China operates the most sophisticated internet censorship apparatus in the world. Known informally as the Great Firewall (GFW), it is not a single system but a layered architecture of technologies that filter, throttle, and block internet traffic at every level of the network stack. This guide covers the current state of censorship in 2026.

What Is Blocked in China (2026)

Completely Blocked

  • Google services: Search, Gmail, Drive, Docs, Maps, YouTube, Scholar
  • Social media: Facebook, Instagram, Twitter/X, Reddit, Pinterest, Tumblr
  • Messaging: WhatsApp, Telegram, Signal, Line
  • Media: Most Western news sites (NYT, BBC, Guardian, Reuters)
  • AI tools: ChatGPT, Claude, Gemini, Perplexity, Midjourney
  • Developer tools: GitHub (intermittent), npm (throttled), Stack Overflow, Docker Hub
  • Streaming: YouTube, Netflix, Disney+, Spotify, Twitch
  • VPN sites: NordVPN, ExpressVPN, Astrill, most VPN provider websites

Throttled or Intermittently Blocked

  • GitHub: Accessible but extremely slow, often 10-50 KB/s
  • Microsoft services: Bing, Outlook, Teams generally work; Azure DevOps intermittent
  • Apple services: iCloud, App Store work; some features degraded
  • LinkedIn: Accessible but the China version is heavily censored

How the GFW Works: Five Layers of Filtering

1. DNS Manipulation

When you type google.com, your device asks a DNS server for the IP address. China's ISPs intercept these queries and return incorrect (or empty) results for blocked domains. Even if you use Google's DNS (8.8.8.8), the queries can be intercepted and poisoned in transit.

2. IP Blocking

The GFW maintains blocklists of IP addresses associated with blocked services and known VPN servers. Packets destined for these IPs are silently dropped at the border.

3. Deep Packet Inspection (DPI)

Every packet crossing China's international gateways is analyzed in real-time. DPI systems examine packet headers, payload patterns, and protocol fingerprints to identify and block VPN traffic, even when the destination IP is not blocklisted.

4. Active Probing

When DPI suspects an IP might be a VPN server, the GFW sends its own test connections. If the server responds like VPN software rather than a legitimate web server, the IP is blocked.

5. Statistical Traffic Analysis

Machine learning models analyze traffic patterns -- packet timing, size distributions, connection duration -- to identify VPN connections that pass DPI. This is the newest and most sophisticated layer.

What Changed in 2025-2026

  • AI tool crackdown: ChatGPT, Claude, Gemini are now actively blocked, not just passively filtered
  • Improved DPI: Detection of Shadowsocks and Trojan protocols improved significantly
  • VPN website blocking: Even accessing VPN provider websites to purchase subscriptions is now blocked
  • Mobile data restrictions: China Mobile increased restrictions on international data traffic
  • Enterprise VPN detection: Corporate VPNs using standard protocols (OpenVPN, L2TP, IKEv2) face more frequent detection

ISP Differences

Your Internet Service Provider significantly affects VPN performance:

  • China Telecom: Best for international traffic. Uses 163 backbone (standard) or CN2 (premium). Most VPN-friendly of the big three.
  • China Unicom: Uses 169 backbone. Better than Mobile for international routing. Decent VPN performance.
  • China Mobile: Worst for VPN use. CMNet backbone has the worst international peering. Heaviest restrictions, especially on mobile data.

Sensitive Periods

The GFW operates at higher intensity during certain periods:

  • National People's Congress (March): Annual two-week period of maximum filtering
  • Tiananmen Anniversary (June 4): Days-long intensification
  • National Day / Golden Week (October 1-7): Week-long increased filtering
  • Communist Party Congress: Every 5 years (next: 2027), most severe restrictions
  • Major diplomatic events: Variable duration

What Still Works

Only protocols designed specifically for adversarial networks maintain reliable access:

  • VLESS+Reality: 98% success rate. Impersonates HTTPS traffic. Currently the most reliable approach.
  • Hysteria2: QUIC-based. Good performance but UDP throttling is a problem on some ISPs.
  • Trojan-Go: Mimics HTTPS but uses custom certificates. Less reliable than Reality during crackdowns.

For expats: The GFW is not going to get less sophisticated. Planning for reliable VPN access is not optional if you depend on Western internet services for work, communication, or entertainment.

Related Articles