BEIJING (Reuters) - In China, the plush international hotel lobby has been one of the few places to find gaps in the "Great Firewall", a sophisticated system that denies online users access to blocked content such as foreign news portals and social media platforms like Facebook FB.O and Twitter TWTR.N.

A man uses a phone outside the InterContinental hotel in Beijing district of Sanlitun, China, August 1, 2017. REUTERS/Thomas Peter

Now, though, that small crack in the system may be closing, too, as Beijing tightens control over what it sees as its domestic cyberspace, mimicking real-world border controls and subject to the same laws as sovereign states.

Regulators have warned firms providing internet networks for hotels to stop offering, or helping to install, virtual private networks (VPNs) into hotel systems - tools that allow users to evade, at least partially - China’s internet censors.

“We received notices recently from relevant (government) departments, so we don’t make recommendations anymore,” said a marketing manager at Chinese hotel network provider AMTT Digital, who is not named as he is not authorized to talk to the media. He added this was linked to increased government scrutiny over the use of unauthorized VPNs.

VPNs create a ‘tunnel’ through the Great Firewall allowing users to access blocked content outside China’s borders. Companies in China routinely use VPNs for their businesses, which Beijing has said are not currently under threat.

A notice from the Waldorf Astoria in Beijing, circulated online, said the hotel had stopped offering VPN services.

A Waldorf official declined to comment, but several staff said the hotel no longer offered VPN services. “(VPNs) don’t accord with Chinese law,” one staffer told Reuters. “So we don’t have this anymore.”

A leading internet network provider to hotels in China, AMTT Digital says it works with more than 30 global hotel chains including Marriott MAR.O, InterContinental IHG.L, Shangri-La 0069.HK, Wyndham WYN.N, Starwood and Hilton HLT.N.

Previously, the firm, which is backed by several funds including ones with government ties, would recommend “certified”, or government approved, VPNs, the manager said, which would then be incorporated into hotels’ internal networks.

“We would make recommendations of certified VPN providers and then incorporate them into the gateway so it runs smoothly,” he said. “But it is up to the hotel to decide if they want it.”

China’s Ministry of Information Industry and Technology (MIIT), which oversees regulation of VPNs, did not respond to requests for comment.

As it clamps down further on access to outlawed online content, Beijing has recently closed dozens of China-based VPNs, overseas providers have seen rolling attacks on their services, the WhatsApp encrypted messaging app was disrupted, and telecoms firms have been enlisted to extend China’s domestic internet control.

U.S. tech giant Apple Inc AAPL.O pulled dozens of VPN apps from its App Store in China at the weekend, drawing criticism from app providers who said it was bowing to pressure from Beijing’s cyber regulators.

“We’re in the middle of the storm right now with the government fiercely cracking down on VPNs,” said Lin Wei, a Beijing-based network security expert at Qihoo 360 Technology Co. “It’s really hard for ordinary people to find anywhere they can get on sites like Google.”

GOOGLE, BUT NO TWITTER

The ‘neutered’ hotel VPNs, which staff and analysts said were often installed with tacit approval from authorities, already underline sensitivities of even ceding small amounts of control.

President Xi Jinping has overseen a marked sharpening of China’s cyberspace controls, including tough new data surveillance and censorship rules. This push is now ramping up ahead of an expected consolidation of power at the Communist Party Congress this autumn.

Guests at the InterContinental hotel on the east side of Beijing can search on Alphabet Inc's GOOGL.O Google search engine or check their email on Gmail - a business need for many travelers, but both otherwise widely blocked in China.

But they can’t access Facebook, Twitter or YouTube, which are banned by the government.

China also routinely blocks sensitive content online such as searches for the 1989 Tiananmen Square protests or, more recently, coverage of imprisoned Nobel laureate Liu Xiaobo, who died from cancer last month. These topics are searchable, though, in China using a VPN connection.

Technical staff at five other hotels in Beijing, including Crowne Plaza, Hilton and Shangri-La, said guests could still access some blocked websites, though others were often still off-limits. Officials at the hotels declined to comment.

Other hotels Reuters spoke to said they did not offer VPN services because it did not accord with government rules.

“It’s a compromise the hotels are making,” said Lin, the network security expert. VPNs were not technically illegal, but were in a “grey area” and “for well-known reasons” authorities were cracking down on them.

Staff and guests at a number of hotels said some kind of VPN service was still on offer, either built into the hotel’s wifi network or on demand to guests who needed access.

Reuters visited the InterContinental and Crowne Plaza in Beijing, both owned by InterContinental Hotels Group, where Google and Gmail were unblocked. A worker at the Hilton Beijing hotel said the same sites should be accessible.

Officials at IHG and Hilton did not respond to requests for comment.

Some hotels went further.

A technician at the Pangu 7 Star Hotel in Beijing, owned by exiled tycoon Guo Wengui, said resident guests could get full internet access, including sites like Facebook and Twitter, through its VPN-enabled “Pangu global” wifi network.

“We have a special VPN to cross the Great Firewall,” the worker told Reuters. “But it’s a little bit slow.”

Reuters couldn’t reach Pangu officials for comment.