Featured image of post School Firewall

School Firewall

This article was originally published on Bailanyuan in October and has been revised and reposted here.

Today, a small issue kept me busy for several hours, and I strongly suspect that the school’s firewall is to blame.

Here’s what happened:

I have several sub-sites installed on one of my VPSs, running platforms including but not limited to phpwind, WordPress, Drupal, Joomla, etc. I remember that there were no issues for the past few months, but today, when I tried to create a new page on one of the sites and input the code for a Google Gadget, the page was immediately reset, meaning the connection to the server was lost, displaying an inability to connect, just like Twitter and other sites blocked by the GFW.

At first, I thought there might be an issue with the website’s backend configuration. I spent an hour or two tinkering with it, only to conclude that none of the websites on that VPS could add such gadgets.

This led me to wonder if Apache had some restrictions. So, I switched to another host for testing: still, no gadget code (HTML code) could be added.

At this point, common sense told me, could it be that the Google Gadgets site, gmodules.com, was blocked?

Unfortunately, the same test on a WordPress platform I set up locally with XAMPP did not have this issue.

Very perplexing…

Next, I tested other codes, such as Baidu Maps API, Google Reader shared items, etc., and found that as soon as I filled in the code and clicked the submit button, the connection would immediately reset…

After dinner, by evening, I finally began to suspect the campus network or the campus network router.

First, I used SSH and other proxy software to open the webpage and upload the code. Without any surprise, the code executed successfully on the page. Then, I asked a classmate on the campus network to assist remotely, and found that he also couldn’t upload the code on his computer; submitting the code would cause the page to reset.

Later, after detailed testing, I discovered that in HTML mode, inputting code containing <script src=""></script> or <script type="text/javascript" src=""></script> and submitting it would cause the page to reset, regardless of what link was in the SRC, or even just the code snippet itself would trigger this.

I have no doubt that the school’s firewall has set up some “sensitive word” filtering, which triggers a network disconnect once activated. But as for why even HTML client-side scripts are included in this filtering, it’s truly baffling!

Firewall Campus Network University Technology
All textual works on this website are protected by copyright, and the authors reserve all rights. The photos on this website, unless specifically stated, licensed under the CC BY-NC-ND 4.0 license.
© 2008 - 2025 by Lawtee, All Rights Reserved.
Built with Hugo, Powered by Github.
Total Posts: 317, Total Words: 415716.
本站已加入BLOGS·CN