Do you know what one of the hardest things about visiting China is?

As the most advanced surveillance state in the world, leveraging online privacy/anonymity in the country is an impossible feat to achieve. China’s system of high-tech spying is unescapable; someone is always watching you.

It’s like you’re roaming around naked, digitally. Excuse the bad example. That’s actually how I felt when I visited Mainland China two years ago. I experienced “The Great Firewall” in all its might.

Twitter, Instagram, Facebook, WhatsApp, Gmail, and other Google services were all blocked. I couldn’t even get a VPN that could bypass the ban, which led to my research on “working” recommendations.

I came up with this listing of the 5 best VPN for China, after putting in 240+ hours, into testing over 80+ providers, determining the top “working” choices for you:

The 5 Best VPN for China in 2019

#1 NordVPN

NordVPN Logo

Pros: 5700 servers in 60 countries. Six simultaneous connections. Unblocks VoDs like US Netflix and BBC iPlayer. Obfuscation for bypassing GFW in China.

Free trial available. Ad/Malware/Tracker blocker. Apps for all platforms/devices, including Android TVs. P2P/File Sharing with specialized torrenting servers.

Cons: Money back guarantees take 30 days. The monthly plan is costly.

Final Verdict: NordVPN is a Panamanian-based provider, which indicates it is completely free from the censored internet and government surveillance, as it is away from 5, 9, and 14 Eyes Alliances.

To our satisfaction, it also adopts a strong focus on privacy. The VPN boasts a no logs policy and provides military-grade, 256-bit AES encryption for maximum security.

At the same time, it offers all the advanced features to keep your identity anonymous. These include Automatic Kill Switch, DNS Leak/IPv6 Protection, Stealth Mode, Tor, and Double Hop!

Users in China can download NordVPN from their dedicated Chinese page here: http://nord-for-zh.com/

How to Bypass the GFW via NordVPN

In order to bypass the GFW using NordVPN, you will need to connect to their obfuscated servers, available only on their Windows and Android apps.

  1. Download the NordVPN Windows app
  2. Enter your login credentials to use the VPN
  3. Go to “Settings” and click on “Advanced Settings”
  4. Check the “I know what I am doing” box
  5. Enable the “Obfuscated Servers” option
  6. Enjoy bypassing VPN Blocks in China!

How to Bypass the GFW via NordVPN

#2 ExpressVPN

ExpressVPN Logo

Pros: 2,000+ server’s network in 160 locations. Six simultaneous connections. Unblocks US Netflix and other VoDs. StealthVPN bypassing GFW in China.

P2P/Torrenting support. 30-day money back guarantee. Split Tunneling and Automatic Kill Switch. Available on iOS, Mac, Windows, and Android.

Cons: Overall Expensive Service. No Port Forwarding Option.

Final Verdict: ExpressVPN is one of the leading privacy tools in the marketplace, offering unmatched security and privacy to users around the world. It is away from “Internet Enemy” jurisdictions.

The provider even offers a verified zero logs policy, which even the Turkish Authorities could not break, during an investigation concerning the assassination of the Russian Ambassador of Turkey.

Users in China can download ExpressVPN from their dedicated Chinese page here: http://exp4links4.net/

How to Bypass the GFW via ExpressVPN

In order to bypass the GFW using ExpressVPN, you will need to connect to their StealthVPN servers in Hong Kong, specifically designed to defeat censorship in China:

  1. Download the ExpressVPN Windows app
  2. Log into your account and enter activation code
  3. Connect to servers designated for China Users
  4. For instance, Hong Kong – 2 uses Obfuscation
  5. Enjoy bypassing VPN blocks!

How to Bypass the GFW via ExpressVPN

#3 Surfshark

Surfshark Logo

Pros: 800+ servers in 50 countries worldwide. MultiHop Feature. CleanWebTM (Ad/Tracker/Malware Blocker) Automatic Kill Switch and Wi-Fi Protection.

Budget-Friendly costs ($47.76 for 2 years). Legacy Simultaneous Connections (No Limits – USP of the provider). WhitelisterTM for specifying VPN connection.

Cons: Support Needs Improvement. Uses Virtual Locations.

Final Verdict: Based in the British Virgin Islands, Surfshark just like the names above is located in a safe jurisdiction, where user privacy is respected and protected.

The newcomer has become quite famous in a short time, due to its ability to unblock VoDs and bypassing the GFW in China. Their apps and quite user-friendly too.

Users in China can download ExpressVPN from their dedicated Chinese page here: https://shark-cn.com/

How to Bypass the GFW via Surfshark

If you want to bypass the GFW using Surfshark, you will have to activate their “NoBordersTM Mode”, which offers extra security for enjoying the open internet without blocks/restrictions.

  1. Download the Surfshark Windows Application
  2. Subscribe to a plan and enter your login details
  3. Click on the “Gear” icon on the top right corner
  4. Navigate to the “Advanced” settings menu
  5. Activate the “NoBordersTM Mode”
  6. Connect to any available servers!

How to Bypass the GFW via Surfshark

#4 Astrill VPN

Astrill VPN Logo

Pros: 400+ servers in 115 cities across 64 countries. Unblocks US Netflix and BBC iPlayer UK. Five multilogins. Smart Mode for activating VPN on specific sites.

Application Filter to choose which apps use VPN. WireGuard support. VPN sharing and App Guard. Automatic Kill Switch and StealthVPN.

Cons: No 24/7 Live Chat. Expensive monthly subscription.

Final Verdict: Based in Seychelles (away from 5, 9, and 14 Eyes Alliances), Astrill VPN is another reliable service for circumventing geo-restrictions in China.

The provider offers an undefeatable StealthVPN feature, which enables you to tunnel all sites and connect to servers in different countries for access in China.

How to Bypass the GFW via Astrill VPN

If you want to access Astrill VPNs obfuscated servers, you will have to use their “Tunnel All Sites” mode. You can activate it by following the easy steps below:

  1. Install the Astrill VPN Windows app
  2. Enter the login details inside the app
  3. On the top right corner, click on “OpenVPN”
  4. From the list of options, select “StealthVPN”
  5. Select “Tunnel All Sites” Mode
  6. Connect to any specialized Server Available!

Bypass the GFW via Astrill VPN

#5 TorGuard

TorGuard Logo

Pros: 3000+ servers in 50+ countries worldwide. OpenConnect SSL. Simultaneous Connections on Five Devices. StealthVPN for bypassing GFW in China.

Supports SOCKS5/SSH/HTTP/SSL. MITM attack protection.  Secure G/PGP encryption. Perfect forward secrecy available. Dedicated IP addresses!

Cons: Based in an FVEY. Confusing Pricing Plans.

Final Verdict: Despite being based in the US, TorGuard tends to be quite a resilient service, offering users protection from the government mandatory data retention.

There have been zero instances of the provider cooperating with security agencies. Their security is unmatched and the availability of dedicated IPs further boosts its credibility.

How to Bypass the GFW via TorGuard

In order to bypass the GFW using TorGuard, you will have to connect to the VPN’s Stealth servers in China. Follow the steps below to access them inside the app:

  1. Download and install TorGuard
  2. Enter your login details
  3. Access the server listings
  4. Select any of the “Stealth” servers
  5. Use the “UDP” protocol
  6. Hit the “Connect” button!

Bypass the GFW via TorGuard

An In-Depth Analysis of 80+ Providers for Bypassing GFW in China

You may think that finding a working VPN in China is a simple task. Oh hell no, it wasn’t. I faced great difficulty in testing VPNs for bypassing the GFW.

Since I do not reside in the country, the task further became difficult. This urged me to get in contact with one of BestVPN.co’s representatives in Beijing.

He has a rented server, so I downloaded WeChat to be in-tune with all the tests on Video Call. My technical analyst and me, tested over 80 VPNs.

Large scale testing of VPNs is quite a difficult task, as anyone caught could be handed over to the Chinese authorities. So, I’m just glad our representative is safe.

Concerning the results, you can look at the Google Spreadsheet I embedded below. Here you can see 3 categories of VPNs in China: Active, Inconsistent, and Inactive.

How Does China Block Sites and VPNs via GFW?

In an attempt to strengthen Cybersecurity, the Chinese Government has passed several controversial laws; stifling political dissent, affecting communication technologies, the formation of international entities, eliminating “freedom of speech”, and affecting areas of academia to business and policymaking.

The country wants zero reliance on anything “outsider” and even takes action against services that could bypass their laws i.e. VPN China services. If you’re like me, this could trigger some curiosity, as to how is China doing this.

Below I dissect the many methods of China’s censorship machine, diving into the technology behind the infamous “Great Firewall” a.k.a. GFW:

Let me warn you, things do get quite technical. I’ll try my best though to simplify it as much as possible…

Blocking Websites

IP Blocking i.e. Deploying a Blacklist

This method involves the creation of a blacklist that includes undesirable IP addresses. Routers drop all packets destined to blocked IPs, which in terms of privacy tools, includes the addresses of VPN sites.

In China, an IP blacklist is injected via Border Gateway Protocol (BGP) using null routing. Since this is a lightweight censorship solution, the government doesn’t need much involvement from ISPs.

DNS Tampering via DNS Poisoning

DNS-related blocking techniques work in conjunction with IP blocking. Those who indulge in the tampering of DNS addresses falsify the response returned by the DNS server via intentional configuration or DNS poisoning,

This DNS server can lie about associated IP addresses, authoritative servers for the domain, any CNAMEs related to the domain, or the existence of the domain itself.

DNS Tampering via DNS Poisoning

China uses this tactic to map Facebook’s domain name to a false address. For the domain name facebook.com, only 1% of vantage points in China, return a mapping to 66.220.158.68, where 94.5% of all vantage points do around the world.

Upon digging further, it is visible that at least 71.1% of vantage points return a mapping to 159.106.121.75, an address that no other country’s servers return, which shows that China has poisoned Facebook’s domain name to a false address.

DNS Hijacking – Injecting Fake DNS

Apart from DNS tampering, routers can disrupt unwanted communication through any channel by hijacking DNS requests containing banned keywords and injected forged DNS replies.

According to researchers, China uses a blocklist of around 15,000 keywords with injections of fake DNS, which block sites even when you utilize a third-party DNS resolver outside the country.

Other More Advanced Techniques

  1. Collateral DNS Damage – When China deploys DNS injections, their Firewall does not separate incoming/outgoing traffic, resulting in large-scale collateral DNS damage. According to research, 15,225 open-resolvers outside China were affected in about 79 countries.
  2. Deep Packet Inspect (DPI) – Working in coordination with an Intrusion Detection System (IDS), China uses DPI for the instant analyzing of connections and blocking, re-routing, or logging it accordingly. All packets incoming to China pass through their Firewall, making blocking of VPN connections easier and less disruptive.

Blocking VPN Services

“Blackholing” VPN Servers

The fire line of defense for China against VPNs is to blackhole websites and services using BGP. A Protocol designed to allow routers to communicate efficiently and inform which resources are and aren’t available to other routers.

Blackholing prevents the TLS handshake from completing, which in turn mitigates the protection offered by VPNs, eventually adding their IPs to their blacklist.

“Blackholing” VPN Servers

Most VPNs have at least two to three servers blackholed by China. CactusVPN, Keenow Unblocker, and VPNArea are a few examples. All of their servers are blackholed.

Attacking the OpenVPN Protocol

OpenVPN (TCP and UDP) is a famous protocol for leveraging anonymity. It is most suited for countries with tough internet laws like China, Egypt, UAE, Iran, Iraq, Turkey, etc.

XOR Obfuscation used alongside the OpenVPN helps providers in bypassing VPN bans in such countries. Governments can’t shut OpenVPN down, due to its utility in enterprise networks.

However, China is getting increasingly clever at identifying unauthorized OpenVPN traffic, particularly those routing it through port 443, intended to disguise OpenVPN as HTTPS traffic.

TCP RST Floods to Shut Down Dissident Devices

The Chinese Government has also adapted towards tackling L2TP over IPSec, which in place of OpenVPN worked quite well, until a few years ago.

Many have experienced an instant blocking of connections deriving from L2TP over IPSec protocols because the GFW shuts them down using TCP RST Floods.

Of course, different configurations may help in bypassing the VPN block in China, but for now, it is safe to say that some modules provide weaker encryption and can be shut up.

Alternatives to Using a VPN in China

It is hard to doubt the usefulness of VPNs, particularly for unblocking VoD services and engaging in P2P/Torrenting. These tools are the epitome of enjoying anonymity.

Especially, in countries like China, where “The Great Firewall” bans access to all foreign services. Does this mean you should rely on VPNs entirely? Not necessarily!

These are two alternatives you can use to receive internet freedom in China:

Data-Roaming with a Foreign SIM Card

Buy a data-roaming SIM from any foreign country or simply from Hong Kong. You can find many SIM cards with data roaming activated for as low as $19.99.

These SIMs have their own data plans. Usually, they come with a 1.5GB data limitation. However, you can opt for a more suitable plan, if it suits your budget.

One of the best China Data SIMs I recommend is from a company called GMHK. You can get the SIM from this eBay link here for $19.99. Shipping costs may add $5.99.

Simply add the SIM in your phone and enjoy unblocking all your favorite apps/websites/services without any hassle!

ShadowSocks Proxy

Created by a Chinese programmer called “Clowwindy”, the ShadowSocks Proxy is a open-source encrypted proxy project. It is used very commonly in mainland China.

This because of its ability to anonymize your network. Unlike other proxies, ShadowSocks utilizes encryption. This allows users from anywhere worlwide to bypass firewalls

The best part of all: you do not have to pay a single penny for using the ShadowSocks Proxy. You can try it by clicking here.

States in China that Do Not Require a VPN Service

Hong Kong and Macau are famous destinations for many, thanks to their amazing nightlife, modern architecture, vibrant lifestyle, and. modern architecture.

At the same time, they exist as the safest locations in terms of internet censorship laws. Where China blocks all access to the outside world, Hong Kong and Macau believe in a FREE lifestyle.

Residents of both states do not have to face the torment of a walled-off internet. However, this still does not mean that the Government or Communist Party is not watching your every move.

Also, there is not much time until the agreement between both states with China regarding internet laws and censorship changes. So, it is still vital invest in reliable VPN solutions.

How to Protect Yourself from Government Surveillance in China

The “Great Firewall of China” has amassed a great reputation for being incredibly hard to penetrate, preventing users within the country from accessing services in other countries.

The Government tries its best in controlling what content is available for seeing to its citizens. In light of this, they indulge in internet surveillance activities. Follow the steps below to protect yourself:

  1. Keep All Data Off the Cloud – All your passwords, documents, and pictures could become part of the internet data lump. Try moving all your personal information to a secure external hard drive or USB, preferably encrypted.
  2. Use End-to-End Encryption –For protecting all your private conversations, it is crucial to use end-to-end encryption. One of the most famous tools that offer this feature is “off-the-record (OTR) messaging).
  3. Add Strong Passwords to All Accounts –Whether it’s your email, social media, or any other account, make sure to always keep strong passwords with a mix of alphabets, numbers, and various characters.
  4. Use VPN over Tor Configuration –Nothing beats the VPN over Tor configuration by adding an extra layer of privacy! It is almost impossible to trace your identity, as your network passes thousands of nodes around the world.
  5. Use Anti-Virus/Malware Software –Many anti-virus and malware solutions come equipped with advanced tools and threat detection systems that disable the network upon identifying any kind of attack.

What Sites are Blocked in China? Updated List 2019

By the end of 2017, Mainland China managed to block over 3,000 websites from around the world, under the country’s infamous internet censorship policy.

I have compiled a list of some of the important ones below, but if you want a complete overview, check this link out.

Apps block in China

When in China, you cannot access certain apps for communication. These include KaKao Talk, the freeware app LINE, and even WhatsApp.

The country even blocks Google Play and related services, which means you cannot access apps like Calendar, Gmail, Docs, Drive, and Translate.

Work Tools block in China

China blocks many popular tool websites like Android, Xing, Scribd, WayBackMachine, iStock Photos, ShutterStock, Dropbox, VPNs, OneDrive.

It also bans Feedburner, Twitter URL Shortener, Google URL Shortener, Bit.ly, OpenVPN, ThePirateBay, 4Shared, Change.org, PasteBin, and Archive.org.

Popular Websites block in China

You completely lose access to various websites like VPN Coupons, Slack, Yahoo, Skype and anything linked to the outside world.

Heck, this even includes SoundCloud. You will not be able to listen to your favorite music on the website.

Social Media Sites Block in China

Of course, if the country has taken measures to block access to websites worldwide, it also made sure to include social media.

You cannot access Hootsuite, Hangouts, Google+, Flickr, Blogger, BlogSpot, WordPress, Picasa, Snapchat, Tumblr, Instagram, Twitter, or Facebook.

Search Engines Block in China

Google, and all versions of the search engine, which include Google.com/ncr, Google.de, and Google.hk will be inaccessible.

In addition to this, China has even blocked various versions of Yahoo, Baidu, and Duck Duck Go. You will have to rely on Bing primarily!

Media/Magazines Block in China

China also makes sure you have no way to learn about the happenings in other countries.

The country blocks Wikipedia, WikiLeaks, Google News, L-Equipe, LeMonde, Reuters, Bloomberg, The Economist, and The Wall Street Journal.

Video Sharing Sites Block in China

Perhaps the most depressing of all is the inability to access Snapchat, Instagram, Periscope, Twitch, Daily Motion, Vimeo, Netflix, YouTube, BBC iPlayer, Amazon Prime, and even porn websites, without exception. You will only be able to access Chinese content.

Data Retention Law and Urge of VPNs in China

As compared to the previous rather regressive and controlling laws, China has now introduced the long-awaited “National Standards on Information Security Technology”.

Enforced on May 1st, this new law will act as the de facto standard for handling and retaining information, while clarifying under what circumstances your data will be recorded.

Typically, under the Cybersecurity law, explicit consent will be required for the collection/use of personal information.

This indicates that network operators no longer have the ability to disclose, processing, storing or collecting personal information unless you give your permission.

If “consent” is not provided, data processing is only permissible in circumstances where the identity of the said person is anonymized, ensuring the information cannot be restored to its original state.

However, despite China significantly improving its data retention laws, it is still quite a jumble to trust that your information is not under government surveillance.

The most favored content in China is in their regional language i.e. Mandarin but as of now, Chinese people are also exploring translated content in English, which has made the authorities cramp down on this sort of content as its “external influences” are not in line with Chinese Government regulations.

China Planning to Ease Internet Censorship – Fake News or True?

There are plenty of rumors circulating that China is working its way towards easing internet censorship. However, sorry to burst your bubble lads, this news still needs to be vetted, after all, China is an authoritarian Communist dystopia.

Though not entirely false, there are talks about softening internet laws in at least one province. On June 21st, the Chinese Communist Party introduced a three-year plan for transforming the South Island province of Hainan into a FREE trading port.

Along with plenty of other suggestions, one involved the permission to access certain websites, which are currently inaccessible/blocked – thanks to the “Great Firewall of China”.

To attract more tourists and visitors to Hainan, the plan recommended unrestricted access to social media sites like Twitter, YouTube, and Facebook, albeit not for the locals but only the people visiting.

All details were uploaded by the local government website but were taken down after a day, leaving many unsure whether this suggestion was a rumor, online error, or actually a genuine proposal.

According to the South China Morning Post, the report is still in approval-process by the CCP-controlled state media, meaning there is still discussion/debate on it.

So while entire China may not get ease from the strict internet laws, you might have hope for Hainan. This just goes to show how China’s own online censorship is having a negative effect on the economy, especially in the tourism sector.

Best VPN for China Reddit Reviews (Is Reddit Blocked in China?)

You can find many threads on Reddit discussing the unfair policies of China concerning internet censorship.

Residents and people visiting the country are often contemplating about which VPN service to use for bypassing blocks to services like Google.

According to one user, China may also block access to VPNs by February 2018, but this news was disposed to be a rumor. Check out best reddit vpn for more VPN reviews and recommendations

Best VPN for China Reddit

If you are looking for advice regarding good VPN services to use in China, you can follow the thread below. As you can see, you will find many comments of users of different VPNs.

Their experiences with various providers can help you make an informed decision, regarding which provider you want to go with, based on the information we provided and you analyzed.

China VPN Reddit Reviews

Proxy vs. VPN – What’s the Best for China?

Proxy services use a server for routing your network traffic through its IP address. VPNs, on the other hand, use a more sophisticated mechanism.

In addition to shifting your location and masking your IP address, they also offer high-level encryption.

Best VPN Protocol to Use in China?

If you want to leverage exceptional security while in China, then you can only rely on the OpenVPN protocol, which comes equipped with AES 256-bit encryption keys, SHA512 authorization, and 2048-bit Key Encryption.

Some providers like NordVPN and ExpressVPN even go the extra mile in boosting the security by using 4096-bit Key Encryption instead.

As another option, you can even consider the L2TP/IPSec protocol, which offers more or less the same level of security.

People Also Ask

Below you can find a series of common questions, I get asked a lot regarding VPNs in China. So, I decided to list them down in a single location:

What is the best free VPN in China?

Finding a working VPN in China is a difficult task in itself. As such, don’t get fooled by free providers that claim to bypass the Great Firewall. They are not trustworthy!

Is Facebook still banned in China?

The Government of China decided to block Facebook in the early July of 2009, due to the Ürümqi riots, which ended up becoming a serious issue.

Those who were supporters of the Xinjiang Independence were found to use Facebook as part of their communications network.

Can You Get On Google in China?

Yes, you can definitely access Google and its services in China, despite them being blocked in the country. The only solution as mentioned in the blog is to use a VPN.

By masking your IP address and making it appear you are located in another country, you can easily bypass internet censorship.

Is Gmail Forbidden in China?

China has the world’s strongest internet censorship program. It blocks any and everything that provides access to foreign-based tech or information.

This includes Google and its services like Gmail. However, you can unblock the website by using a VPN service. For more information, you can read our blog here. Read more details about how to unblock Gmail in China

Can I use my Instagram in China?

Instagram is a fun platform for sharing photos about the latest happenings in your daily life. If you are just visiting China, you will find that the SM platform is blocked.

This means you will not be able to share pictures with your family members/friends. VPNs are the solution to unblocking Instagram.

What is Best VPN for Travel to China?

If you are traveling to China, then you probably know the importance of using a VPN. These handy tools are the only solution to reconnecting with your family/friends.

Some of the best providers include NordVPN, IPVanish, PrivateVPN, Ivacy, and PureVPN.

Do VPNs Work in China?

Though the Chinese Government has been taking strict action against VPN providers and users by removing apps from the local iTunes and Google Play Store and jailing citizens for simply unblocking websites, VPNs still work in China.

Yes, this does depend on the provider you choose, but most services offer a workaround to using VPN apps on their smartphones, desktops, and laptops.

Is Snapchat allowed in China?

Snapchat similar to all other social media apps like Instagram, Facebook, Twitter, YouTube, Blogspot, Flickr, Periscope, Tinder, and Google+ cannot be accessible if you are located in China.

The only workaround to using Snapchat in China and other apps is to unblock them via a powerful VPN service.

Is Netflix Available In China?

Though Netflix itself is not accessible within China, the top premium service did enter into a licensing deal with Baidu’s iQiyi – a famous video portal that enjoys more than 500 million monthly viewers.

Now users in China have the capability of watching some Netflix content via the iQiyi app.

Is Spotify banned in China?

Sadly, there is bad news here too. The Chinese Government takes its local reputation very seriously and always tries coming up with solutions that work for their own citizens only.

Subsequently, the Spotify app/website is not accessible within the country. You will have to use a VPN service to bypass the content-restriction.

Wrapping Things Up

Hosting the most powerful censorship regime in the world, China is a tough country to live in. Though there are alternatives to all websites/services blocked, it is highly irritating not being able to access the ones you actually want to.

This is where VPNs come in, providing a sigh of relief in a tough online climate. Use the recommended providers to regain control of the internet and bypass the Great Firewall in China.

I strive to be as accurate as possible with the complexities of the “Great Firewall” and China’s confused mindset concerning “dedicated lines”. Nevertheless, do feel free to give your own suggestions about best VPN for China or share your experience with any of the providers mentioned above.

Leave a Reply

Your email address will not be published. Required fields are marked *