Disclosure: Top10VPN is editorially independent. We may earn commissions if you buy a VPN through links on our site.
The Great Firewall of China (GFW) blocks roughly 250,000 web domains, including 135 of the world’s top 1,000 websites. It’s the world’s most advanced internet censorship system.
Only the best VPNs for China can bypass the GFW and access the open internet. Chinese content filters block most VPN traffic, unless a VPN uses cutting-edge obfuscation technology to disguise its traffic.
The VPNs we recommend are verified to work reliably in Beijing, Shanghai, and elsewhere in mainland China. They unblock Google, Instagram, Twitter, and many other websites.
Based on encryption, obfuscation, and reliability, the best premium and free VPNs for China are:
We’re confident the VPNs above are the most effective and reliable to access the open internet in China. We run weekly tests using our Shanghai test server to verify which VPNs still work.
Why Trust Top10VPN.com?
We’ve spent thousands of hours testing and reviewing VPNs for China, using our China-specific testing methodology to recommend the most effective anti-censorship VPN software.
Below is an overview of our key China VPN testing data:
The table below compares the best VPNs for China based on their reliability in unblocking websites from mainland China. See which secure VPNs currently work in China, and which don’t.
We regularly collect this data testing VPN access from our test server in Shanghai.
The chart below summarizes how the VPNs we recommend for use in China perform in our key testing categories:
EXPERT ADVICE: Download your VPN before traveling to China. Most VPN websites are blocked in China, and safe-to-use VPN apps are banned from Chinese app stores.
The overall best VPN for China with 100% uptime and effective obfuscation.
Astrill VPN is absolutely the best VPN for China. During our testing over the past 12 months, it has never failed to bypass the Great Firewall and unblock international websites. It offers two stealth protocols, VPN servers in neighbouring countries like Hong Kong and Japan, and AES-256 encryption.
Special ‘SuperCharged’ servers are available to get the best speeds possible, and its logging policy is good enough to maintain your privacy. Overall, Astrill is the most consistent and reliable VPN that works in China.
| Works In China | Yes |
|---|---|
| Data Leaks | No |
| Logging Policy | Some User Logs |
| Cheapest Price | $10.00/mo over 12 Months See all plans |
| Jurisdiction | Seychelles (Privacy Haven) |
| Compatible with |
|
Astrill operates two stealth protocols that are both effective at bypassing Chinese web blocks. One of these obfuscation methods is a VPN protocol, the other is a proxy.
As a result of this, Astrill consistently outperforms all the other VPNs tested on our Shanghai server. Astrill has worked in China 100% of the times we’ve tested in the past 12 months, more than any other VPN.
Astrill also offers nearby servers in Asia, including Hong Kong, Japan, and South Korea. There are nearby servers on the US west coast too, including Los Angeles, San Francisco, and San Jose.
Its speeds are reasonably good, although they are slower than ExpressVPN. Speed does improve in China when you connect to servers labeled ‘SuperCharged’.
Astrill owns all its DNS servers, meaning there is no chance your traffic will be routed via less secure third-party servers. All connections are secured with AES-256 encryption.
If the VPN itself fails (which is unlikely to happen), Astrill offers a simple proxy which can get around the censors as a last resort.
Astrill does collect some logs including connection time, IP address, Device type, and VPN app version.
These are kept for the duration of your VPN session. Once the session is over, the connection logs are wiped.
You can use Astrill VPN on Microsoft Windows, macOS, iOS, and Android, but the mobile apps lack many of the advanced security features of the computer software. It doesn’t offer any browser extensions, either.
It’s more expensive than most competing VPNs and live chat doesn’t always work. You can’t access the Astrill free trial from China and there’s no refund policy, either, so make sure you want to commit to Astrill before buying.
Astrill comes with some drawbacks as a general VPN service, but it is unbeaten for reliable use in China.
Astrill VPN is not the most aesthetically pleasing app. It’s certainly not minimalist in its design and features. However, advanced users might appreciate the ability customize the experience.
The best free VPN for China, and the only free VPN that works reliably.
Windscribe Free is the only safe free VPN that works in China. It’s also one of the most consistent VPNs for China available – free or paid. Windscribe’s paid application also works, and both versions of the app offer strong security and a trustworthy logging policy.
The free version does come with a 10GB monthly data cap and restricted server choice, so you will have to limit your use of the VPN. Despite these limitations, its reliability makes it stand out as the best free VPN for China.
| Works In China | Yes |
|---|---|
| Data Leaks | No |
| Logging Policy | Anonymous Server Usage Data |
| Cheapest Price | Free |
| Jurisdiction | Canada (Five Eyes Member) |
| Compatible with |
|
Windscribe has two obfuscation protocols available: Stunnel (called “Stealth” in the app) and Wstunnel. Stunnel wraps OpenVPN traffic in TLS, whereas Wstunnel wraps it in WebSocket.
Both of these features make sure your VPN traffic blends in seamlessly with ordinary internet traffic.
Windscribe is the only free VPN we’ve seen that can offer consistent access to both UK Netflix and BBC iPlayer. This makes it a good option for streaming blocked TV shows and movies while you’re in China.
Finding a trustworthy free VPN that works in China is difficult. Our tests have found several unreliable or dangerous VPNs that work temporarily in China, but these VPNs are often incapable of actually protecting your data.
Based on our most recent tests, the best Windscribe server for China is the Hong Kong, Victoria server. This is available on both the free and premium version of the app.
During the last month, Windscribe has been 100% successful in bypassing China’s firewall using this server.
Windscribe’s stealth and obfuscation protocols aren’t available on iOS, so Windscribe Free is only a good option for Android, PC, and Mac users in China.
Just like every VPN app, you need to download Windscribe onto all of your devices before leaving for China, as the website is blocked within the country’s borders.
Windscribe’s desktop apps have a user-friendly interface. You can enable features and switch between protocols in seconds.
The best for ease-of-use, with China-optimized servers in North America.
VPN.ac is a less popular VPN service than others on this list, but our tests show it’s a particularly good choice when connecting from China.
The VPN’s simple applications, advanced obfuscation, and dedicated servers for China make it a strong alternative to the big-name VPNs.
| Works In China | Yes |
|---|---|
| Data Leaks | No |
| Logging Policy | No Logs |
| Cheapest Price | $3.75 over 24 months See all plans |
| Jurisdiction | Romania |
| Compatible with |
|
VPN.ac uses ‘China Optimized’ servers, which offer a strong connection between China and North America, Europe, and Asia.
Specialized servers are available in the following countries:
If you connect to one of these servers from China, they will automatically apply VPN.ac’s specialized obfuscation technology.
VPN.ac uses the OpenVPN XOR protocol with a TCP port 443 tunnel (the same port used by HTTPS traffic) to sneak traffic past China’s web censors.
Beating the censors in China is a constant game of cat and mouse – one which VPN.ac manages to regularly stay ahead of.
Testing using a server in Shanghai, VPN.ac has successfully bypassed Chinese filters over 80% of the time. West coast US connections are typically the most stable and reliable.
This makes VPN.ac a great choice for business travelers or tourists from the USA.
Giving users access to the wider internet from China is clearly a key part of VPN.ac’s product offering.
The status of its service in China is monitored on a dedicated ‘China Status’ webpage.
The VPN also offers its own detailed instructions for using the VPN in China.
VPN.ac does log a small amount of information, however this information is wiped daily.
The data the service logs includes: your originating IP address, the start and end time of the VPN connection, and the total amount of data transferred.
Overall, VPN.ac has clearly invested a lot into becoming one of the top VPN choices for China.
On long subscription plans the VPN represents good value, but cheaper VPNs like PrivateVPN are much more affordable on short, one-month plans.
VPN.ac is user-friendly and highly customizable. It’s China-optimized servers and protocols are easy to find and use.
The fastest VPN for China that works most of the time.
ExpressVPN was historically the top VPN for China. Though its ability to bypass China’s censorship has wavered in the past 12 months, recently its performance in our tests has been very strong.
It offers the best user experience and the fastest speeds when it works, but falls short of some competitors for reliability overcoming censorship.
| Works In China | Yes |
|---|---|
| Data Leaks | No |
| Logging Policy | Anonymous Server Usage Data |
| Cheapest Price | $6.67/mo over 15 Months See all plans |
| Jurisdiction | British Virgin Islands (Privacy Haven) |
| Compatible with |
|
ExpressVPN uses advanced obfuscation technology to create one of the most seamless experiences we’ve seen from a China VPN. Thanks to this feature, using ExpressVPN in China is very similar to using it anywhere else in the world, with the same extensive suite of features.
ExpressVPN usually connects from China without any issues, and you can connect to the global internet with a single click.
Just be sure to set the VPN protocol to ‘Automatic’ before you connect.
Our testing methodology doesn’t allow us to record specific comparisons for speed in China. However, based on human experience, ExpressVPN is typically the fastest VPN in China compared to its main rivals.
Its server network is extensive and there are even specific servers recommended for China. Simply get in touch with the 24/7 live chat support to find out which servers it recommends, as they change regularly.
There are VPN applications for all popular devices including Windows, Mac, iPhone, Android, and Fire TV. These are all very easy to set up and use.
ExpressVPN also comes with SmartDNS technology called MediaStreamer. This is ideal for Apple TV and games console users.
The VPN doesn’t collect any activity logs, and our testing has never measured a single IP, DNS, or WebRTC leak. This means there is much less risk of ExpressVPN being compromised or identified by Chinese censors.
ExpressVPN also comes with a 30-day money-back guarantee. If you’re unhappy with the software, tell the customer support team within the first 30 days and you’ll be refunded, no-questions-asked.
If you’re in China, or planning on travelling there, ExpressVPN is a good choice. It’s fast, safe, and highly secure, but it won’t work in China as consistently as Astrill VPN.
ExpressVPN’ apps are very intuitive and easy to use. To get started, simply choose your subscription plan, create an account, and pay. There’s fourteen different payment methods to choose from, including Alipay, UnionPay and PayPal.
The cheapest VPN for China, with an effective Stealth VPN protocol.
PrivateVPN costs just $1.98 per month on its longest subscription, making it the cheapest VPN that still works in China. It doesn’t have a large server network, but you can connect to fast VPN servers in Hong Kong, Japan, Taiwan, and South Korea. These will give you reliable connection speeds out of China.
| Works In China | Yes |
|---|---|
| Data Leaks | No |
| Logging Policy | No Logs |
| Cheapest Price | $2.00/mo over 3 years See all plans |
| Jurisdiction | Sweden (14-Eyes Member) |
| Compatible with |
|
PrivateVPN offers a stealth VPN protocol called ‘Stealth VPN’. This protocol consistently works to bypass Chinese web censors. It also has essential security features like a VPN kill switch and AES-256 encryption.
It doesn’t leak IP or DNS data, and our testing has found that its obfuscation works in China every single time, although you may sometimes need to try a few different servers.
Its strict no-logs policy means that PrivateVPN doesn’t track or collect any of your internet data. This is good anywhere, but particularly good when accessing the internet from regions with strict governments like China.
PrivateVPN’s applications have been recently updated. The new version makes it extremely easy and intuitive to select and activate stealth VPN. There isn’t any manual setup or advanced configuration involved.
Connecting in China is really easy, too. We have more detailed instructions below, but most of the time you only need to press the connect button and the app will automatically work to access the global internet.
PrivateVPN has recently reintroduced a seven-day free trial alongside the 31-day refund period, which means you can try it out for a whole month and get your money back if the VPN doesn’t work.
With the exception of Windscribe Free, PrivateVPN is the cheapest VPN that works in China, and it’s even good value on short one-month subscriptions. This makes it a great choice if you intend to be in China for a short time and don’t want to commit to a longer subscription.
Make sure to download and install PrivateVPN before entering China because PrivateVPN’s website is blocked by the Great Firewall.
We test for a number of key decision-making factors when testing the safest and most reliable VPNs for China.
For China specifically, we test for:
Here’s a breakdown of exactly what we test for when recommending VPNs for China, along with how much of the overall rating each category makes up:
Minimum Requirement: Over 50% reliability in China.
We Recommend: Over 80% reliability in China.
The most important test for a VPN in China is whether it can bypass the Great Firewall (GFW), a name given to China’s web censorship infrastructure.
We operate a virtual Windows 10 PC installed on a server near Shanghai to determine whether or not a VPN actually works in China.
When testing a VPN, we attempt to connect to a server outside of mainland China using every available protocol on a variety of servers.
As part of this process, we also follow any additional instructions from the VPN itself, including downloading special versions of its apps.
We collect this data once a week for 15 popular VPN services and use it to track the percentage reliability over the last three and 12 months.
We believe this is the most accurate way to predict the long term performance of a VPN in China from outside the country.
The percentage uptime of each VPN over the last 12 months is what determines its rating in this category. For example, if it has worked 82% of the time, it will get a rating of 8.2/10.
Because we connect remotely from outside of China, our connection speeds are throttled. As such, we cannot accurately analyze other performance data, like upload and download speeds or latency.
Minimum Requirement: Includes an option for active obfuscation.
We Recommend: OpenVPN XOR or Stunnel functionality.
While test results are the absolute indicator of whether or not a VPN works in China, obfuscation technology can also give you some idea of whether or not it is likely to work.
OpenVPN Stunnel and XOR are both effective options we reward. Many VPN services also offer their own proprietary obfuscation protocols.
We also test for the ability to actively toggle obfuscation as a factor for VPNs in any censored country.
Minimum Requirement: A clear privacy policy with only anonymised logs.
We Recommend: A strict zero-logs policy.
Logging is an important indicator of a truly private VPN.
In China, where using unauthorized VPNs is banned, it’s important your service doesn’t log your connections in the country.
We don’t recommend any VPN that keeps activity records in China, or has ties to domestic businesses or the government.
Minimum Requirement: Download speeds over 40Mbps on connections to nearby countries.
We Recommend: 60Mbps or faster on long-distance connections.
Speed is also an important component of choosing a VPN for China, as speeds in and out of the country are bottlenecked and can be very slow.
As we cannot test speeds in China directly, speeds in nearby countries (ideally Hong Kong, but also other countries in East Asia) are taken as an indicator of performance.
Minimum Requirement: Obfuscated servers in Asia or the USA’s west coast.
We Recommend: Obfuscated servers in both Asia and the USA’s west coast.
Having nearby servers is a good indicator of the quality of performance you can expect from a VPN in China.
Servers in nearby Asian countries, especially in Hong Kong, are generally the best choice for speed. We also test servers in Singapore, Japan, Thailand, Korea, Vietnam and more.
Servers on the US west coast can also deliver good speeds from China. They’re also ideal for accessing US streaming services.
The majority of VPN apps do not work in China. This includes some of the best and most popular VPNs.
China actively tries to identify and block unofficial VPN connections. For VPN to work in China, it needs to have obfuscation tools or stealth protocols as a minimum.
Most of the VPNs that do work in China put a significant amount of work and investment into beating the censors.
Here are some popular VPNs that do not work in China:
The Great Firewall of China (GFW) is a nickname given to China’s internet censorship system, which functions through legislation and internet filtering technologies.
Since 2003, the GFW has given Chinese authorities the power to monitor and restrict internet access in mainland China (Hong Kong and Macau are exempt).
The Great Firewall regulates and censors the internet by limiting, slowing, or completely blocking access to specific websites, applications and web services.
Unlike the online censorship in some other countries, China’s Great Firewall has been around since the origins of the internet. As a result, it is built into the basic internet infrastructure of the country.
The Great Firewall uses a combination of five methods to block websites and apps:
The GFW doesn’t operate in a single or straightforward way, and the Chinese Communist Party (China’s ruling political party) maintains a high degree of secrecy about how its censorship functions.
From the outside looking in, these are some of the common methods used by the Great Firewall to block websites and services.
By combining these technologies and constantly upgrading its methods and infrastructure, China has managed to build the most effective and dynamic system of online censorship in the world.
Here’s a more detailed explanation the five methods used to block or censor content in China:
China builds a blacklist of IP addresses which correspond to banned websites. If it sees you are trying to connect to these IP addresses, your traffic will simply be blocked.
If an IP address associated with a non-approved VPN are discovered, it is blocked too.
When you connect to a website, the Domain Name System (DNS) is used to establish a connection between your device and the website’s IP address.
China can set DNS servers up to give faulty information for some DNS requests, which will prevent you from establishing a connection with the website.
As well as blocking specific IP addresses, the GFW scans URLs for sensitive keywords. This means you may be able to access one part of a website, but not the pages that refer to content that the government would rather keep you from seeing.
The Great Firewall can look through blocks of unencrypted data to identify flagged keywords using a process known as ‘deep packet inspection’. It can then stop any unwanted packets from being transmitted.
After identifying an unwanted connection, China can inject reset packets, to break the connection between you and the website you are visiting for a period of time.
Much of the censorship carried out as part of the Great Firewall isn’t automated. The government hires staff specifically to scan the internet for content to add to its blacklist.
China’s Great Firewall actively blocks VPN connections, but it cannot block every VPN.
The Chinese government has been blocking VPNs to some degree since 2011, but this process has intensified since 2017 and early 2018.
During that time, the Chinese government ordered the Apple App Store to remove all VPN applications and threatened to block all VPN services that were not government-approved.
While it wasn’t successful in blocking all VPN services, many popular services are now unusable.
Even the VPNs with the most effective obfuscation tools occasionally fall victim to the Great Firewall’s censorship.
During times of political unrest, or on significant anniversaries such as June 4, the Chinese government cracks down on VPNs more intensely. Connecting to a VPN server will be harder, but the best VPNs usually find a solution reasonably quickly.
VPN services encrypt your internet traffic so the Great Firewall can’t see what you’re trying to access online.
The encrypted traffic is routed to a VPN server in another country before going to the website or service that you want to access. This hides the destination of the internet traffic from the Great Firewall, too.
The Chinese censors have learnt to identify some VPN connections.
Using Deep Packet Inspection, the censors can see certain indicators of VPN traffic, such as characteristics of particular VPN protocols.
As a result, the most reliable VPNs for China now use obfuscation technology to scramble VPN traffic and make it look like normal HTTPS internet traffic. This helps the data to go undetected.
PrivateVPN uses obfuscation to unblock YouTube in China.
Even with obfuscation, the Great Firewall still successfully blocks some VPN servers by blacklisting associated IP address ranges.
This means that one day a VPN server might work, and the next day it won’t. Some trial and error might be required when this happens.
VPN Obfuscation technology disguises your VPN traffic so it blends in with other forms of online traffic. Normal VPN encryption stops observers from reading your traffic, but obfuscation stops them from knowing it is VPN traffic at all.
A VPN that offers obfuscation technology will allow you to select an obfuscation protocol from the settings menu.
Without obfuscation, the Chinese Firewall will detect VPN traffic (through deep packet inspection) and block it.
VPN services use protocol obfuscation methods to scramble VPN data and mask it as regular HTTPS web traffic.
The two most common ways to obfuscate VPN traffic are:
Sometimes obfuscation protocols are also called ‘stealth’ or ‘camouflage’ protocols. All of the recommended VPNs above use obfuscation protocols.
Many popular websites and apps in the world are blocked in China. However, this censorship varies from day to day and region to region.
The Google Play Store isn’t available at all in China, and Apple’s App Store complies with Chinese laws. This means it’s highly restricted and does not offer VPN applications.
You can use greatfire.org and GFWatch to check if specific websites are blocked.
Some of the most popular websites and services unavailable in China include:
Many VPN websites and applications are also blocked in China, which is why it’s important to set up your VPN apps before you travel.
If you’re using an Android device, you can download APK files directly from some VPN websites – although they too may be blocked.
ExpressVPN offers an APK file for direct installation.
Be wary of downloading this type of file from third-party websites, though, as they can be infected with malware.
The Great Firewall can also block access to anything that requires access to the internet. This includes email (if you use Gmail) and blacklisted mobile apps.
If your mobile app needs to connect to a blocked site or service to operate, it won’t work in China.
Only government-approved VPNs are legal in China. All VPN services must be officially sanctioned by the Chinese Communist Party (CCP) before being given permission to operate.
To receive this permission, VPN services must agree to conditions such as data logging and sharing data with local authorities, making the VPN useless from a privacy perspective.
Using an unauthorized VPN can technically result in fines of up to 15,000 yuan (approximately $2,200). However, there are very few instances of VPN users actually being charged or fined –particularly foreigners.
If you choose a legitimate, secure, and safe VPN for China it’s highly unlikely that authorities will be able to identify your VPN traffic. If they do, it’s very unlikely you’ll get into trouble for using it.
It’s important not to use an unsafe VPN with poor encryption and weak security. These VPNs are likely to leave your activity exposed. For example, the popular Hola VPN is unsafe to use in China.
The best free VPN that works in China is Windscribe Free. It’s one of the only safe free VPNs that currently works in China. Another is PrivadoVPN.
Generally, it’s not recommended to use free VPNs in China. They are unlikely to work, and free VPNs usually come with considerable risks to your privacy and security.
The free version of Windscribe is easily the best free VPN available, and has worked 89.29% of the time over the past 12 months.
To learn more about what makes Windscribe Free the best option, read the full Windscribe review.
If you want to use a VPN to access Chinese websites and services, there are a few VPN services with virtual server locations that will give you a Chinese IP address. These include PureVPN, Ivacy, HideMyAss, and Hotspot Shield.
These VPN servers are not physically located in China, but they will assign you a Chinese IP address. This will make it seem as if you’re located in mainland China.
To get a Chinese IP address using a VPN, simply select the ‘China’ server and click connect.
You can check that you have a Chinese IP address using our IPv4/IPv6 address info tool.
You can use Hotspot Shield to connect to a Chinese VPN server.
By using a VPN to connect into China, you will be able to access popular Chinese streaming websites such as Youku, Tudou, and Sohu Video.
Unlike the internet in other countries, there are very few exit or entry points to the Chinese internet. This means local connections are much faster than international ones.
If you’re in China and you’re connecting to websites or services outside of China, your internet speeds are likely to be much slower.
Most VPN services slow your internet speeds to some degree due to the data cost of encryption and how traffic is relayed via the VPN server. However, the fastest VPNs will only impact your speeds by about 5-10% if you connect to a nearby server.
The obfuscation technology necessary for VPNs to work in China will also slow your speeds slightly, making Chinese VPN connections a little slower than regular VPN connections outside of China.
You can get the best possible speeds by connecting to the closest possible VPN server. These are usually found in Hong Kong or Singapore. This isn’t always the case, though – you may need to experiment to find the fastest server for you.
There are other circumvention tools that can unblock websites and apps in China, but they’re usually not as effective as VPNs.
Most VPN alternatives don’t protect your privacy and aren’t guaranteed to work.
Here’s a list of five circumvention tools that can work in China:
China also actively blocks access to Tor, which means you have to configure the browser’s advanced settings and use bridges to unblock websites. There is a good chance that you simply won’t be able to get it working, though.
Many of the sites blocked in China are social media websites. This means you also won’t be able to access these services from mobile apps without a VPN.
Blocked social media sites include:
Some social media sites aren’t blocked in China, though. You can still access:
Github is also available in China, and has previously been used as a platform for dissent and sending messages to the wider internet.
