On August 20, 2025, China experienced a sudden disconnection from much of the global internet. The cause was not a natural disaster or widespread power failure but an abrupt block of TCP port 443, the default channel for HTTPS traffic. For about an hour, users across the country were unable to access most websites outside its borders, effectively cutting off secure communication with the rest of the world.
The disruption began around 00:34 Beijing time and continued until 01:48. According to reports from Great Firewall Report and later technical analysis, China’s filtering system injected forged TCP reset packets that terminated secure connections. This meant any attempt to connect to international websites using HTTPS failed instantly, while other ports such as 80 or 22 continued to work. The block was therefore not a full shutdown of the internet but a very targeted disruption aimed specifically at encrypted traffic.
Analysts examining the event found some unusual details. The injected reset packets did not resemble those typically associated with the Great Firewall’s known equipment. Instead of matching fingerprints from past disruptions, these packets displayed unique incremental window sizes, suggesting either the deployment of new censorship hardware or a serious misconfiguration in existing systems. Because of this anomaly, it is still unclear whether the outage was intentional or the result of a fault.
The impact, however, was immediate. Any service requiring secure communication with servers outside China was disrupted. International companies with operations in the country, from cloud platforms to automotive firms that rely on remote updates, faced outages. Domestically hosted services continued operating normally, but global platforms were inaccessible. This highlighted just how central encrypted traffic has become to both personal use and industrial systems.
Some observers have speculated that the block might have been a test of new censorship controls rather than an accident. The behavior was too specific and too cleanly isolated to port 443 to be dismissed easily. Yet without an official explanation, the true cause remains a mystery.
Events like this underline how fragile global connectivity can be when routed through centralized controls. By cutting off a single port, authorities managed to sever the majority of cross-border communication. For engineers, the lesson is clear: critical services should account for the possibility of sudden network interference. Monitoring from outside as well as inside affected regions, maintaining fallback systems, and diversifying traffic channels are all strategies that can help mitigate the risks posed by abrupt policy-level interruptions, as outlined by The Register.