GFW-knocker
commented
1 year ago @free-the-internet
-
you can use whatever port you want (set my_PORT =...)
-
we use 80 because we need to mimic identical behavior of typical webserver
-
if you open port like 32345 , GFW block you because its not normal to service on this port for a legitimate webserver.
-
traffic is encrypted by xray (if you concern security)
-
the header is obvious to GFW , yes , we set it to ftp.mozilla.org to cheat GFW that we are ftp server , so it allow us to continue.
-
if any other protocol like TLS works and ip didnt blocked , then you dont need this "http proxy"
-
you have no problem if you use TLS on your private vps , problem start when you service 10+ users with high traffic
-
ok i upload some more help about type of connection vmess+tcp+http camouflage
-
not sure if its best technology . still is in progress.
free-the-internet
As you are using port 80, any encrypted traffic will be observed by the adversary and based on the randomness of data or entropy they can detect the proxy tunnel traffic and then ban it. Also, the headers and all the details in the HTTP packet is obvious to the censor. These data cant be used by the censor? In any case, TLS based proxy is more promising to use in encrypted ports (443, etc) even if they are throttled.
Could you please tell more about the settings and technologies that your setup is using? Do you use any xray/v2ray technology like trojan/vless/vmess? (you are showing some settings, but it is not complete as it just shows TCP)