Blogger Guest
by on April 6, 2022

The Great Firewall of China, or as it is officially called, the Golden Shield Project, is an Internet censorship project to prevent people from accessing specific foreign websites. It is the most advanced and extensive Internet censorship program in the world. This project implements multiple techniques and tactics to censor China's Internet and controls Internet gateways to analyze, filter, and manipulate Internet traffic inside and outside of China.

The reasons behind this Internet censorship are many, but most of them are to further the Internet policy of the Communist Party for political gain. By doing this, China is also able to force people to use Chinese alternatives for websites. For example, WeChat and Weibo, also allow the government to control the content that is published on these platforms.

Now, for a deeper understanding, the Great Firewall of China censorship is not only blocking individual foreign websites and service providers but is extensively scanning URLs and webpages for blacklisted keywords, among others. Neat technical tricks to monitor China's internet traffic.

The How and What of China's Great Firewall

The Great Firewall of China is something that is not straightforward to crack with transparent policies. It is a complex architecture with multiple layers of tricks controlled to block access to websites. It is designed in such a way that you will not even notice if the website has been blocked. For example, if you land on a website that is blocked, you won't see any warnings or information about it. Instead, you will be met with loading forever and other messages like timeout, connection error, network problem, etc.
This makes it very difficult to know what happened and you can only guess what the real problem is. Let's take a look at the different methodologies built into the Great Firewall of China.

DNS poisoning/Spoofing. Any website request initially goes to the DNS server to get the IP address of the website and accesses it at the responded address. If the DNS response is incorrect, you will not be able to access the website. If DNS caches are tampered with to contain incorrect IP addresses, it is called DNS poisoning. China does exactly that to block commonly known websites.

IP access blocking. This is a widely known and commonly used technique, also used by the Great Firewall of China, to prevent access to multiple IP addresses. Even if you try to access the website directly using the correct IP address of a website, if that IP is blocked using this technique, you will not be able to access it.

URL Analysis and filtering. The China firewall can block the entire website or selective web pages based on the requested URL scan for the blocked keywords. As a popular example, before China completely blocked Wikipedia in all languages, Wikipedia was accessible in China, but the Wikipedia article on internet censorship in China was not accessible due to the use of the blocking keyword of “internet censorship”. ”.

Deep packet inspection. Deep Packet Inspection (DPI) techniques are also implemented by the Great Firewall of China to extensively inspect unencrypted incoming and outgoing network traffic for packets, filtering and blocking data packets containing sensitive information censored by China.

Reset connections. The Great Firewall of China also uses the trick to reestablish connections between two communication devices/servers, as long as the transmitted data is qualified as sensitive data. This essentially means that after blocking the data packets, the firewall can also re-establish the client-server connection for a certain period of time.

VPN blocking. What do you do when a website is blocked? Try to access it through an encrypted VPN. Well, the Great Firewall of China is continually learning the evolving attributes of a VPN traffic to terminate known VPNs as well as new VPNs.

Legal Corporate Censorship. As you may have already guessed, to orchestrate the level of censorship that the Great Firewall of China does, Chinese companies are also required by law not to distribute sensitive information that is censored. And if they do, knowingly or unknowingly, a heavy fine and punishment are imposed.

What does this mean for your websites and apps?

As we've said before, how China controls Internet traffic isn't completely transparent, but now you have a pretty good idea of what the Great Firewall of China is capable of. So what does this mean for your business? Let's take a look at the issues your websites or apps will face when accessed from China.

If you have any sensitive information anywhere on your website or app that you don't know about, you will be blocked at least partially, if not completely.
If you use third-party services that are blocked in China, including open source libraries from blocked providers, your websites or applications will not function properly or even be inaccessible from China.

If you post ads from Google Adsense or other blocked companies, along with ads that are banned in China, they will not appear on your page and your websites or apps may also face access restrictions.

Since the traffic to your website or app will go through intensive inspections, you will face constant website speed and performance issues.
China has a huge population, so your website or app will face a lot of stress during peak times like morning and afternoon, causing performance issues.

Again, as censorship is not transparent, it is hard to predict all the kinds of problems your websites or apps will encounter in China. So, let's take a look at how you can approach and strategize to ensure your websites and apps work properly in China.
How to Bypass the Great Firewall of China: Approaches and Solutions

Internet and Information are free birds by origin. You can try your level best to censor the Internet and withhold information, but you can't block everything. Such is the case of the Great Firewall of China. As censorship is evolving, so are the approaches and tools to find it at the same time. Here is how you can tackle the problems caused by censorship with the tools and techniques available.

Monitor your website speed from China. With a large population and censorship, websites behave differently in China, using a monitoring tool that gives you the ability to monitor your website speed from within China so you can identify and optimize for it.

Monitor third-party services from China. As your website may be perfectly fine, problems with third-party services can bog down your China website block test, so you need to monitor them thoroughly from inside China with a good web service monitoring tool.
Pair with a local CDN. To increase website speed and reliable content delivery, you can opt for a local Chinese CDN like Alibaba Cloud or Baidu Cloud, for example.

In Conclusion: Website Performance Monitoring from China

In short, if you are entering the Chinese market and have identified a substantial user base there, it is critical that you continually monitor the performance of your website from China and identify ongoing performance issues. Monitoring from outside the Great Firewall of China, from external locations, is not enough. Choose a monitoring solution with the ability to test your website from multiple geolocations, including China. Dotcom-Monitor provides a number of free online network performance tools, including a great firewall test to check the performance of your websites, applications, servers, and more, from behind the Great Firewall of China.
Posted in: Internet, Networking
Be the first person to like this.