How China’s Great Firewall Works

You know the Great Wall of China, but how about the Great Firewall of China? Much like the wall was built to keep unwanted enemies out, so is the firewall. The firewall censors the internet against undesirable content, blocking access to various foreign websites deemed inappropriate or hostile based on local laws and regulations. Internet service providers in China must be licensed by the Ministry of Industry and Information Technology. This means that the government can monitor and control the content distributed. If you’ve been trying to tap into the Chinese market with little or no success, it could be that your website is blocked or affected by this practice. Check out the Great Firewall of China testing tool to see if your website is blocked in China.

If you open a window for fresh air, you have to expect some flies to blow in. Deng Xiaoping’s words continue to be the cornerstone of the Great Firewall of China. But, how does the firewall work? It is deployed under a legal framework supported by sophisticated techniques evolving as new technologies emerge. It doesn’t employ a single approach, making it harder for users to circumvent its measures. Among the ways the firewall works to keep sites and content out of China includes:

Blocking IPs

Blocking IP is the most straightforward measure the firewall uses. Blocking access to a given IP address means that it won’t be possible to access it directly or with an unofficial DNS server. If you are using shared hosting, and a blocked IP is included in the servers, your site might be blocked as well.

DNS poisoning

DNS cache poisoning or spoofing technique is common among hackers. It involves redirecting your traffic to a fake web server. The Great firewall sends you an invalid response and, consequently, redirects you to a long location, meaning that you can’t connect to a given address. Poisoning DNS caches with wrong website addresses is deceptively creative, keeping users from accessing certain content.

URL filtering

The firewall analyzes and filters URL databases, looking for sensitive content. The firewall selectively filters or blocks its access if your website contains sensitive keywords. For example, your homepage could be accessed in China, but a certain page is blocked as it contains content deemed sensitive. For instance, http://en.wikipedia.org/wiki/Internet_censorship_in_the_People’ s_Republic_of_China is blocked in China, while http://en.wikipedia.org is accessible.

Deep packet inspection (DPI)

Packet filtering techniques involve the location, identification, classification, and rerouting or blocking of certain data packets. While packet filtering only focuses on headers, DPI digs deeper, examining unencrypted packets and capturing sensitive content. The firewall blocks websites containing controversial keywords, not just on the headers. It may also detect certain patterns by its AI powered algorithm, such as gambling or pornography websites, which are prohibited in China.

Blocking Virtual Private Network (VPNs)

VPNs are integral tools in the modern tech-oriented arena. While initially enough to work around the Great Firewall, advancements have been included to kill VPN connections. The firewall learns what encrypted VPN traffic looks like and, once spotted, is killed.

With the many techniques, bypassing the Great firewall of china can be overwhelming. Since the implementation of the Chinese Firewall in the 1990s, no success stories have been reported to have circumvented the technology. It follows that the best practice is to avoid being blocked by the firewall. Specialized services have come to the rescue for foreign businesses to keep an eye on the accessibility of their websites in China and to optimize their performance. Goclickchina.com is one of such firms to offer monitoring and testing services as well as consulting services to foreign businesses so as to ensure their success in China’s market.