VPN blocking is a technique used to block the encrypted protocol tunneling communications methods used by virtual private network (VPN) systems. Often used by large organizations such as national governments or corporations, it can act as a tool for computer security or Internet censorship by preventing the use of VPNs to bypass network firewall systems.
Blocking VPN access can be done a few different ways. Ports that are used by common VPN tunneling protocols, such as PPTP or L2TP, to establish their connections and transfer data can be closed by system administrators to prevent their use on certain networks. Similarly, a service can prohibit access by blocking access from IP addresses and IP address ranges that are known to belong to VPN providers. Some governments have been known to block all access to overseas IP addresses, since VPN use can involve connecting to remote hosts that do not operate under that government's jurisdiction.
As organizations have ramped up efforts to block VPN access which bypasses their firewalls, VPN providers have responded by utilizing more sophisticated techniques to make their connections less conspicuous. For instance, as the Chinese government began using deep packet inspection to identify VPN protocols, the firm Golden Frog began scrambling OpenVPN packet metadata for its popular VyprVPN service in an attempt to avoid detection.
Chinese internet users started reporting unstable connections in May 2011 while using VPNs to connect to overseas websites and services such as the Apple App Store. Universities and businesses began issuing notices to stop using tools to circumvent the firewall.
In late 2012, companies providing VPN services claimed the Great Firewall of China became able to "learn, discover and block" the encrypted communications methods used by a number of different VPN systems.
In 2017, telecommunications carriers in China were instructed by the government to block individuals' use of VPNs by February 2018.
In 2022, the government of India stated VPN providers must log a variety of user data for a minimum of five years. Due to the new ruling, many VPN service providers removed their physical servers from India and instead operate virtual servers, allowing users to still connect to India locations but without falling under the jurisdiction of Indian law.
The government of Iran began blocking access to non-government sanctioned VPNs in March 2013, a few months prior to the 2013 elections, to "prosecute users who are violating state laws" and "take offenders to national courts under supervision of judiciary service". Use of VPNs approved by the government reportedly led to surveillance and inspection of private data.
In July 2017, the State Duma passed a bill requiring the Internet providers to block websites that offer VPNs, in order to prevent the spreading of "extremist materials" on the Internet. It is unclear exactly how Russia plans to implement the regulation; though it seems like both the Federal Security Service (FSB) and ISPs will be tasked with identifying and cracking down on VPNs. In November, 2017 BBC made it clear that Russia has not banned VPN usage entirely. VPN usage is only banned when attempting to access sites already blocked by Roskomnadzor or Russia's governing body for telecommunications and mass media communications. Using a VPN for business or personal reasons to access legal sites in Russia is permitted.
Russia has banned various VPN service providers in 2021 and forced Google to delist VPN websites even while Russians continue to download VPNs.
The government of Syria activated deep packet inspection after the uprising in 2011 in order to block VPN connections. The censorship targeted different VPN protocols like OpenVPN, L2TP and PPTP.
The government of Pakistan issued a notice to VPN providers to register their IPs, otherwise their VPN service will be blocked like in China.
In an attempt to curb the use of social media by its citizens, the government of Turkey has considered the complete ban of VPN apps. The Nationalist Movement Party proposed a bill covering such a ban in July 2020.
VPN blocking by online services
In an attempt to stop unauthorized access from users outside the US, Hulu began blocking users accessing the site from IP addresses linked to VPN services in April 2014. In doing so, however, the company also restricted access from legitimate U.S.-based users using VPNs for security reasons. VPN providers such as VikingVPN, NordVPN and TorGuard stated that they would seek ways to address this issue for their customers by speaking directly to Hulu about a resolution and rolling out more dedicated IP addresses, respectively.
Netflix came under pressure from major film studios in September 2014 to block VPN access, as up to 200,000 Australian subscribers were using Netflix despite it not being available yet in Australia. VPN access for Netflix has, like other streaming services, allowed users to view content more securely or while out of the country. Netflix users have also used VPNs as a means of bypassing throttling efforts made by service providers such as Verizon. It is also important to note that all VPNs might slow down internet connection when trying to stream Netflix; however, there are cases where using a VPN might improve connection if a user's ISP has been throttling Netflix traffic. As of June 2018, the Netflix VPN and proxy ban is still active. The CEO of Netflix, Reed Hastings made a comment in 2016 about the VPN market as a whole; “It’s a very small but quite vocal minority. It’s really inconsequential to us.”
The BBC started blocking users connecting via VPNs in October 2015. The BBC is able to detect VPN connections by monitoring the number of simultaneous connections coming from each IP address. If the number of connections from the same IP becomes abnormal the BBC will block future connections from the offending IP address.
BBC iPlayer remains unavailable to UK TV Licence holders connecting from other EU countries. The BBC said that it was "interested in being able to allow UK licence fee payers to access BBC iPlayer while they are on holiday, and welcome the European Union regulation to help make this feasible."
- ^ "VPN and Proxy Detection API". www.focsec.com. Retrieved 2021-05-01.
- ^ "IP2Proxy™ IP-ProxyType-Country Database [PX2]". www.ip2location.com. Retrieved 2016-06-12.
- ^ Lam, Oiwan. "China: Cracking down circumvention tools".
- ^ Toombs, Zach. "China's Censors Take on Virtual Private Networks". Retrieved 13 November 2014.
- ^ Arthur, Charles. "China cracks down on VPN use".
- ^ China Tells Carries to Block Access to Personal VPNs by February. Bloomberg. 2017-07-10
- ^ Singh, Manisha (17 June 2022). "Explainer: New VPN rules, why companies are upset and what they mean for you". Retrieved 16 August 2022.
- ^ Torbati, Yeganeh (2013-03-10). "Iran blocks use of tool to get around Internet filter". Reuters.
- ^ Shwayder, Maya (2013-03-11). "Cyber-Rebels See Way To Get Around Iran's VPN Internet Block".
- ^ Russian parliament bans use of proxy Internet services, VPNs. ABC.
- ^ "Russia: New Legislation Attacks Internet Anonymity". Human Rights Watch. 2017-08-01. Retrieved 2017-08-01.
- ^ "Explainer: What is Russia's new VPN law all about?". BBC News. 2017-11-01. Retrieved 2020-12-06.
- ^ Idrisova, Ksenia (2017-11-01). "What is Russia's new VPN law all about?". Retrieved 2019-05-13.
- ^ "Russians' demand for VPNs skyrockets after Meta block". Reuters. 2022-03-14. Retrieved 2022-04-07.
- ^ Forbes (2022-03-21). "Russia Forcing Google To Delist VPN Websites, But 400,000+ Russians Are Downloading VPNs Daily". Forbes. Retrieved 2022-04-10.
- ^ Kim, Kuinam J.; Chung, Kyung-Yong (2012-12-12). IT Convergence and Security 2012. Springer Science & Business Media. ISBN 9789400758605.
- ^ "Turkey plans to restrict social media and block VPN services". VanillaPlus. 2020-07-30. Retrieved 2020-10-19.
- ^ "Turkey's ruling coalition partner calls for block on VPN services ahead of vote on social media bill". Ahval. Retrieved 2020-10-19.
- ^ "Turkey plans to restrict social media and block VPN services". The EE. 2020-07-30. Retrieved 2020-10-19.
- ^ Van Der Sar, Ernesto. "Hulu Blocks VPN Users Over Piracy Concerns".
- ^ Maxwell, Andy. "VPN Users 'Pirating' Netflix Scare TV Networks".
- ^ "Canada Netflix users complain as access to U.S. service blocked". Reuters. 2016-04-20. Retrieved 2019-05-13.
- ^ Thomson, Iain (19 Oct 2015). "BBC shuts off iPlayer to UK VPNs, cutting access to overseas fans". www.theregister.co.uk. Retrieved 2019-05-13.
- ^ Smith, Mat. "Brits (still) can't stream BBC iPlayer abroad". Engadget. Retrieved 2019-05-13.
- ^ Sweney, Mark (2018-04-02). "From sofa to sunbed: holidaymakers can see British pay-TV abroad". The Guardian. ISSN 0261-3077. Retrieved 2019-05-13.