SlideShare a Scribd company logo

Navigating the censored web wcto

Download as PPTX, PDF
W
wcto2017

This document discusses navigating the censored web and how WordPress sites can be blocked globally. It provides examples of how different countries like China, Russia, Turkey, Iran, and South Korea censor the internet by blocking sites outright, forcing data localization, using DDoS attacks, and DNS poisoning. Common reasons WordPress sites are blocked include political dissent, terrorism, religious content, and anti-government memes. The document offers tips for designing WordPress sites to avoid censorship, such as using SSL and global CDNs, and what to do if a site becomes blocked, such as moving hosting locations or checking if the domain or IP is blocked. It concludes by considering issues like internet sovereignty and walled gardens that may impact internet

Related slideshows

Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and Frankenstein
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
 
Building An Awesome Company Culture with WordPress
Building An Awesome Company Culture with WordPressBuilding An Awesome Company Culture with WordPress
Building An Awesome Company Culture with WordPress
 
1 of 44
Navigating the censored web wcto
Navigating the Censored Web WordCamp Toronto - 2017 John P. Gamboa Technical Success Manager, WP Engine @jgamboa
Shanghai, China
CROP IMAGE TO GRAY BOX
Navigating the censored web wcto
Navigating the censored web wcto
Navigating the censored web wcto
Blocked in China
Navigating the censored web wcto
Navigating the censored web wcto
Navigating the censored web wcto
UNTIL...
April 12, 2012
CROP IMAGE TO GRAY BOX
China HTTP Traffic to Cloudflare April 12, 2012
Navigating the censored web wcto
Navigating the censored web wcto
Navigating the censored web wcto
● How do we reach as many people as possible on a censored Internet? ● Can WordPress do this? ● How do we make a WordPress site so that it can’t be blocked? ● What can we do if the site gets blocked?
You are not operating on a level playing field
Freedom on the Net Report 2016
Is WordPress the right tool in a closed network?
👍 🏽
“WordPress is used by 59.4% of all the websites whose content management system we know. This is 28.5% of all websites.”
Internet Sovereignty Internet management, network infrastructure, surveillance and content restrictions are the sovereign right of nation-states. The Internet follows terrestrial boundaries and borders.
Ideas on Internet Sovereignty are quickly being adopted by countries that are known to be “enemies of Internet” to legitimize censorship of all speech
How are WordPress sites censored globally?
Blocking Sites Outright - Iran: SmartFilter - Russia: Roskomnadzor, government agency - China: “Golden Shield Project,” aka Great Firewall of China - Turkey: Judicial blocks based on political needs
Forced Data Localization - Russia requires local registration of bloggers with more than 3,000 followers - Apple removed VPN software in the Chinese app store - China - Germany - India - Indonesia - Kazakhstan - South Korea - Nigera - Russia - Turkey - Vietnam
DDoS For Hire - WP Engine customer based out of Phillipines often the target of Chinese DDoS. Likely for criticizing Duterte government. - /wp-login.php is a ripe location for lazy script kiddies triying to get into to sites to deface and take down content.
DNS Poisoning
SSL - Very important for security and SEO - Emerging Internet markets have lower adoption - Entire sites are more likely to be blocked
Why do WordPress sites get blocked?
South Korea
Turkey - Political Dissent - Terrorism - Religious Protection - Kurdish Independence
Russia - Memes - “Protection of children” - Anti-Putin - Crimea Annexation
China - All content CCP can’t control or influence is blocked - Allows for compliant local variations of social media sites - River Crabs (河蟹), 50 Centers (五毛) and Big Mamas (大妈)
Blocked in China
Designing around censorship - Know if your plugins communicate externally - Ie: Jetpack - Decide if hosting overseas or registering in-country - Run tests around the world: Geopeeker.com - Full SSL could result in full site censorship - PHP 7 is a must - External advertising services and APIs - Consider global CDNs
How do I know if my site is blocked? - Greatfire.org 🇨🇳 - BlockedinIran.org 🇮🇷 - Rublacklist.net 🇷🇺 - CloudMonitor.CA.com 🌍 - Engelliweb.org 🇹🇷
Navigating the censored web wcto
What do I do if my site is blocked? - Check if recourse is available - Move to a new server - Decide on hosting in- country or overseas - Check for noisy neighbors - Check if your domain or IP is blocked - There may be nothing you can do
- Net Neutrality - Walled Gardens/Closed Networks - Continued push for Internet Sovereignty What does the future hold?
John P. Gamboa @jgamboa jpgamboa.com Q&A

More Related Content

Navigating the censored web wcto

  • 2. Navigating the Censored Web WordCamp Toronto - 2017 John P. Gamboa Technical Success Manager, WP Engine @jgamboa
  • 15. China HTTP Traffic to Cloudflare April 12, 2012
  • 19. ● How do we reach as many people as possible on a censored Internet? ● Can WordPress do this? ● How do we make a WordPress site so that it can’t be blocked? ● What can we do if the site gets blocked?
  • 20. You are not operating on a level playing field
  • 21. Freedom on the Net Report 2016
  • 22. Is WordPress the right tool in a closed network?
  • 24. “WordPress is used by 59.4% of all the websites whose content management system we know. This is 28.5% of all websites.”
  • 25. Internet Sovereignty Internet management, network infrastructure, surveillance and content restrictions are the sovereign right of nation-states. The Internet follows terrestrial boundaries and borders.
  • 26. Ideas on Internet Sovereignty are quickly being adopted by countries that are known to be “enemies of Internet” to legitimize censorship of all speech
  • 27. How are WordPress sites censored globally?
  • 28. Blocking Sites Outright - Iran: SmartFilter - Russia: Roskomnadzor, government agency - China: “Golden Shield Project,” aka Great Firewall of China - Turkey: Judicial blocks based on political needs
  • 29. Forced Data Localization - Russia requires local registration of bloggers with more than 3,000 followers - Apple removed VPN software in the Chinese app store - China - Germany - India - Indonesia - Kazakhstan - South Korea - Nigera - Russia - Turkey - Vietnam
  • 30. DDoS For Hire - WP Engine customer based out of Phillipines often the target of Chinese DDoS. Likely for criticizing Duterte government. - /wp-login.php is a ripe location for lazy script kiddies triying to get into to sites to deface and take down content.
  • 32. SSL - Very important for security and SEO - Emerging Internet markets have lower adoption - Entire sites are more likely to be blocked
  • 33. Why do WordPress sites get blocked?
  • 35. Turkey - Political Dissent - Terrorism - Religious Protection - Kurdish Independence
  • 36. Russia - Memes - “Protection of children” - Anti-Putin - Crimea Annexation
  • 37. China - All content CCP can’t control or influence is blocked - Allows for compliant local variations of social media sites - River Crabs (河蟹), 50 Centers (五毛) and Big Mamas (大妈)
  • 39. Designing around censorship - Know if your plugins communicate externally - Ie: Jetpack - Decide if hosting overseas or registering in-country - Run tests around the world: Geopeeker.com - Full SSL could result in full site censorship - PHP 7 is a must - External advertising services and APIs - Consider global CDNs
  • 40. How do I know if my site is blocked? - Greatfire.org 🇨🇳 - BlockedinIran.org 🇮🇷 - Rublacklist.net 🇷🇺 - CloudMonitor.CA.com 🌍 - Engelliweb.org 🇹🇷
  • 42. What do I do if my site is blocked? - Check if recourse is available - Move to a new server - Decide on hosting in- country or overseas - Check for noisy neighbors - Check if your domain or IP is blocked - There may be nothing you can do
  • 43. - Net Neutrality - Walled Gardens/Closed Networks - Continued push for Internet Sovereignty What does the future hold?

Editor's Notes

  1. The first thing they think of smog: like this photo from my apartment.
  2. 2. They think of the great firewall
  3. This is when I realized that the Great Firewall wasn’t quite like your corporate work network that stops you from wasting company hours on Facebook. This was much of complex than that. Since then, I’ve spent a lot of my free time reading and learning about the Great Firewall, and understanding how it affects business, privacy and the global security of the web. I won’t be able to talk about everything I want to, but this is going to be a start.
  4. When I was working on that Shanghai Beer Week project in China, there were a few concerns the site owner had about building a site in a closed network. As such, we had to understand the limitations of the environment we were working in. Censorship in China was pervasive, and you had to know the rules of the game. One of the first rules I learned was:
  5. In almost all the of the countries I’ve listed, WordPress.org, the website used to acquire the open source WordPress software itself, is not blocked. This is great news for those that are self-hosting their sites in countries that have issues with Internet censorship.
  6. Because WordPress now powers 28% of the entire web, it would be an economic barrier from allowing people to use WordPress itself. It’s just a tool in this situation.
  7. To understand the limitations we first have to figure out why there are limitations to hosting on WordPress in the first place. The best way to understand internet censorship and WordPress is to understand Internet Sovereignty. The idea that your country’s internet works the same way as your local laws is antithetical to the purpose of the internet, but is also the basis for almost all types of Internet Censorship.
  8. Any rationale a country gives for blocking internet content in their country is wrapped up into the idea that it’s sovereign right to do so. So, the question becomes:
  9. Iran: US corporate management software used to block websites for the whole country Russia: Blocks sites based on complaints and broad legal precedent. Fairly transparent but bad for shared IP customers China: A complex system of DNS injections, IP & domain blocks, local content management and legislation
  10. Some Walled Gardens provide unequal access. Internet “Fast Lane” for preferred web services. Think: Free Spotify for T-Mobile