How to use DNS to block iOS 7, and other updates too

  • strict warning: Only variables should be passed by reference in /var/sites/e/ on line 61.
  • strict warning: Only variables should be passed by reference in /var/sites/e/ on line 61.
  • strict warning: Only variables should be passed by reference in /var/sites/e/ on line 61.
  • strict warning: Declaration of views_handler_field_user_name::init() should be compatible with views_handler_field_user::init(&$view, $data) in /var/sites/e/ on line 61.
Your rating: None (6 votes)

[updated 6:16 PM EDT]

iOS 7 is arriving tomorrow. Those of you with many devices and little bandwidth (I'm looking at you, education) may be worried about those multiple 1GB+ downloads. Apple's caching server (currently in beta) isn't going to help yet — iOS 6 doesn't know how to use it. So here is something that may help.

iOS devices check for new versions by polling the server This is done via HTTP, port 80. Specifically, the URL is:

If you block or redirect, you will inhibit the check for software updates. If you are really ambitIous, you could redirect the query to a cached copy of the XML, but I haven't tried that. Please remove the block soon; you wouldn't want to prevent those security updates, would you?

Good luck. For the rest of you, happy updating tomorrow! We be here with plenty of news.

Share your ideas

thomrburg's picture


Joined: Jun 8, 2012

No brainer

Your rating: None

At 650MB a pop and 18k devices, we would've been killed today with this update. We setup a content filtering rule to block during school hours. After school, proxied traffic (all of our devices are using iOS Global Proxy) accounted for 90% of all bandwidth. We'll definitely be taking advantage of Mavericks' Caching Server 2 when released, but this was a great little workaround for the time being.



Thomas Burgess
@thomrburg |

ahauerwas's picture


Joined: Oct 1, 2013

Similar technique to block AppleTV updates

Your rating: None

I don't know if this is the right place to post this, but I use a similar technique to block AppleTV updates in my enterprise. We have rolled them out to classrooms to support AirPlay (using Aruba's AirGroup to manage Bonjour traffic), and I was concerned that AppleTV's would "halt" when they realized an update was available. (If they detect an update, they ask if you want to adopt it and you have to answer the question with a remote before you can proceed!)

I used SourceForge's DualServer ( on a virtual machine exclusively as a DNS server, where I created static entries for as well as Those "fake" entries point to, and then I override my AppleTV's DNS settings to my "cache-poisoned" DNS server. Voila! No updates for AppleTV's.

One issue is that the AppleTV's are still getting any "over-the-air" updates where they periodically update the channel providers. They are unable to receive iOS updates because of blocking Apple's servers, but I'm wondering if it's possible to block the OTA updates?

Any pointers would be appreciated -- and thanks for the site! I'm a newbie, but there's a wealth of information here.

- Adam


Recent Activity