Posted By RichC on April 20, 2014
I was reminded the other day just how casual those of us living in a democracy take our freedom to worship … or at least some of need a reminder. My reminder came when a websiite I help manage for my friend Keith Thomas, had its access shut down in China (as well as a couple Islamic countries). The trigger, besides being a Christian Group Bible Study site, seemed to be a Chinese tab that I added early in the week to offer Chinese translations of study materials. Perhaps there is an automatic block in a few of the server locations which are triggered by certain “characters” or combinations of words … or maybe the servers were just down for several hours? Nevertheless, after removing the “tab” and Chinese characters the site is once again functioning normal. Besides the recent Heartbleed bug, the incident is a good reminder to update server software and update to WordPress 3.9 on several servers.
The Golden Shield Project … or more appropriately, “The Great Firewall of China” with a few method of blocking from Wikipedia noted below:
The access to a certain IP address is denied. If the target Web site is hosted in a shared hosting server, all Web sites on the same server will be blocked. This affects all IP protocols (mostly TCP) such as HTTP, FTP or POP. A typical circumvention method is to find proxies that have access to the target Web sites, but proxies may be jammed or blocked. Some large Web sites allocated additional IP addresses to circumvent the block, but later the block was extended to cover the new addresses.
DNSfiltering and redirection
Doesn’t resolve domain names, or returns incorrect IP addresses. This affects all IP protocols such as HTTP, FTP or POP. A typical circumvention method is to find a domain name server that resolves domain names correctly, but domain name servers are subject to blockage as well, especially IP blocking. Another workaround is to bypass DNS if the IP address is obtainable from other sources and is not blocked. Examples are modifying the Hosts file or typing the IP address instead of the domain name in aWeb browser.
Scan the requested Uniform Resource Locator (URL) string for target keywords regardless of the domain name specified in the URL. This affects the Hypertext Transfer Protocol. Typical circumvention methods are to use escaped characters in the URL, or to use encrypted protocols such as VPN and SSL.
Terminate TCP packet transmissions when a certain number of controversial keywords are detected. This affects all TCP protocols such as HTTP, FTP or POP, but Search engine pages are more likely to be censored. Typical circumvention methods are to use encrypted protocols such as VPN and SSL, to escape the HTML content, or reducing the TCP/IP stack‘s MTU, thus reducing the amount of text contained in a given packet.
If a previous TCP connection is blocked by the filter, future connection attempts from both sides will also be blocked for up to 30 minutes. Depending on the location of the block, other users or Web sites may be also blocked if the communications are routed to the location of the block. A circumvention method is to ignore the reset packet sent by the firewall.
How to check sites for restricted access in different countries:
There are at least three reliable services that help you test Internet filtering in China using more or less the same method. They have computers located in different cities of China that try to access your site using the ping command.
If you get a "Packets lost" error or there’s a time-out while connecting to your site, chances are that the site is restricted.
1. Just Ping – They have checkpoints inside Hong Kong and Shanghai in China.
2. Watch Mouse – This service too has monitoring stations inside Hong Kong and Shanghai in China.
3. Website Pulse – In addition to Hong Kong and Shanghai, Website Pulse conducts website connectivity test from a computer located in Beijing as well.
Unlike the previous two services that simply do a ping test, this service connects to your site and tries downloading the complete HTML web page. The total response time shows how long it takes for your website to download.