Common Issues and Solutions

Based on thousands of tests, here are the most common issues affecting website accessibility from mainland China, organized by category with detailed explanations and actionable solutions.

Complete Blocking Issues

These issues completely prevent access to your website from China. They require immediate attention and often involve infrastructure changes.

1. Great Firewall Domain Blocking

Issue: Your domain is completely blocked at the DNS or IP level by China's internet filtering system.

How to Identify:

  • • DNS queries return NXDOMAIN or incorrect IPs
  • • All connection attempts timeout immediately
  • • Consistent failure across all Chinese DNS resolvers
  • • Error persists across different Chinese regions

Solutions:

  • • Register a China-specific domain (.cn, .com.cn)
  • • Move to a different top-level domain
  • • Contact Chinese hosting providers for domain consultation
  • • Implement geo-routing with a clean Chinese domain

2. IP Address Blocking

Issue: Your server's IP address range is blocked, even if DNS resolution succeeds.

How to Identify:

  • • DNS resolves correctly but connections timeout
  • • Different IPs for same domain work inconsistently
  • • Traceroute shows packets dropping at China border

Solutions:

  • • Change hosting providers or datacenter regions
  • • Use multiple IP addresses and implement failover
  • • Deploy to China-friendly cloud providers (AWS China, Alibaba Cloud)
  • • Consider using a reverse proxy in an accessible region
Loading performance issues...

Technical Configuration Issues

These issues stem from server misconfigurations or incompatibilities with Chinese internet infrastructure.

6. DNS Resolution Problems

Issue: Inconsistent or slow DNS resolution across Chinese DNS resolvers.

Common DNS Issues:

  • • DNS pollution: incorrect IP addresses returned
  • • Slow resolution times (>2 seconds)
  • • Inconsistent results across different resolvers
  • • DNSSEC validation failures

Technical Solutions:

  • • Use China-compatible DNS providers (Alibaba Cloud DNS, DNSPod)
  • • Implement DNS prefetching and preconnect hints
  • • Configure shorter TTL values for faster failover
  • • Set up health monitoring for DNS endpoints
  • • Consider anycast DNS for better performance

7. SSL/TLS Certificate Issues

Issue: TLS handshake failures, certificate trust problems, or compatibility issues with Chinese clients.

Certificate Problems:

  • • Certificates from untrusted CAs in China
  • • Expired or misconfigured certificates
  • • Weak cipher suites or outdated TLS versions
  • • SNI (Server Name Indication) filtering

Best Practices:

  • • Use certificates from globally trusted CAs (DigiCert, GlobalSign, Comodo)
  • • Implement TLS 1.3 with backwards compatibility
  • • Configure strong cipher suites compatible with Chinese browsers
  • • Enable OCSP stapling for faster validation
  • • Monitor certificate expiration and auto-renewal

8. HTTP/2 and Protocol Issues

Issue: Protocol incompatibilities or misconfigurations affecting connection establishment.

Protocol Considerations:

  • • HTTP/2 server push compatibility issues
  • • Incorrect ALPN negotiation
  • • IPv6 vs IPv4 routing preferences
  • • Keep-alive connection handling

Configuration Recommendations:

  • • Enable HTTP/2 with fallback to HTTP/1.1
  • • Configure appropriate connection timeouts
  • • Optimize server push policies
  • • Implement proper header compression

Regional and ISP-Specific Issues

These issues vary by location and internet service provider, requiring region-specific optimization strategies.

9. ISP Routing Variations

Issue: Different performance and accessibility across China's major ISPs.

Major Chinese ISPs:

  • • China Telecom: Best international connectivity, premium pricing
  • • China Unicom: Good performance in northern China
  • • China Mobile: Largest user base, variable international performance
  • • Regional ISPs: Highly variable performance and policies

Optimization Strategies:

  • • Test across multiple ISPs during development
  • • Implement multi-homing with different transit providers
  • • Use BGP optimization services
  • • Monitor ISP-specific performance metrics

10. Peak Hour Congestion

Issue: Severely degraded performance during Chinese internet peak hours.

Peak Hours in China:

  • • Evening: 7:00 PM - 11:00 PM China time
  • • Lunch break: 12:00 PM - 2:00 PM China time
  • • Major holidays and events

Mitigation Strategies:

  • • Implement adaptive bitrate for media content
  • • Use progressive loading techniques
  • • Cache critical resources locally
  • • Provide low-bandwidth alternatives
  • • Schedule intensive operations during off-peak hours

11. Mobile Network Considerations

Issue: Different behavior and performance on mobile networks vs fixed broadband.

Mobile-Specific Challenges:

  • • Carrier-grade NAT affecting some protocols
  • • More aggressive caching and compression
  • • Variable bandwidth and higher latency
  • • Different blocking policies than fixed broadband

Mobile Optimization:

  • • Implement responsive images with multiple sizes
  • • Use service workers for offline functionality
  • • Optimize for touch interfaces and small screens
  • • Test on popular Chinese mobile browsers (UC Browser, QQ Browser)