.today (see comment from @joshenders below), or
• Connecting to a VPN before connecting to archive.today (only works if the VPN uses different DNS servers), or
• Temporarily switch DNS to resolve and locally cache the domain, then switch back to Cloudflare

Check if it's still a problem

This has been an issue since at least 2019. To check if this is still an issue today:

In PowerShell:

# Resolve archive.today using Cloudflare DNS
PS> Resolve-DnsName archive.today -Server 1.1.1.1 -DnsOnly

Name                                           Type   TTL   Section    IPAddress
----                                           ----   ---   -------    ---------
archive.today                                  AAAA   85976 Answer     2606:4700::1114
archive.today                                  A      86400 Answer     1.1.1.4

# Resolve archive.today using Google DNS
PS> Resolve-DnsName archive.today -Server 8.8.8.8 -DnsOnly

Name                                           Type   TTL   Section    IPAddress
----                                           ----   ---   -------    ---------
archive.today                                  A      300   Answer     23.137.249.79

In bash:

# Resolve archive.today using Cloudflare DNS
$ dig +short @1.1.1.1 archive.today
1.1.1.4

# Resolve archive.today using Google DNS
$ dig +short @8.8.8.8 archive.today
23.137.249.79

If the A record resolves to 1.1.1.4 like in the examples above, then it's still an issue.

Resolved?

According to some reports online, this problem was resolved in May 2022. However, it looks like this resolution was only temporary because the sites will not resolve again as of July 2023.

Resolved? (v2)

As of August 2024 it looks like this issue is resolved. Meaning Cloudflare's DNS successfully resolves to the archive.today domains and there's no more infinite CAPTCHA loop. Hooray!

References

https://news.ycombinator.com/item?id=19828702

https://jarv.is/notes/cloudflare-dns-archive-is-blocked/

https://twitter.com/archiveis/status/1018691421182791680

issue is back again. archive.today has thrown its toys out of the pram with cloudfare's 1.1.1.1 DNS servers again. its the same issue. 8.8.8.8 works fine

issue is back again. archive.today has thrown its toys out of the pram with cloudfare's 1.1.1.1 DNS servers again. its the same issue. 8.8.8.8 works fine

Thanks for letting me know, I updated the gist to say it was only temporarily resolved last year.

Connecting to a VPN resolves this issue by side effect and may not work for everyone.

The reason it makes any difference at all is because your VPN software is configured such that when you enable it, you’re using different DNS servers which support RFC-compliant edns-client-subnet. This is a DNS issue, not a network issue.

The best fix is to use alternate upstream DNS servers for the archive.today domains which respect edns-client-subnet as standardized in rfc7871.

If you’re using dnsmasq on your local dns server (usually your router), you can configure dnsmasq to use an alternate dns server for the archive.today family of domains and this will fix it permanently.

server=/archive.today/<ISP DNS IP>
server=/archive.is/<ISP DNS IP>
server=/archive.md/<ISP DNS IP>
server=/archive.ph/<ISP DNS IP>
server=/archive.li/<ISP DNS IP>
server=/archive.vn/<ISP DNS IP>
server=/archive.fo/<ISP DNS IP>

Connecting to a VPN resolves this issue by side effect and may not work for everyone.

Thanks for this clarification, updated the gist to note this.

If you’re using dnsmasq on your local dns server (usually your router), you can configure dnsmasq to use an alternate dns server for the archive.today family of domains and this will fix it permanently.

Great solution and thanks for sharing this! I agree this is a better way and I've updated the gist to note this as the first solution.

If I use Firefox and its own cloudflare or NextDNS in DNS over HTTPS, then I'll get infinite captcha loop. If I use a custom URL, like https://unfiltered.adguard-dns.com/dns-query, everything works.

Problems with archive and NextDNS. Solved bij giving in manual entries to all adresses.